Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

High Ram. Keeps shutting down. Removed some adware but still remains.


  • This topic is locked This topic is locked
3 replies to this topic

#1 PDL4

PDL4

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 03 November 2016 - 10:39 AM

High Ram
Keeps shutting down
Ran MWB
ESET removed tracking cookies and 1 critical)
Svchost (Found 24 and can't access 7 even if run program as admin.
SVCHOST.EXE is in system32 and syswow folder.
 
Keep getting 524 error on this site when I try upload. 
 
So I tried 5 times the way guide showed, but it only worked when I attached the documents and then edited the post and pasted First.txt
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
Ran by Yv (administrator) on YD (03-11-2016 14:58:12)
Running from C:\Users\Yv\Downloads
Loaded Profiles: Yv & DefaultAppPool (Available Profiles: Yv & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
Failed to access process -> chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Update\GoogleUpdate.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Neuber Software) C:\Users\Yv\Downloads\SvchostAnalyzer.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [144184 2016-10-11] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\...\Run: [Google Update] => C:\Users\Yv\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-23] (Google Inc.)
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-04-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-1860957307-1508966803-2314426021-1000] => http=127.0.0.1:8888;https=127.0.0.1:8888
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{830c18ba-a3af-47c8-a611-a5adec5fe440}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{93d77adb-58f6-46a7-8a18-06770ee831c5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{93d77adb-58f6-46a7-8a18-06770ee831c5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
 
Internet Explorer:
==================
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> {7804BAF9-5087-4EBF-8351-6248946CEED7} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&intl=uk&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> {C072E6BD-0920-4B6C-9BFC-8AAF6E080D5F} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> {F8E60968-C644-42D6-A4DA-DE2781555B1B} URL = hxxp://rover.ebay.com/rover/1//4?satitle={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Yv\AppData\Roaming\Mozilla\Firefox\Profiles\153bo5zd.default-1478084083022 [2016-11-03]
FF Extension: (Adblock Plus) - C:\Users\Yv\AppData\Roaming\Mozilla\Firefox\Profiles\153bo5zd.default-1478084083022\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 => not found
FF HKU\S-1-5-21-1860957307-1508966803-2314426021-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-27] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-08] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1860957307-1508966803-2314426021-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Yv\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-06] (Citrix Online)
FF Plugin HKU\S-1-5-21-1860957307-1508966803-2314426021-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Yv\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1860957307-1508966803-2314426021-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Yv\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://en.eazel.com?id=EC71963C3D464B4CA759647F9BCAB806&oid=14
CHR StartupUrls: Default -> "hxxp://www.google.ie/"
CHR Plugin: (Native Client) - C:\Users\Yv\AppData\Local\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Yv\AppData\Local\Google\Chrome\Application\54.0.2840.71\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Yv\AppData\Local\Google\Chrome\Application\54.0.2840.71\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Yv\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Google Update) - C:\Users\Yv\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll => No File
CHR Profile: C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default [2016-11-03]
CHR Extension: (SEOquake) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-11-02]
CHR Extension: (YouTube) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-07]
CHR Extension: (Adblock Plus) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Google Search) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (HTTPS Everywhere) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-10-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2016-10-28]
CHR Extension: (Scraper) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2016-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-26]
CHR Extension: (Gmail) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Yv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
StartMenuInternet: Google Chrome - C:\Users\Yv\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2815520 2016-10-11] (ESET)
S2 HitmanPro37CrusaderBoot; C:\Users\Yv\Downloads\HitmanPro_x64.exe [11579432 2016-11-02] (SurfRight B.V.)
R4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
R4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4087568 2016-10-11] (Check Point Software Technologies Ltd.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{BA157B20-44AF-554D-AA16-2B2579318D14}\YSearchUtilSvc.exe [182736 2016-10-07] (Yahoo Inc.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-10-06] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [796472 2016-10-11] (Check Point Software Technologies Ltd.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232072 2016-10-07] (ESET)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-04-28] (Symantec Corporation)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-07-20] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [177792 2016-10-07] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [67712 2016-10-07] (ESET)
S3 EraserUtilDrv11521; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys [156912 2016-04-28] (Symantec Corporation)
R4 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2016-11-02] ()
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2016-03-16] (Riverbed Technology, Inc.)
R2 risdsnpe; C:\WINDOWS\System32\drivers\risdsnxc64.sys [98816 2011-03-07] (REDC)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [462272 2016-10-11] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160601.040\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160601.040\EX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-03 14:55 - 2016-11-03 14:58 - 00075286 _____ C:\Users\Yv\Downloads\Addition.txt
2016-11-03 14:51 - 2016-11-03 14:58 - 00027301 _____ C:\Users\Yv\Downloads\FRST.txt
2016-11-03 14:51 - 2016-11-03 14:58 - 00000000 ____D C:\FRST
2016-11-03 14:50 - 2016-11-03 14:50 - 02408960 _____ (Farbar) C:\Users\Yv\Downloads\FRST64.exe
2016-11-03 14:48 - 2016-11-03 14:49 - 01758208 _____ C:\Users\Yv\Desktop\FRST.exe
2016-11-03 14:26 - 2016-11-03 14:26 - 00188441 _____ C:\Users\Yv\Downloads\Reflectivelearning(1).pdf
2016-11-03 14:25 - 2016-11-03 14:25 - 00358724 _____ C:\Users\Yv\Downloads\ucdtla0035.pdf
2016-11-03 14:25 - 2016-11-03 14:25 - 00188441 _____ C:\Users\Yv\Downloads\Reflectivelearning.pdf
2016-11-02 18:53 - 2016-11-02 18:54 - 04001080 _____ (ESET) C:\Users\Yv\Downloads\sysinspector_nt64_enu (1).exe
2016-11-02 18:53 - 2016-11-02 18:53 - 04001080 _____ (ESET) C:\Users\Yv\Downloads\sysinspector_nt64_enu.exe
2016-11-02 18:48 - 2016-11-02 18:53 - 05658651 _____ (Swearware) C:\Users\Yv\Downloads\ComboFix.exe
2016-11-02 18:31 - 2016-11-02 18:31 - 00529302 _____ C:\WINDOWS\system32\.crusader
2016-11-02 18:31 - 2016-11-02 18:31 - 00423766 _____ C:\WINDOWS\system32\bootdelete.lst
2016-11-02 18:31 - 2016-11-02 18:31 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-11-02 18:06 - 2016-11-02 18:06 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-11-02 18:05 - 2016-11-02 18:05 - 00000000 ____D C:\Program Files\HitmanPro
2016-11-02 18:04 - 2016-11-02 18:56 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-02 18:04 - 2016-11-02 18:05 - 11579432 _____ (SurfRight B.V.) C:\Users\Yv\Downloads\HitmanPro_x64.exe
2016-11-02 17:51 - 2016-11-02 17:51 - 00000022 _____ C:\Users\Yv\Downloads\ESETPoweliksCleaner(1).exe_20161102.175124.3900.zip
2016-11-02 17:50 - 2016-11-02 17:51 - 00224968 _____ (ESET) C:\Users\Yv\Downloads\ESETPoweliksCleaner(1).exe
2016-11-02 17:32 - 2016-11-02 17:32 - 00000000 ____D C:\Users\Yv\AppData\Local\CEF
2016-11-02 17:29 - 2016-11-02 17:29 - 00000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2016-11-02 17:27 - 2016-11-02 17:27 - 00439594 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2016-11-02 17:26 - 2016-11-02 17:26 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2016-11-02 17:26 - 2016-11-02 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2016-11-02 17:26 - 2016-11-02 17:26 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2016-11-02 17:25 - 2016-11-02 17:25 - 05008256 _____ (Check Point Software Technologies Ltd.) C:\Users\Yv\Downloads\zafwSetupWeb_150_139_17085.exe
2016-11-02 17:25 - 2016-11-02 17:25 - 00000000 ____D C:\ProgramData\CheckPoint
2016-11-02 14:03 - 2016-11-02 14:03 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Yahoo
2016-11-02 14:03 - 2016-11-02 14:03 - 00000000 ____D C:\Users\Yv\AppData\Local\YSearchUtil
2016-11-02 13:58 - 2016-11-02 13:59 - 00737344 _____ (Oracle Corporation) C:\Users\Yv\Downloads\JavaSetup8u111.exe
2016-11-02 10:54 - 2016-11-02 10:54 - 00000000 ____D C:\Users\Yv\Desktop\Old Firefox Data
2016-11-02 04:57 - 2016-11-02 04:58 - 00000340 _____ C:\Users\Yv\Downloads\Turn_Off_App_Notifications.bat
2016-11-02 04:50 - 2016-11-02 04:50 - 00000035 _____ C:\Users\Yv\Desktop\ip.txt
2016-11-02 02:42 - 2016-11-02 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-02 02:42 - 2016-11-02 02:42 - 00000000 ____D C:\ProgramData\ESET
2016-11-02 02:42 - 2016-11-02 02:42 - 00000000 ____D C:\Program Files\ESET
2016-11-02 02:40 - 2016-11-02 02:40 - 03135616 _____ (ESET) C:\Users\Yv\Downloads\eset_nod32_antivirus_live_installer.exe
2016-11-02 01:32 - 2016-11-02 01:33 - 00536128 _____ (Neuber Software) C:\Users\Yv\Downloads\SvchostAnalyzer.exe
2016-11-02 01:26 - 2016-11-02 01:26 - 00000000 ____D C:\Users\Yv\Downloads\ProcessExplorer
2016-11-02 01:25 - 2016-11-02 01:26 - 01270466 _____ C:\Users\Yv\Downloads\ProcessExplorer.zip
2016-11-02 01:01 - 2016-11-02 01:56 - 00000861 _____ C:\Users\Yv\Desktop\HHH.txt
2016-11-01 22:54 - 2016-11-02 00:45 - 00003350 _____ C:\Users\Yv\Desktop\Rkill.txt
2016-11-01 21:37 - 2016-11-02 05:16 - 00000000 ____D C:\Users\Yv\AppData\Local\ESET
2016-11-01 21:37 - 2016-11-01 21:37 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Yv\Downloads\esetonlinescanner_enu.exe
2016-11-01 21:19 - 2016-11-01 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-01 21:17 - 2016-11-01 22:53 - 00000000 ____D C:\Users\Yv\Desktop\mbar
2016-11-01 21:16 - 2016-11-01 21:17 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Yv\Downloads\mbar-1.09.3.1001 (1).exe
2016-11-01 21:14 - 2016-11-01 21:14 - 00224968 _____ (ESET) C:\Users\Yv\Downloads\ESETPoweliksCleaner.exe
2016-11-01 21:13 - 2016-11-01 21:14 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Yv\Downloads\iExplore.exe
2016-11-01 21:13 - 2016-11-01 21:13 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Yv\Downloads\rkill.exe
2016-11-01 21:07 - 2016-11-01 21:10 - 01282016 _____ (AVG Technologies CZ) C:\Users\Yv\Downloads\avg_remover_poweliks.exe
2016-11-01 20:29 - 2016-11-01 20:29 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Wireshark
2016-11-01 20:01 - 2016-11-01 20:02 - 00000000 ____D C:\Program Files\Wireshark
2016-11-01 20:01 - 2016-11-01 20:01 - 00001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2016-11-01 20:01 - 2016-11-01 20:01 - 00001591 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2016-11-01 19:58 - 2016-11-01 20:00 - 49208304 _____ (Wireshark development team) C:\Users\Yv\Downloads\Wireshark-win64-2.2.1.exe
2016-11-01 17:47 - 2016-11-01 17:47 - 00000054 _____ C:\Users\Yv\Desktop\marketing analysis.txt
2016-11-01 11:51 - 2016-11-01 20:32 - 00000868 _____ C:\Users\Yv\Desktop\market atuomation.txt
2016-11-01 11:47 - 2016-11-01 11:47 - 07877850 _____ C:\Users\Yv\Desktop\Digital-Marketing-101-Key-Tools-for-Engagement-Marketing-Marketo.pdf
2016-11-01 11:35 - 2016-11-01 11:35 - 07877646 _____ C:\Users\Yv\Downloads\Digital-Marketing-101-Key-Tools-for-Engagement-Marketing-Marketo.pdf
2016-11-01 00:00 - 2016-11-01 00:00 - 00545700 _____ C:\WINDOWS\Minidump\110116-63656-01.dmp
2016-10-31 19:39 - 2016-10-31 19:41 - 00545652 _____ C:\WINDOWS\Minidump\103116-50375-01.dmp
2016-10-29 09:19 - 2016-10-30 12:01 - 00002795 _____ C:\Users\Yv\Desktop\da.txt
2016-10-28 20:01 - 2016-10-28 22:01 - 00000127 _____ C:\Users\Yv\Desktop\aoife.txt
2016-10-28 05:36 - 2016-10-15 04:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 05:36 - 2016-10-15 04:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 05:36 - 2016-10-15 04:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 05:36 - 2016-10-15 04:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 05:36 - 2016-10-15 04:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 05:36 - 2016-10-15 04:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 05:36 - 2016-10-15 04:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 05:36 - 2016-10-15 04:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 05:36 - 2016-10-15 04:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 05:36 - 2016-10-15 04:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 05:36 - 2016-10-15 04:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 05:36 - 2016-10-15 03:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 05:36 - 2016-10-15 03:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 05:36 - 2016-10-15 03:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 05:36 - 2016-10-15 03:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 05:36 - 2016-10-15 03:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 05:36 - 2016-10-15 03:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 05:36 - 2016-10-15 03:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 05:36 - 2016-10-15 03:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 05:36 - 2016-10-15 03:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 05:36 - 2016-10-15 03:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 05:36 - 2016-10-15 03:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 05:36 - 2016-10-15 03:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 05:36 - 2016-10-15 03:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 05:36 - 2016-10-15 03:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 05:36 - 2016-10-15 03:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 05:36 - 2016-10-15 03:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 05:36 - 2016-10-15 03:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 05:36 - 2016-10-15 03:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 05:36 - 2016-10-15 03:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 05:36 - 2016-10-15 03:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 05:36 - 2016-10-15 03:47 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-10-28 05:36 - 2016-10-15 03:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 05:36 - 2016-10-15 03:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 05:36 - 2016-10-15 03:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 05:36 - 2016-10-15 03:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 05:36 - 2016-10-15 03:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 05:36 - 2016-10-15 03:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 05:36 - 2016-10-15 03:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 05:36 - 2016-10-15 03:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 05:36 - 2016-10-15 03:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 05:36 - 2016-10-15 03:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 05:36 - 2016-10-15 03:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 05:36 - 2016-10-15 03:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 05:36 - 2016-10-15 03:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 05:36 - 2016-10-15 03:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 05:36 - 2016-10-15 03:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 05:36 - 2016-10-15 03:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 05:36 - 2016-10-15 03:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 05:35 - 2016-10-15 05:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 05:35 - 2016-10-15 04:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 05:35 - 2016-10-15 04:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 05:35 - 2016-10-15 04:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 05:35 - 2016-10-15 04:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 05:35 - 2016-10-15 04:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 05:35 - 2016-10-15 04:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 05:35 - 2016-10-15 04:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 05:35 - 2016-10-15 04:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 05:35 - 2016-10-15 04:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 05:35 - 2016-10-15 04:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 05:35 - 2016-10-15 04:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 05:35 - 2016-10-15 04:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 05:35 - 2016-10-15 04:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 05:35 - 2016-10-15 04:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 05:35 - 2016-10-15 03:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 05:35 - 2016-10-15 03:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 05:35 - 2016-10-15 03:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 05:35 - 2016-10-15 03:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 05:35 - 2016-10-15 03:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 05:35 - 2016-10-15 03:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 05:35 - 2016-10-15 03:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 05:35 - 2016-10-15 03:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 05:35 - 2016-10-15 03:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 05:35 - 2016-10-15 03:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 05:35 - 2016-10-15 03:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 05:35 - 2016-10-15 03:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 05:35 - 2016-10-15 03:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 05:35 - 2016-10-15 03:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 05:35 - 2016-10-15 03:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 05:35 - 2016-10-15 03:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 05:35 - 2016-10-15 03:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 05:35 - 2016-10-15 03:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 05:35 - 2016-10-15 03:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 05:35 - 2016-10-15 03:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 05:35 - 2016-10-15 03:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 05:35 - 2016-10-15 03:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 05:35 - 2016-10-15 03:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 05:35 - 2016-10-15 03:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 05:35 - 2016-10-15 03:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-28 05:35 - 2016-10-15 03:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 05:35 - 2016-10-15 03:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 05:35 - 2016-10-15 03:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 05:35 - 2016-10-15 03:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 05:35 - 2016-10-15 03:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 05:35 - 2016-10-15 03:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 05:35 - 2016-10-15 03:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 05:35 - 2016-10-15 03:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 05:35 - 2016-10-15 03:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 05:35 - 2016-10-15 03:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 05:35 - 2016-10-15 03:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 05:35 - 2016-10-15 03:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 05:35 - 2016-10-15 03:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 05:35 - 2016-10-15 03:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 05:35 - 2016-10-15 03:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 05:35 - 2016-10-15 03:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 05:35 - 2016-10-15 03:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 05:35 - 2016-10-15 03:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 05:35 - 2016-10-15 03:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 05:35 - 2016-10-15 03:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 05:30 - 2016-10-15 04:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 05:30 - 2016-10-15 04:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 05:30 - 2016-10-15 04:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 05:30 - 2016-10-15 04:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 05:30 - 2016-10-15 04:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 05:30 - 2016-10-15 04:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 05:30 - 2016-10-15 04:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 05:30 - 2016-10-15 04:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 05:30 - 2016-10-15 04:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 05:30 - 2016-10-15 04:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 05:30 - 2016-10-15 04:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 05:30 - 2016-10-15 04:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 05:30 - 2016-10-15 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 05:30 - 2016-10-15 03:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 05:30 - 2016-10-15 03:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 05:30 - 2016-10-15 03:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 05:30 - 2016-10-15 03:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 05:30 - 2016-10-15 03:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 05:30 - 2016-10-15 03:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 05:30 - 2016-10-15 03:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 05:30 - 2016-10-15 03:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 05:30 - 2016-10-15 03:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 05:30 - 2016-10-15 03:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 05:30 - 2016-10-15 03:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 05:30 - 2016-10-15 03:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 05:30 - 2016-10-15 03:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 05:30 - 2016-10-15 03:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 05:30 - 2016-10-15 03:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 05:30 - 2016-10-15 03:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 05:30 - 2016-10-15 03:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 05:30 - 2016-10-15 03:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 05:30 - 2016-10-15 03:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 05:30 - 2016-10-15 03:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 05:30 - 2016-10-15 03:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 05:30 - 2016-10-15 03:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 05:30 - 2016-10-15 03:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 05:30 - 2016-10-15 03:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 05:30 - 2016-10-15 03:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 05:30 - 2016-10-15 03:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 05:30 - 2016-10-15 03:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 05:30 - 2016-10-15 03:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 05:30 - 2016-10-15 03:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 05:30 - 2016-10-15 03:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 05:30 - 2016-10-15 03:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 05:30 - 2016-10-15 03:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 05:30 - 2016-10-15 03:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 05:30 - 2016-10-15 03:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 05:30 - 2016-10-15 03:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 05:30 - 2016-10-15 03:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 05:29 - 2016-10-15 04:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 05:29 - 2016-10-15 04:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 05:29 - 2016-10-15 04:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 05:29 - 2016-10-15 04:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 05:29 - 2016-10-15 04:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 05:29 - 2016-10-15 04:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 05:29 - 2016-10-15 04:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 05:29 - 2016-10-15 04:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 05:29 - 2016-10-15 04:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 05:29 - 2016-10-15 04:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 05:29 - 2016-10-15 04:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 05:29 - 2016-10-15 04:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 05:29 - 2016-10-15 04:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 05:29 - 2016-10-15 04:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 05:29 - 2016-10-15 04:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 05:29 - 2016-10-15 04:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 05:29 - 2016-10-15 04:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 05:29 - 2016-10-15 04:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 05:29 - 2016-10-15 04:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 05:29 - 2016-10-15 03:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 05:29 - 2016-10-15 03:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 05:29 - 2016-10-15 03:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 05:29 - 2016-10-15 03:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 05:29 - 2016-10-15 03:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 05:29 - 2016-10-15 03:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 05:29 - 2016-10-15 03:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 05:29 - 2016-10-15 03:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 05:29 - 2016-10-15 03:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 05:29 - 2016-10-15 03:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 05:29 - 2016-10-15 03:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 05:29 - 2016-10-15 03:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 05:29 - 2016-10-15 03:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 05:29 - 2016-10-15 03:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 05:29 - 2016-10-15 03:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 05:29 - 2016-10-15 03:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 05:29 - 2016-10-15 03:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 05:29 - 2016-10-15 03:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 05:29 - 2016-10-15 03:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 05:29 - 2016-10-15 03:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 05:29 - 2016-10-15 03:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 05:29 - 2016-10-15 03:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 05:29 - 2016-10-15 03:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 05:29 - 2016-10-15 03:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 05:29 - 2016-10-15 03:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 05:29 - 2016-10-15 03:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 05:29 - 2016-10-15 03:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 05:29 - 2016-10-15 03:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 05:29 - 2016-10-15 03:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 05:29 - 2016-10-15 03:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 05:29 - 2016-10-15 03:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 05:29 - 2016-10-15 03:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 05:29 - 2016-10-15 03:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 05:29 - 2016-10-15 03:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 05:29 - 2016-10-15 03:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 05:29 - 2016-10-15 03:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 05:29 - 2016-10-15 03:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 05:29 - 2016-10-15 03:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 05:29 - 2016-10-15 03:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 05:29 - 2016-10-15 03:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 05:29 - 2016-10-15 03:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 05:29 - 2016-10-15 03:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 05:29 - 2016-10-15 03:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 05:29 - 2016-10-15 03:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 05:29 - 2016-10-15 03:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 05:29 - 2016-10-15 03:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-28 05:29 - 2016-10-15 03:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 05:29 - 2016-10-15 03:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 05:29 - 2016-10-15 03:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 05:29 - 2016-10-15 03:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 05:29 - 2016-10-15 03:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 05:29 - 2016-10-15 03:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 05:29 - 2016-10-15 03:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 05:29 - 2016-10-15 03:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 05:29 - 2016-10-15 03:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 05:29 - 2016-10-15 03:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 05:29 - 2016-10-15 03:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 05:29 - 2016-10-15 03:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 05:29 - 2016-10-15 03:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 05:29 - 2016-10-15 03:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 05:29 - 2016-08-27 05:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 05:29 - 2016-08-06 04:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-28 05:28 - 2016-10-15 04:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 05:28 - 2016-10-15 04:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 05:28 - 2016-10-15 04:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 05:28 - 2016-10-15 04:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 05:28 - 2016-10-15 04:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 05:28 - 2016-10-15 04:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 05:28 - 2016-10-15 04:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 05:28 - 2016-10-15 04:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 05:28 - 2016-10-15 04:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 05:28 - 2016-10-15 04:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 05:28 - 2016-10-15 04:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 05:28 - 2016-10-15 04:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 05:28 - 2016-10-15 04:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 05:28 - 2016-10-15 04:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 05:28 - 2016-10-15 04:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 05:28 - 2016-10-15 04:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 05:28 - 2016-10-15 04:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 05:28 - 2016-10-15 04:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 05:28 - 2016-10-15 04:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 05:28 - 2016-10-15 04:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 05:28 - 2016-10-15 04:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 05:28 - 2016-10-15 04:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 05:28 - 2016-10-15 04:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 05:28 - 2016-10-15 04:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 05:28 - 2016-10-15 04:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 05:28 - 2016-10-15 04:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 05:28 - 2016-10-15 04:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 05:28 - 2016-10-15 03:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 05:28 - 2016-10-15 03:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 05:28 - 2016-10-15 03:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 05:28 - 2016-10-15 03:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 05:28 - 2016-10-15 03:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 05:28 - 2016-10-15 03:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 05:28 - 2016-10-15 03:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 05:28 - 2016-10-15 03:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 05:28 - 2016-10-15 03:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 05:28 - 2016-10-15 03:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 05:28 - 2016-10-15 03:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 05:28 - 2016-10-15 03:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 05:28 - 2016-10-15 03:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 05:28 - 2016-10-15 03:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 05:28 - 2016-10-15 03:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 05:28 - 2016-10-15 03:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 05:28 - 2016-10-15 03:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 05:28 - 2016-10-15 03:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 05:28 - 2016-10-15 03:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 05:28 - 2016-10-15 03:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 05:28 - 2016-10-15 03:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 05:28 - 2016-10-15 03:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 05:28 - 2016-10-15 03:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 05:28 - 2016-10-15 03:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 05:28 - 2016-10-15 03:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 05:28 - 2016-10-15 03:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 05:28 - 2016-10-15 03:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 05:28 - 2016-10-15 03:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 05:28 - 2016-10-15 03:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 05:28 - 2016-10-15 03:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 05:28 - 2016-10-15 03:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 05:28 - 2016-10-15 03:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 05:28 - 2016-10-15 03:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 05:28 - 2016-10-15 03:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 05:28 - 2016-10-15 03:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 05:28 - 2016-10-15 03:38 - 02781184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-10-28 05:28 - 2016-10-15 03:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 05:28 - 2016-10-15 03:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 05:28 - 2016-10-15 03:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 05:28 - 2016-10-15 03:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 05:28 - 2016-10-15 03:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 05:28 - 2016-10-15 03:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 05:28 - 2016-10-15 03:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 05:28 - 2016-10-15 03:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 05:28 - 2016-10-15 03:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 05:28 - 2016-10-15 03:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 05:28 - 2016-10-15 03:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 05:28 - 2016-10-15 03:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 05:28 - 2016-10-15 03:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 05:27 - 2016-10-15 04:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 05:27 - 2016-10-15 04:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 05:27 - 2016-10-15 03:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 05:27 - 2016-10-15 03:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 05:27 - 2016-10-15 03:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-28 05:27 - 2016-09-10 13:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 16:27 - 2016-10-27 16:27 - 00213174 _____ C:\Users\Yv\Downloads\ENG - how to pack a parcel(1).pdf
2016-10-27 12:16 - 2016-10-27 12:16 - 03942267 _____ C:\Users\Yv\Desktop\MultiView-Ebook-Audience-Targeting-Techniques-for-B2B-Marketers.pdf
2016-10-27 10:11 - 2016-10-27 10:11 - 00190492 _____ C:\Users\Yv\Downloads\AC-0105-15-FL-Top-Data-and-Models-by-Industry-Vertical.pdf
2016-10-27 09:29 - 2016-10-27 18:23 - 00001520 _____ C:\Users\Yv\Desktop\terms.txt
2016-10-27 01:36 - 2016-10-27 01:36 - 05488320 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-10-26 21:49 - 2016-10-26 21:49 - 01311336 _____ C:\Users\Yv\Downloads\jessicadoyle(1).pdf
2016-10-26 21:41 - 2016-10-26 21:41 - 01311336 _____ C:\Users\Yv\Desktop\jessicadoyle.pdf
2016-10-26 19:51 - 2016-10-26 19:51 - 00000165 ____H C:\Users\Yv\Desktop\~$Data-driven Marketing  & Machine Learning.pptx
2016-10-26 08:52 - 2016-10-26 08:52 - 00632827 _____ C:\Users\Yv\Desktop\Data-driven Marketing  & Machine Learning [Autosaved].pptx
2016-10-25 19:25 - 2016-10-25 19:25 - 01507431 _____ C:\Users\Yv\Downloads\HowToWriteProposal090415.pdf
2016-10-25 19:05 - 2016-11-01 12:21 - 00042371 ____H C:\Users\Yv\Desktop\~WRL0047.tmp
2016-10-25 19:03 - 2016-10-25 19:03 - 00056320 ____H C:\Users\Yv\Desktop\~WRL2193.tmp
2016-10-25 18:38 - 2016-10-25 18:38 - 00000255 _____ C:\Users\Yv\Desktop\Google AdWords Suggestions.URL
2016-10-25 18:07 - 2016-10-25 18:30 - 00001516 _____ C:\Users\Yv\Desktop\REACH.txt
2016-10-25 17:59 - 2016-10-25 17:59 - 00346609 _____ C:\Users\Yv\Downloads\sundsoy2014big.pdf
2016-10-25 17:57 - 2016-10-25 17:57 - 02411307 _____ C:\Users\Yv\Downloads\A-Multi-Channel-Marketing-Workbook-Marketo.pdf
2016-10-25 17:35 - 2016-10-25 19:09 - 86097127 _____ C:\Users\Yv\Downloads\graphicriver-14294670-isa-multipurpose-powerpoint-template.zip
2016-10-25 16:27 - 2016-10-25 16:27 - 00364753 _____ C:\Users\Yv\Downloads\1309.3945.pdf
2016-10-25 15:00 - 2016-10-25 15:00 - 01629034 _____ C:\Users\Yv\Desktop\411-E100.pdf
2016-10-25 14:42 - 2016-10-25 14:42 - 00275036 _____ C:\Users\Yv\Desktop\1202.2445.pdf
2016-10-25 14:17 - 2016-10-25 16:56 - 00640268 _____ C:\Users\Yv\Desktop\Data-driven Marketing  & Machine Learning.pptx
2016-10-25 12:02 - 2016-10-25 12:02 - 00000000 ____D C:\Users\Yv\AppData\Local\Package Cache
2016-10-25 12:02 - 2016-10-25 12:02 - 00000000 ____D C:\Users\Yv\AppData\Local\Grammarly
2016-10-25 12:00 - 2016-10-25 12:01 - 09324368 _____ (Grammarly) C:\Users\Yv\Downloads\GrammarlyAddInSetup.exe
2016-10-25 11:39 - 2016-10-25 11:39 - 00000842 _____ C:\Users\Yv\Desktop\HHH.csv
2016-10-25 11:10 - 2016-10-25 11:49 - 01470464 _____ C:\Users\Yv\Desktop\DB1.db
2016-10-25 11:10 - 2016-10-25 11:10 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Keyling
2016-10-25 11:07 - 2016-10-25 11:07 - 00000000 ____D C:\Users\Yv\Facepager
2016-10-25 11:06 - 2016-10-25 11:06 - 00001108 _____ C:\Users\Yv\Desktop\Facepager.lnk
2016-10-25 11:06 - 2016-10-25 11:06 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facepager
2016-10-24 22:49 - 2016-10-24 22:49 - 02827932 _____ C:\Users\Yv\Downloads\Thesis_Juan__4184_V5.1_Final.pdf
2016-10-24 22:47 - 2016-10-24 22:48 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Notepad++
2016-10-24 22:47 - 2016-10-24 22:47 - 02842320 _____ C:\Users\Yv\Downloads\npp.7.1.Installer.exe
2016-10-24 22:47 - 2016-10-24 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-10-24 22:47 - 2016-10-24 22:47 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-10-24 21:53 - 2016-10-24 21:53 - 00134025 _____ C:\Users\Yv\Downloads\MScDM - DM Research Project - Research Proposal - 1617(1).pdf
2016-10-24 21:21 - 2016-10-24 21:21 - 00309016 _____ C:\Users\Yv\Downloads\reflective_journals and_learning_logs.pdf
2016-10-24 21:02 - 2016-10-24 21:02 - 00038779 _____ C:\Users\Yv\Downloads\researchanalyticsandsegmentation-13395415016439-phpapp01-120612175240-phpapp01.pdf
2016-10-24 20:49 - 2016-10-24 20:49 - 01003249 _____ C:\Users\Yv\Downloads\Heath_and_Tynan_10_Crafting_a_proposal_Mkt_Rev(1).pdf
2016-10-24 20:47 - 2016-10-24 20:48 - 00134025 _____ C:\Users\Yv\Desktop\MScDM - DM Research Project - Research Proposal - 1617.pdf
2016-10-24 20:39 - 2016-10-24 20:39 - 00396039 _____ C:\Users\Yv\Downloads\The Great Disruption_ How Machine Intelligence Will Transform the.pdf
2016-10-24 19:59 - 2016-10-24 19:59 - 00125747 _____ C:\Users\Yv\Downloads\lec3_2_atissa.pdf
2016-10-24 19:17 - 2016-10-24 19:17 - 00370255 _____ C:\Users\Yv\Downloads\New-media-Dissertation_DP.pdf
2016-10-24 19:10 - 2016-10-24 19:10 - 01003249 _____ C:\Users\Yv\Downloads\Heath_and_Tynan_10_Crafting_a_proposal_Mkt_Rev.pdf
2016-10-24 19:09 - 2016-10-24 19:09 - 00134025 _____ C:\Users\Yv\Downloads\MScDM - DM Research Project - Research Proposal - 1617.pdf
2016-10-24 18:06 - 2016-10-24 18:33 - 00000116 _____ C:\Users\Yv\Documents\kw.txt
2016-10-24 16:48 - 2016-10-24 16:48 - 00030621 _____ C:\Users\Yv\Downloads\MSc_reflective log.pdf
2016-10-24 04:29 - 2016-10-24 04:31 - 00394316 _____ C:\WINDOWS\Minidump\102416-38140-01.dmp
2016-10-22 21:23 - 2016-10-26 00:48 - 00000000 ____D C:\Program Files (x86)\Norton Security
2016-10-22 21:15 - 2016-10-23 11:26 - 00000166 _____ C:\Users\Yv\Documents\keywords.txt
2016-10-21 18:16 - 2016-10-21 18:16 - 00000000 ____D C:\Users\Yv\AppData\LocalLow\Temp
2016-10-21 10:02 - 2016-10-22 19:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 17:54 - 2016-10-20 17:54 - 00166544 _____ C:\Users\Yv\Downloads\Volunteer_award_application_form_final_2014(2).pdf
2016-10-20 17:36 - 2016-10-20 17:37 - 00000252 _____ C:\Users\Yv\Downloads\HOW(1).csv
2016-10-20 17:36 - 2016-10-20 17:36 - 00000252 _____ C:\Users\Yv\Downloads\HOW.csv
2016-10-20 06:05 - 2016-10-20 06:05 - 00017607 _____ C:\Users\Yv\Downloads\HOW
2016-10-19 23:22 - 2016-10-19 23:22 - 00213174 _____ C:\Users\Yv\Downloads\ENG - how to pack a parcel.pdf
2016-10-19 18:58 - 2016-10-19 18:58 - 00166544 _____ C:\Users\Yv\Downloads\Volunteer_award_application_form_final_2014(1).pdf
2016-10-19 14:52 - 2016-10-22 22:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-10-19 14:46 - 2016-10-19 14:46 - 00166544 _____ C:\Users\Yv\Downloads\Volunteer_award_application_form_final_2014.pdf
2016-10-19 14:29 - 2016-10-26 00:48 - 00000000 ____D C:\ProgramData\Norton
2016-10-19 14:29 - 2016-10-24 04:45 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-10-19 10:17 - 2016-10-19 10:17 - 00002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2016-10-19 10:17 - 2016-10-19 10:17 - 00002255 _____ C:\Users\Public\Desktop\Adobe Digital Editions 4.5.lnk
2016-10-19 10:17 - 2016-10-19 10:17 - 00000000 ____D C:\Users\Yv\AppData\Local\Adobe_Systems_Incorporate
2016-10-19 10:17 - 2016-10-19 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-10-19 10:16 - 2016-10-19 10:22 - 00000000 ____D C:\Users\Yv\Documents\My Digital Editions
2016-10-19 10:16 - 2016-10-19 10:16 - 00001635 _____ C:\Users\Yv\Downloads\1687540.acsm
2016-10-19 10:15 - 2016-10-19 10:16 - 08647680 _____ (Adobe Systems Incorporated) C:\Users\Yv\Downloads\ADE_4.5_Installer.exe
2016-10-19 10:13 - 2016-10-19 10:14 - 00788228 _____ C:\Users\Yv\Downloads\3__Machine_learning_platform_d.PDF
2016-10-18 18:13 - 2016-10-18 18:13 - 00277842 _____ C:\Users\Yv\Downloads\PDF_TechMkt_Guidelines_for_Scientific_Writing_Sept_2014.pdf
2016-10-18 13:53 - 2016-10-18 15:42 - 00001901 _____ C:\Users\Yv\Documents\ss.txt
2016-10-18 12:02 - 2016-10-18 12:02 - 00255597 _____ C:\Users\Yv\Downloads\EPA Regulation for Diesel Particulate Emissions in Cars and Light Trucks(1).pdf
2016-10-18 01:29 - 2016-10-18 01:29 - 00220912 _____ C:\Users\Yv\Downloads\APPLICATION OF PREDICTIVE ANALYTICS IN CUSTOMER RELATIONSHIP MANA(1).pdf
2016-10-18 01:05 - 2016-10-18 01:05 - 00220912 _____ C:\Users\Yv\Downloads\APPLICATION OF PREDICTIVE ANALYTICS IN CUSTOMER RELATIONSHIP MANA.pdf
2016-10-17 18:41 - 2016-10-17 18:41 - 06597740 _____ C:\Users\Yv\Downloads\Calgary_Keynote_ David_ Corrigan - v1(2).pdf
2016-10-17 18:13 - 2016-10-17 18:13 - 01279290 _____ C:\Users\Yv\Downloads\9780133892062.pdf
2016-10-17 18:07 - 2016-10-17 18:07 - 00527500 _____ C:\Users\Yv\Downloads\document.pdf
2016-10-17 17:46 - 2016-10-17 17:46 - 00534307 _____ C:\Users\Yv\Downloads\the-impact-of-big-data-on-your-firms-marketing-communications-a-framework-for-understanding-the-emerging-marketing-analytics-industry.pdf
2016-10-17 17:30 - 2016-10-17 17:30 - 00534307 _____ C:\Users\Yv\Desktop\the-impact-of-big-data-on-your-firms-marketing-communications-a-framework-for-understanding-the-emerging-marketing-analytics-industry.pdf
2016-10-17 16:09 - 2016-10-17 16:09 - 07260845 _____ C:\Users\Yv\Downloads\BigDataKit.zip
2016-10-17 16:04 - 2016-10-17 16:04 - 00341103 _____ C:\Users\Yv\Downloads\Air sense.pdf
2016-10-17 15:17 - 2016-10-24 23:32 - 00018704 ____H C:\Users\Yv\Desktop\~WRL0003.tmp
2016-10-17 14:35 - 2016-10-17 14:35 - 00182874 _____ C:\Users\Yv\Downloads\Feasibility study.pdf
2016-10-17 14:27 - 2016-10-17 14:27 - 06597740 _____ C:\Users\Yv\Downloads\Calgary_Keynote_ David_ Corrigan - v1(1).pdf
2016-10-17 14:11 - 2016-10-17 14:11 - 06597740 _____ C:\Users\Yv\Downloads\Calgary_Keynote_ David_ Corrigan - v1.pdf
2016-10-16 22:24 - 2016-10-16 22:24 - 00000096 _____ C:\Users\Yv\Documents\k.txt
2016-10-16 10:40 - 2016-10-16 10:40 - 00000000 ____D C:\Program Files (x86)\LongTailPro
2016-10-16 09:39 - 2016-10-16 09:41 - 00414484 _____ C:\WINDOWS\Minidump\101616-40125-01.dmp
2016-10-15 12:20 - 2016-10-15 12:20 - 00255597 _____ C:\Users\Yv\Downloads\EPA Regulation for Diesel Particulate Emissions in Cars and Light Trucks.pdf
2016-10-15 12:19 - 2016-10-15 12:19 - 00364834 _____ C:\Users\Yv\Downloads\Testing for Asbestos(1).pdf
2016-10-15 10:23 - 2016-10-15 10:23 - 00364834 _____ C:\Users\Yv\Downloads\Testing for Asbestos.pdf
2016-10-12 15:19 - 2016-10-05 10:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 15:19 - 2016-10-05 10:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-12 15:19 - 2016-10-05 09:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:19 - 2016-10-05 09:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-12 15:19 - 2016-10-05 09:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 15:19 - 2016-10-05 09:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-12 15:19 - 2016-10-05 09:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-12 15:19 - 2016-10-05 09:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-12 15:19 - 2016-10-05 09:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-12 15:19 - 2016-10-05 09:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 15:19 - 2016-10-05 09:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-12 15:19 - 2016-10-05 09:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-12 15:19 - 2016-10-05 09:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-12 15:19 - 2016-10-05 09:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-12 15:19 - 2016-10-05 09:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 15:19 - 2016-10-05 09:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-12 15:19 - 2016-10-05 09:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-12 15:19 - 2016-10-05 09:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-12 15:19 - 2016-10-05 09:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 15:19 - 2016-10-05 09:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:19 - 2016-10-05 09:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 15:19 - 2016-10-05 09:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 15:19 - 2016-10-05 09:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-12 15:19 - 2016-10-05 09:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-12 15:19 - 2016-10-05 09:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-12 15:19 - 2016-10-05 09:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 15:19 - 2016-10-05 09:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-12 15:19 - 2016-10-05 09:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-12 15:18 - 2016-10-05 10:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-12 15:18 - 2016-10-05 10:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-12 15:18 - 2016-10-05 10:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-12 15:18 - 2016-10-05 10:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-12 15:18 - 2016-10-05 10:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-12 15:18 - 2016-10-05 09:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 15:18 - 2016-10-05 09:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-12 15:18 - 2016-10-05 09:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-12 15:18 - 2016-10-05 09:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-12 15:18 - 2016-10-05 09:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-12 15:18 - 2016-10-05 09:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-12 15:18 - 2016-10-05 09:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-12 15:18 - 2016-10-05 09:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 15:18 - 2016-10-05 09:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-12 15:18 - 2016-10-05 09:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-12 15:18 - 2016-10-05 09:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-12 15:18 - 2016-10-05 09:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 15:18 - 2016-10-05 09:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-12 15:18 - 2016-10-05 09:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-12 15:18 - 2016-10-05 09:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-12 15:18 - 2016-10-05 09:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-12 15:18 - 2016-10-05 09:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-12 15:18 - 2016-10-05 09:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-12 15:18 - 2016-10-05 09:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-12 15:18 - 2016-10-05 09:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-12 15:18 - 2016-10-05 09:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-12 15:18 - 2016-10-05 09:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-12 15:18 - 2016-10-05 09:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 15:18 - 2016-10-05 09:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 15:18 - 2016-10-05 09:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-12 15:18 - 2016-10-05 09:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 15:18 - 2016-10-05 09:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-12 15:18 - 2016-10-05 09:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-12 15:18 - 2016-10-05 09:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 15:18 - 2016-10-05 09:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-12 15:18 - 2016-10-05 09:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 15:18 - 2016-10-05 09:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-12 15:18 - 2016-10-05 09:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-12 15:18 - 2016-10-05 09:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 15:18 - 2016-10-05 09:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-12 15:18 - 2016-10-05 09:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-12 15:18 - 2016-10-05 09:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-12 15:18 - 2016-10-05 09:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-12 15:18 - 2016-09-07 05:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-12 15:17 - 2016-10-05 10:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-12 15:17 - 2016-10-05 10:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 15:17 - 2016-10-05 10:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-12 15:17 - 2016-10-05 10:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-12 15:17 - 2016-10-05 10:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-12 15:17 - 2016-10-05 10:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-12 15:17 - 2016-10-05 10:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-12 15:17 - 2016-10-05 09:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-12 15:17 - 2016-10-05 09:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-12 15:17 - 2016-10-05 09:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-12 15:17 - 2016-10-05 09:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-12 15:17 - 2016-10-05 09:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-12 15:17 - 2016-10-05 09:36 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-10-12 15:17 - 2016-10-05 09:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-12 15:17 - 2016-10-05 09:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-12 15:17 - 2016-10-05 09:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-12 15:17 - 2016-10-05 09:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 15:17 - 2016-10-05 09:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-12 15:17 - 2016-10-05 09:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-12 15:17 - 2016-10-05 09:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-12 15:17 - 2016-10-05 09:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:17 - 2016-10-05 09:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-12 15:17 - 2016-10-05 09:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-12 15:17 - 2016-10-05 09:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-12 15:17 - 2016-10-05 09:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-12 15:17 - 2016-10-05 09:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-12 15:17 - 2016-10-05 09:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-12 15:17 - 2016-10-05 09:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-12 15:17 - 2016-10-05 09:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-12 15:17 - 2016-10-05 09:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:17 - 2016-10-05 09:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-12 15:17 - 2016-10-05 09:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 15:17 - 2016-10-05 09:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-12 15:17 - 2016-10-05 09:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-12 15:17 - 2016-10-05 09:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 15:17 - 2016-10-05 09:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-12 15:17 - 2016-10-05 09:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 15:17 - 2016-10-05 09:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-12 15:17 - 2016-10-05 09:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-12 15:17 - 2016-10-05 09:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 15:17 - 2016-10-05 09:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-12 15:17 - 2016-10-05 09:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-12 15:17 - 2016-10-05 09:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 15:17 - 2016-10-05 09:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-12 15:17 - 2016-10-05 09:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-12 15:17 - 2016-10-05 09:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-12 15:17 - 2016-10-05 09:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:17 - 2016-10-05 09:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 15:17 - 2016-10-05 09:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-12 15:17 - 2016-10-05 09:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 15:17 - 2016-10-05 09:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-12 15:17 - 2016-10-05 09:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-12 15:17 - 2016-10-05 09:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-12 15:17 - 2016-10-05 09:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:17 - 2016-10-05 00:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 20:58 - 2016-10-11 20:58 - 02228017 _____ C:\Users\Yv\Desktop\Diggity-SEO-On-site-SEO-Guide-v1.8.pdf
2016-10-11 20:00 - 2016-10-11 20:00 - 00462272 _____ (Check Point Software Technologies Ltd.) C:\WINDOWS\system32\Drivers\vsdatant.sys
2016-10-10 14:09 - 2016-10-10 14:09 - 41984536 _____ C:\Users\Yv\Downloads\ImpactIncome.pdf
2016-10-09 06:59 - 2016-10-09 06:59 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-10-08 16:16 - 2016-10-08 16:18 - 00414308 _____ C:\WINDOWS\Minidump\100816-43593-01.dmp
2016-10-08 09:49 - 2016-10-08 09:49 - 00398940 _____ C:\Users\Yv\Downloads\mis-quarterly-full-text.pdf
2016-10-08 09:44 - 2016-10-08 09:44 - 03497075 _____ C:\Users\Yv\Downloads\98936.pdf
2016-10-07 22:16 - 2016-10-07 22:16 - 00500523 _____ C:\Users\Yv\Downloads\bicc-white-paper-1-2012-1486911.pdf
2016-10-07 20:31 - 2016-10-07 20:31 - 00232072 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-10-07 20:31 - 2016-10-07 20:31 - 00177792 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-10-07 20:31 - 2016-10-07 20:31 - 00067712 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2016-10-06 21:25 - 2016-10-06 21:25 - 00700056 _____ C:\Users\Yv\Downloads\Accenture-Big-Data-POV.pdf
2016-10-06 20:31 - 2016-10-06 20:31 - 00822373 _____ C:\Users\Yv\Downloads\Accenture-AMAP-Web-Singles.pdf
2016-10-06 20:02 - 2016-10-06 20:03 - 08887535 _____ C:\Users\Yv\Downloads\CMAC Creating competitive advantage from big data.pdf
2016-10-06 17:44 - 2016-11-02 05:00 - 00000756 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1860957307-1508966803-2314426021-1000.job
2016-10-06 17:44 - 2016-11-02 05:00 - 00000660 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1860957307-1508966803-2314426021-1000.job
2016-10-06 17:44 - 2016-11-02 00:20 - 00003948 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1860957307-1508966803-2314426021-1000
2016-10-06 17:44 - 2016-11-02 00:20 - 00003852 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1860957307-1508966803-2314426021-1000
2016-10-06 17:44 - 2016-10-06 17:44 - 00321008 _____ (Citrix Online) C:\Users\Yv\Downloads\GoToWebinar Launcher(1).exe
2016-10-06 17:43 - 2016-10-06 17:44 - 00000000 ____D C:\Users\Yv\AppData\Local\Citrix
2016-10-05 23:24 - 2016-10-05 23:24 - 01243244 _____ C:\Users\Yv\Desktop\Gain Advantage through Analytics.pdf
2016-10-05 21:58 - 2016-10-05 21:59 - 54889577 _____ C:\Users\Yv\Downloads\inbound2015-mirman-published-150911175554-lva1-app6891.pdf
2016-10-05 21:36 - 2016-10-05 21:45 - 00001835 _____ C:\Users\Yv\Desktop\Yarn.csv
2016-10-05 20:16 - 2016-10-05 20:17 - 05232872 _____ C:\Users\Yv\Desktop\Capital Punishment PP.pptx
2016-10-05 20:13 - 2016-10-05 20:13 - 05668401 ____R C:\Users\Yv\Desktop\Capital Punishment PP.pdf
2016-10-05 16:00 - 2016-10-05 16:00 - 02017224 _____ (Adobe Systems Incorporated) C:\Users\Yv\Downloads\Photoshop_Set-Up.exe
2016-10-04 23:49 - 2016-10-04 23:49 - 00000323 _____ C:\Users\Yv\Documents\atttt.txt
2016-10-04 22:55 - 2016-10-04 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-04 22:50 - 2016-10-04 22:50 - 00000000 ____D C:\Program Files\Bonjour
2016-10-04 22:50 - 2016-10-04 22:50 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-04 08:29 - 2016-10-04 08:29 - 00091191 _____ C:\Users\Yv\Downloads\Compu b Grafton St. S-49355.2.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-03 12:58 - 2016-09-30 17:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-03 12:30 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-03 12:27 - 2016-07-16 11:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-03 05:23 - 2016-09-30 18:35 - 00003658 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-11-02 17:27 - 2016-07-16 11:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-02 16:34 - 2016-09-30 17:38 - 01203678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-02 16:28 - 2016-09-30 18:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-02 14:37 - 2016-06-13 19:40 - 00000000 ____D C:\Users\Yv\AppData\Local\Packages
2016-11-02 14:16 - 2016-06-23 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-02 14:03 - 2012-04-16 12:23 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-11-02 14:01 - 2016-06-23 15:37 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-11-02 14:00 - 2016-06-23 15:36 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-02 08:47 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-02 03:36 - 2012-07-15 21:11 - 00000000 ____D C:\Users\Yv\AppData\Local\CrashDumps
2016-11-02 02:44 - 2016-07-16 11:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-11-01 21:19 - 2015-04-30 21:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-01 21:17 - 2015-04-30 21:29 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-01 21:00 - 2012-01-06 22:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-01 20:49 - 2011-05-19 05:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-01 20:48 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\System
2016-11-01 20:01 - 2015-04-30 21:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-01 04:17 - 2016-07-26 17:58 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-01 04:17 - 2016-04-26 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-01 00:00 - 2016-10-02 18:49 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-01 00:00 - 2016-09-19 07:46 - 527996787 _____ C:\WINDOWS\MEMORY.DMP
2016-10-31 19:41 - 2016-09-30 17:39 - 00000000 ____D C:\Users\Yv
2016-10-31 13:10 - 2011-11-09 18:21 - 00000000 ____D C:\Users\Yv\AppData\Local\Google
2016-10-30 00:51 - 2016-07-07 12:31 - 00000000 ____D C:\Users\Yv\Desktop\LCT
2016-10-29 06:40 - 2016-04-27 06:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-29 03:10 - 2016-09-30 17:30 - 00366840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 03:09 - 2016-07-16 06:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-10-29 03:06 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-29 03:06 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-29 03:06 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-29 03:06 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 03:04 - 2016-07-16 11:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 23:43 - 2016-07-16 11:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-28 04:54 - 2010-11-21 03:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-28 04:27 - 2013-09-01 17:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-27 01:36 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-27 01:36 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-25 19:19 - 2011-11-09 18:22 - 00002512 _____ C:\Users\Yv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 19:14 - 2016-09-25 22:54 - 00000000 ____D C:\Users\Yv\Desktop\ResearchPapers
2016-10-25 11:05 - 2014-12-07 14:41 - 20872000 _____ C:\Users\Yv\Desktop\Facepager_Setup_3_6.exe
2016-10-24 23:30 - 2016-07-16 11:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-24 23:30 - 2016-07-16 11:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 05:06 - 2016-07-16 06:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-10-22 19:57 - 2016-06-13 23:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 06:40 - 2016-07-19 22:09 - 00000268 _____ C:\Users\Yv\AppData\Roaming\RO39-2M3Q
2016-10-22 01:00 - 2011-05-19 06:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-21 23:59 - 2016-07-16 11:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-21 18:16 - 2016-08-08 14:49 - 00000000 ____D C:\Users\Yv\Documents\Visual Studio 2015
2016-10-19 14:52 - 2016-01-07 12:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-19 10:22 - 2011-11-09 18:20 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Adobe
2016-10-19 10:16 - 2011-05-19 05:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-10-16 10:40 - 2016-08-04 22:51 - 00000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LongTailPro.lnk
2016-10-16 10:40 - 2016-08-04 22:51 - 00000970 _____ C:\Users\Public\Desktop\LongTailPro.lnk
2016-10-13 22:26 - 2016-07-16 11:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-13 22:26 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-13 22:26 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-13 22:26 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-13 22:26 - 2016-07-16 11:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-13 22:21 - 2013-04-05 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-13 22:21 - 2013-04-05 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 19:57 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-12 16:24 - 2013-08-21 21:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 16:14 - 2013-04-05 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 16:14 - 2011-12-28 17:43 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 15:00 - 2016-07-16 11:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-12 15:00 - 2016-07-16 11:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-12 00:36 - 2016-09-30 18:35 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-09 06:59 - 2016-09-30 17:39 - 00000000 ____D C:\Users\DefaultAppPool
2016-10-05 20:00 - 2011-12-10 20:00 - 00000023 _____ C:\test.xml
2016-10-05 16:12 - 2011-11-09 18:19 - 00000000 ____D C:\Users\Yv\AppData\Local\Adobe
2016-10-05 16:07 - 2012-09-11 20:34 - 00000000 ____D C:\Users\Yv\AppData\LocalLow\HPAppData
2016-10-04 22:56 - 2012-01-06 22:14 - 00000000 ____D C:\Users\Yv\AppData\Roaming\Apple Computer
2016-10-04 22:56 - 2012-01-06 22:14 - 00000000 ____D C:\Users\Yv\AppData\Local\Apple Computer
2016-10-04 22:51 - 2014-05-29 14:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
 
==================== Files in the root of some directories =======
 
2016-07-19 22:09 - 2016-07-19 22:09 - 0000088 _____ () C:\Users\Yv\AppData\Roaming\.95d691779473f3e03bc4b4e56319d74c.key
2016-07-04 22:34 - 2016-07-04 22:34 - 0000140 _____ () C:\Users\Yv\AppData\Roaming\GWMC-I92M
2016-07-19 22:09 - 2016-10-22 06:40 - 0000268 _____ () C:\Users\Yv\AppData\Roaming\RO39-2M3Q
2016-08-05 16:47 - 2016-08-05 16:47 - 0000745 _____ () C:\Users\Yv\AppData\Local\recently-used.xbel
2013-04-13 16:19 - 2013-04-13 16:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-04-16 12:09 - 2016-11-01 22:13 - 0003239 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\Yv\AppData\Local\Temp\SCC.dll
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-25 21:09
 
==================== End of FRST.txt ============================

Attached Files


Edited by PDL4, 03 November 2016 - 10:40 AM.


BC AdBot (Login to Remove)

 


#2 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,775 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:10 PM

Posted 05 November 2016 - 12:49 AM

Hi PDL4, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process and so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest you any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CreateRestorePoint:
      CloseProcesses:
      EmptyTemp:
      ProxyServer: [S-1-5-21-1860957307-1508966803-2314426021-1000] => http=127.0.0.1:8888;https=127.0.0.1:8888
      removeproxy:
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
      SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
      Toolbar: HKU\S-1-5-21-1860957307-1508966803-2314426021-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
      FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49 => not found
      2013-04-13 16:19 - 2013-04-13 16:19 - 0000057 _____ () C:\ProgramData\Ament.ini
      Task: {43F8CA22-E847-4916-90F5-46755B74D172} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {4802576D-3153-4843-92D4-3B4FAD964B2D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
      Task: {4C7C067C-7D5A-4E19-AEF6-61AAF3F1616F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {5050661A-2378-4720-8F68-62639B6C8B65} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {52863D01-0705-425B-B4D7-B1FF140C8C31} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
      Task: {5DB5C45E-8427-4898-95BF-0850655D9487} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      Task: {66427EB7-5FD9-4FBF-B20C-9046BE2A27AB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
      Task: {6C3394E6-D36B-4C27-95FD-D7F08B45E698} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      Task: {6C3394E6-D36B-4C27-95FD-D7F08B45E698} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      Task: {82C34667-6179-471D-AF9E-90A7A3816507} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {8CBC9142-91E5-4565-9E0B-E19F67D5DD0B} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
      Task: {8D592A8C-ECC6-4E03-BD50-8E706C6EA8BA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {8FB0F949-8D19-4839-B70E-A0E4FE22CC0D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
      Task: {9D98B180-9B90-4BB8-B8D6-FD0493BAF7FB} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
      Task: {BDAE0B41-4A35-4B05-8080-3BDE15F05712} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {E6C5305D-9A9C-4340-86F5-113C370F8AA6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {ED541E4D-8563-4606-98F7-C1253AEED3C3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
      Task: {F2C3FDB1-FA2E-4E7E-B8FF-E0BE69EF26A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{9E1E8442-0EAD-4737-A196-659654BA2E87}.exe <==== ATTENTION
      
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #2 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Option and put a tick mark on everything;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart. If not, it is located in C:\AdwCleaner\AdwCleaner[CX].txt, where X is replaced with a number;
    • Copy and Paste the contents of this log in your reply.
 

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#3 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,775 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:10 PM

Posted 06 November 2016 - 11:22 PM

Just a friendly reminder if you still wish to receive assistance.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,775 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:10 PM

Posted 08 November 2016 - 10:17 PM

User Discontinued. :)

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users