TechSpot

Nommers 1

By Nommers
Jun 14, 2016
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
    Ran by Osula (administrator) on HEARTNSOUL (14-06-2016 15:43:27)
    Running from C:\Users\Osula\Downloads
    Loaded Profiles: Osula (Available Profiles: Osula)
    Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    () C:\Program Files\SASHome\SASFoundation\9.3\sas.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Users\Osula\AppData\Roaming\Gemoajaco\Gemoajaco.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    () C:\Users\Osula\AppData\Roaming\SemcTops\Wenaooak.exe
    () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe
    () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe
    () C:\Users\Osula\AppData\Roaming\Exesowy\Exesowy.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
    (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
    () C:\Windows\SysWOW64\CpuHeatMapping\16641\CpuHeatMapping.exe
    () C:\Windows\cWinInfos\16610\WinInfos.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    () C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354\knscC89C.tmp
    () C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354\qnsw90E4.tmp
    (Essentware) C:\Program Files\Essentware\Common\AccountService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    () C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.exe
    () C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.exe
    (csdimedia.com) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
    (Spotify Ltd) C:\Users\Osula\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    () C:\Program Files (x86)\danza\sodom.exe
    (Essentware) C:\Program Files\Essentware\PCKeeper\PCKeeper.exe
    (Essentware) C:\Program Files\Essentware\PCKAV\PCKAV.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
    () C:\Program Files (x86)\prestigious\modality.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
    (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Essentware) C:\Program Files\Essentware\PCKeeper\OneClickFixService.exe
    Failed to access process -> PCKAVService.exe
    (Microsoft Corporation) C:\Windows\System32\WerFault.exe
    () C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.exe
    () C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-08-27] (Realtek Semiconductor)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
    HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [522552 2015-12-10] (Citrix Systems, Inc.)
    HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2015-12-10] (Citrix Systems, Inc.)
    HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
    HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
    HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
    HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [Spotify Web Helper] => C:\Users\Osula\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-27] (Spotify Ltd)
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [RemoteFilesTrayIcon] => "C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe"
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [sodom] => C:\Program Files (x86)\danza\sodom.exe [36767 2016-06-12] ()
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [imax] => C:\Program Files (x86)\prestigious\modality.exe [10752 2016-06-12] ()
    ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
    Startup: C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rugged.lnk [2016-06-14]
    ShortcutTarget: rugged.lnk -> C:\Program Files (x86)\prestigious\modality.exe ()
    Startup: C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-06-14]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{f76e96bb-76ef-4665-9fdb-2e875e0f4d69}: [NameServer] 208.67.222.222,208.67.222.220
    Tcpip\..\Interfaces\{f76e96bb-76ef-4665-9fdb-2e875e0f4d69}: [DhcpNameServer] 192.168.1.1
    ManualProxies:

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
    SearchScopes: HKLM -> DefaultScope {2E7D26A4-1FA1-4B1A-B4F1-C994BCDA66A0} URL =
    SearchScopes: HKU\S-1-5-21-3693202215-1944876337-163887280-1001 -> DefaultScope OldSearch URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28] (Oracle Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28] (Oracle Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_24\bin\jp2ssv.dll [2015-08-28] (Sun Microsystems, Inc.)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-01] (Microsoft Corporation)
    Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
    Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

    FireFox:
    ========
    FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-28] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-28] (Oracle Corporation)
    FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.6.0_24\bin\new_plugin\npjp2.dll [2015-08-28] (Sun Microsystems, Inc.)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-01] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-13] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-13] (Google Inc.)
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=g6dzftptn095001bq,1d46cc3b-dbab-4e4a-a1d1-67359f55eb64,&vp=ch&prd=set_ch
    CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=g6dzftptn095001bq,1d46cc3b-dbab-4e4a-a1d1-67359f55eb64,&vp=ch&prd=set_ch"
    CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> google.com_
    CHR Profile: C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-28]
    CHR Extension: (Google Docs) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
    CHR Extension: (Google Drive) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
    CHR Extension: (YouTube) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
    CHR Extension: (Adblock Plus) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-01]
    CHR Extension: (Ebates Cash Back) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2016-06-13]
    CHR Extension: (Google Search) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Google Sheets) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-28]
    CHR Extension: (Google Docs Offline) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
    CHR Extension: (Journey (Diary, Journal)) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlncjaehedpdoinepaejmlpbmdkgmpog [2016-06-01]
    CHR Extension: (Save to Pocket) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-14]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Gmail) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009264 2016-05-17] (Microsoft Corporation)
    R2 CpuHeatMapping; C:\WINDOWS\SysWOW64\CpuHeatMapping/16641\CpuHeatMapping.exe [12288 2016-06-11] () [File not signed]
    R2 cWinInfos; C:\WINDOWS\cWinInfos\16610\WinInfos.exe [15872 2016-06-11] () [File not signed]
    R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
    R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
    R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
    R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
    R2 SAS PC Files Server; C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe [337296 2012-08-16] ()
    S2 SAS [AppDev-Lev1] Connect Spawner; C:\Program Files\SASHome\SASFoundation\9.3\spawner.exe [374632 2011-05-26] ()
    R2 SAS [AppDev-Lev1] FrameworkServer - SAS Framework Data Server; C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe [235880 2011-05-03] ()
    S2 SAS [AppDev-Lev1] Remote Services; C:\Program Files\SASHome\SASFoundationServices\9.3\wrapper.exe [204800 2006-10-17] () [File not signed]
    R2 SAS [AppDev-Lev1] SASMeta - Metadata Server; C:\Program Files\SASHome\SASFoundation\9.3\sas.exe [127336 2011-05-26] ()
    S2 SAS [AppDev-Lev1] Share Server; C:\Program Files\SASHome\SASFoundation\9.3\sas.exe [127336 2011-05-26] ()
    R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
    S2 Myots; "C:\Users\Osula\AppData\Roaming\TiaeuNuwgo\Geiou.exe" -cms [X]
    S2 SAS [AppDev-Lev1] Object Spawner; "C:\Program Files\SASHome\SASFoundation\9.3\objspawn" -name "SAS [AppDev-Lev1] Object Spawner" [X]
     
  2. Nommers

    Nommers TS Rookie Topic Starter

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
    R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-14] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
    R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
    U0 rmmahfw; C:\Windows\System32\drivers\cdloo.sys [79064 2016-06-14] (Malwarebytes)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
    R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
    R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [61624 2015-08-21] (Synaptics Incorporated)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    R3 ZeoScanner; C:\Windows\System32\DRIVERS\zeoscanner.sys [34592 2016-01-15] (Windows (R) Win 7 DDK provider)
    S3 blNetFilter; \??\C:\WINDOWS\system32\drivers\blNetFilter.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-14 15:43 - 2016-06-14 15:44 - 00027683 _____ C:\Users\Osula\Downloads\FRST.txt
    2016-06-14 15:43 - 2016-06-14 15:43 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\cdloo.sys
    2016-06-14 15:43 - 2016-06-14 15:43 - 00000000 ____D C:\FRST
    2016-06-14 15:42 - 2016-06-14 15:42 - 02385920 _____ (Farbar) C:\Users\Osula\Downloads\FRST64.exe
    2016-06-14 14:40 - 2016-06-14 14:40 - 00000000 ___HD C:\OneDriveTemp
    2016-06-14 01:26 - 2016-05-10 22:31 - 00208776 _____ C:\WINDOWS\system32\Drivers\askProtect64.sys
    2016-06-14 01:20 - 2016-06-14 15:42 - 00000000 ____D C:\ProgramData\WindowsMsg
    2016-06-14 01:20 - 2016-06-14 15:42 - 00000000 ____D C:\ProgramData\Essentware
    2016-06-14 01:20 - 2016-06-14 01:21 - 00000000 ____D C:\Program Files\Essentware
    2016-06-14 01:20 - 2016-06-14 01:20 - 00003646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
    2016-06-14 01:20 - 2016-06-14 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ttwifi
    2016-06-14 01:19 - 2016-06-14 15:42 - 00000000 ____D C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354
    2016-06-13 22:56 - 2016-06-13 22:59 - 00000000 ____D C:\Users\Osula\Documents\Projects
    2016-06-13 19:47 - 2016-06-13 19:47 - 00000000 ____D C:\Users\Osula\Documents\Custom Office Templates
    2016-06-13 10:30 - 2016-06-14 15:43 - 00001309 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk
    2016-06-13 02:00 - 2016-06-13 02:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\WildTangent
    2016-06-13 01:36 - 2016-06-14 15:43 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-06-13 01:36 - 2016-06-14 15:43 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-06-13 01:35 - 2016-06-14 14:45 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-06-13 01:35 - 2016-06-14 14:41 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-06-13 01:35 - 2016-06-13 01:40 - 00003986 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-06-13 01:35 - 2016-06-13 01:40 - 00003754 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-06-13 01:34 - 2016-06-13 01:34 - 00000000 ____D C:\Users\Osula\AppData\Local\Deployment
    2016-06-13 01:33 - 2016-06-14 12:28 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{069F04E0-A70E-4245-ADD0-67843671432B}
    2016-06-13 01:24 - 2016-06-13 01:24 - 00000000 ____D C:\WINDOWS\cWinInfos
    2016-06-13 01:22 - 2016-06-13 01:22 - 00000000 ____D C:\WINDOWS\SysWOW64\CpuHeatMapping
    2016-06-13 01:00 - 2016-06-13 01:00 - 00003260 _____ C:\WINDOWS\System32\Tasks\{F65A491A-6CFB-4A4D-955C-6232D370D843}
    2016-06-13 00:59 - 2016-06-13 00:59 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
    2016-06-13 00:58 - 2016-06-13 00:58 - 01114354 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
    2016-06-13 00:58 - 2016-06-13 00:58 - 00000000 ____D C:\WINDOWS\system32\DAX2
    2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DEA8F0
    2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DE8DF0
    2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B3E6F8
    2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B3C6E8
    2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B244F8
    2016-06-13 00:50 - 2016-06-13 00:50 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DC4048
    2016-06-13 00:50 - 2016-06-13 00:50 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B0C0C8
    2016-06-13 00:48 - 2016-06-13 00:48 - 00000000 ____D C:\WINDOWS\system32\zeo
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0070E5D0
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow006E5D50
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97EB8
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97C48
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97698
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97428
    2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97288
    2016-06-13 00:34 - 2016-06-13 00:34 - 00000000 ____D C:\WINDOWS\system32\joa
    2016-06-13 00:00 - 2016-06-13 00:00 - 00187904 _____ C:\WINDOWS\rsrcs.dll
    2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\SemcTops
    2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Exesowy
    2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Program Files\Common Files\Noobzo
    2016-06-12 23:59 - 2016-06-14 15:42 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
    2016-06-12 23:59 - 2016-06-12 23:59 - 00060136 ____N (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.removed4195953
    2016-06-12 23:56 - 2016-06-14 15:42 - 00000000 ____D C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354
    2016-06-12 23:55 - 2016-06-14 15:42 - 00000000 ____D C:\Users\Osula\AppData\LocalLow\Company
    2016-06-12 23:55 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Local\Tempfolder
    2016-06-12 23:55 - 2016-06-12 23:55 - 00027456 ____N C:\WINDOWS\system32\Drivers\bsdpf64.sys
    2016-06-12 23:55 - 2016-06-12 23:55 - 00026944 ____N C:\WINDOWS\system32\Drivers\bsdpr64.sys
    2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ___HD C:\Program Files (x86)\prestigious
    2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ___HD C:\Program Files (x86)\danza
    2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Gemoajaco
    2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Users\Osula\AppData\Roaming\csdimedia
    2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\uninst
    2016-06-12 23:54 - 2016-06-14 15:43 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater
    2016-06-12 23:46 - 2016-06-12 23:46 - 00127648 _____ C:\Users\Osula\AppData\Local\42844444.exe
    2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
    2016-06-12 23:40 - 2016-06-12 23:43 - 00000000 ____D C:\xampp
    2016-06-12 20:51 - 2016-06-12 23:55 - 00065344 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
    2016-06-12 00:25 - 2016-06-12 00:29 - 00000000 ____D C:\Users\Osula\Documents\Phuc L Lang
    2016-06-08 05:18 - 2016-06-08 05:18 - 00394752 _____ C:\WINDOWS\system32\bi3.exe
    2016-05-26 16:46 - 2016-05-26 16:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2016-05-21 22:03 - 2016-05-28 12:51 - 00000000 ____D C:\Users\Osula\AppData\Local\MicrosoftEdge
    2016-05-21 14:39 - 2016-04-22 00:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2016-05-21 03:31 - 2016-05-21 03:31 - 00000000 ____D C:\Users\Osula\AppData\Local\NetworkTiles
    2016-05-21 03:23 - 2016-05-21 02:55 - 00000000 ___DC C:\WINDOWS\Panther
    2016-05-21 03:20 - 2016-05-21 03:21 - 00000000 ____D C:\Windows.old
    2016-05-21 03:19 - 2016-06-13 00:34 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2016-05-21 03:19 - 2016-06-13 00:34 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-05-21 03:19 - 2016-05-21 03:19 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-05-21 03:19 - 2016-05-21 03:19 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2016-05-21 03:19 - 2016-05-21 03:19 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2016-05-21 03:19 - 2016-05-21 03:19 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2016-05-21 03:19 - 2016-05-21 03:19 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
     
  3. Nommers

    Nommers TS Rookie Topic Starter

    2016-05-21 03:19 - 2016-05-21 03:19 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2016-05-21 03:19 - 2016-05-21 03:19 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2016-05-21 03:19 - 2016-05-21 03:19 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2016-05-21 03:19 - 2016-05-21 03:19 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2016-05-21 03:19 - 2016-05-21 03:19 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2016-05-21 03:19 - 2016-05-21 03:19 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2016-05-21 03:19 - 2016-05-21 03:19 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
    2016-05-21 03:19 - 2016-05-21 03:19 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2016-05-21 03:19 - 2016-05-21 03:19 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
     
  4. Nommers

    Nommers TS Rookie Topic Starter

    2016-05-21 03:19 - 2016-05-21 03:19 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
    2016-05-21 03:19 - 2016-05-21 03:19 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
    2016-05-21 03:19 - 2016-05-21 03:19 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
    2016-05-21 03:14 - 2016-05-21 03:14 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files\Reference Assemblies
    2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files\MSBuild
    2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2016-05-21 03:11 - 2016-05-21 03:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-05-21 03:11 - 2016-05-21 03:11 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-05-21 03:11 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2016-05-21 03:11 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2016-05-21 03:11 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2016-05-21 03:11 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2016-05-21 03:11 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2016-05-21 03:11 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-05-21 03:07 - 2016-05-21 03:07 - 00000000 ____D C:\Users\Osula\Mobile uploads
    2016-05-21 03:03 - 2016-06-14 15:43 - 00002405 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-05-21 03:01 - 2016-05-21 03:01 - 00000000 ____D C:\Users\Osula\AppData\Local\ActiveSync
    2016-05-21 03:00 - 2016-05-21 03:00 - 00000000 ____D C:\Users\Osula\AppData\Local\Publishers
    2016-05-21 02:58 - 2016-06-02 15:45 - 00000000 ____D C:\Users\Osula\AppData\Local\Comms
    2016-05-21 02:58 - 2016-05-21 02:58 - 00000000 ____D C:\Users\Osula\AppData\Local\TileDataLayer
    2016-05-21 02:57 - 2016-05-21 02:57 - 00000020 ___SH C:\Users\Osula\ntuser.ini
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\My Documents
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Music
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
    2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
    2016-05-21 02:48 - 2016-06-13 00:57 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-05-21 02:48 - 2016-05-21 02:48 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
    2016-05-21 02:38 - 2016-06-14 15:43 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-05-21 02:38 - 2016-05-21 02:38 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
    2016-05-21 02:38 - 2016-05-21 02:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
    2016-05-21 02:31 - 2016-05-21 02:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2016-05-21 02:30 - 2016-05-21 03:07 - 00000000 ____D C:\Users\Osula
    2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\My Documents
    2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Videos
    2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Pictures
    2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Music
    2016-05-21 02:27 - 2016-06-13 00:58 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2016-05-21 02:27 - 2016-05-21 02:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\ProgramData\DP45977C.lfl
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\Program Files\Realtek
    2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\Program Files\Common Files\Atheros
    2016-05-21 02:27 - 2015-07-13 10:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2016-05-21 02:27 - 2015-07-13 10:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2016-05-21 02:27 - 2015-07-13 09:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
    2016-05-21 02:26 - 2016-06-14 14:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-05-21 02:26 - 2016-05-21 02:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-05-21 02:26 - 2016-05-21 02:32 - 00000000 ____D C:\Program Files\Intel
    2016-05-21 02:26 - 2016-05-21 02:26 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
    2016-05-21 02:26 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2016-05-21 02:26 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2016-05-21 02:25 - 2016-05-21 02:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
    2016-05-21 02:00 - 2016-05-21 02:53 - 00009528 _____ C:\WINDOWS\diagwrn.xml
    2016-05-21 02:00 - 2016-05-21 02:53 - 00009528 _____ C:\WINDOWS\diagerr.xml
    2016-05-18 15:52 - 2016-06-14 15:43 - 00001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableau 9.3.lnk
    2016-05-18 15:52 - 2016-06-14 15:43 - 00001237 _____ C:\Users\Public\Desktop\Tableau 9.3.lnk
    2016-05-18 15:52 - 2016-05-18 15:53 - 00000000 ____D C:\Users\Osula\AppData\Local\Tableau
    2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\Tableau
    2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\MySQL
    2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
    2016-05-18 15:51 - 2016-05-21 02:40 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
    2016-05-18 15:51 - 2016-05-21 02:40 - 00000000 ____D C:\WINDOWS\system32\1033
    2016-05-18 15:51 - 2016-05-18 15:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
    2016-05-18 15:51 - 2016-05-18 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-06-14 15:43 - 2016-04-27 19:30 - 00001995 _____ C:\Users\Public\Desktop\abMusic.lnk
    2016-06-14 15:43 - 2016-04-27 18:11 - 00001999 _____ C:\Users\Public\Desktop\abPhoto.lnk
    2016-06-14 15:43 - 2016-04-23 13:33 - 00002340 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
    2016-06-14 15:43 - 2016-02-14 02:25 - 00001033 _____ C:\Users\Public\Desktop\TI Connect.lnk
    2016-06-14 15:43 - 2016-02-06 02:18 - 00001349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2015b (32-bit).lnk
    2016-06-14 15:43 - 2016-02-05 22:54 - 00001685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
    2016-06-14 15:43 - 2016-02-05 22:39 - 00001902 _____ C:\Users\Public\Desktop\Minitab 16.lnk
    2016-06-14 15:43 - 2016-02-05 22:32 - 00003171 _____ C:\Users\Osula\Desktop\Shortcut to SecureDownloadManager.exe.lnk
    2016-06-14 15:43 - 2015-12-31 00:15 - 00001863 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2016-06-14 15:43 - 2015-12-31 00:15 - 00001857 _____ C:\Users\Osula\Desktop\Spotify.lnk
    2016-06-14 15:43 - 2015-08-31 19:14 - 00002959 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox.lnk
    2016-06-14 15:43 - 2015-04-02 04:57 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2016-06-14 15:43 - 2015-04-02 04:35 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
    2016-06-14 15:19 - 2015-09-22 16:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-06-14 14:44 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-06-14 14:43 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-06-14 14:40 - 2015-08-27 19:20 - 00000000 ___RD C:\Users\Osula\OneDrive
    2016-06-14 14:39 - 2016-02-06 02:17 - 00000592 _____ C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job
    2016-06-14 14:39 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-06-14 14:39 - 2015-08-27 19:12 - 00000000 __SHD C:\Users\Osula\IntelGraphicsProfiles
    2016-06-14 02:32 - 2016-01-14 23:11 - 00000000 ____D C:\Users\Osula\Documents\Recruitment
    2016-06-13 20:56 - 2015-11-04 17:58 - 00000000 ____D C:\Users\Osula\AppData\Local\ElevatedDiagnostics
    2016-06-13 20:56 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-06-13 19:43 - 2015-08-27 19:12 - 00000000 ____D C:\Users\Osula\AppData\Local\Packages
    2016-06-13 02:00 - 2015-01-12 04:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2016-06-13 02:00 - 2015-01-12 04:30 - 00000000 ____D C:\ProgramData\WildTangent
    2016-06-13 01:35 - 2015-08-28 11:36 - 00000000 ____D C:\Program Files (x86)\Google
    2016-06-13 01:05 - 2015-09-09 18:11 - 00000000 ____D C:\Users\Osula\AppData\Local\acer
    2016-06-13 01:05 - 2015-01-12 04:28 - 00000000 ____D C:\Program Files (x86)\Acer
    2016-06-13 01:04 - 2015-01-12 04:32 - 00000000 ____D C:\Program Files\Acer
    2016-06-13 01:04 - 2015-01-12 04:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
    2016-06-13 00:58 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
    2016-06-13 00:49 - 2016-02-13 06:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-06-13 00:48 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-06-13 00:35 - 2016-02-13 06:11 - 00474312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-06-12 00:31 - 2015-09-09 17:52 - 00000000 ____D C:\Users\Osula\Documents\School
    2016-06-12 00:29 - 2015-09-10 18:41 - 00000000 ____D C:\Users\Osula\Documents\Reference
    2016-06-09 01:19 - 2015-09-01 16:07 - 00353572 _____ C:\Users\Osula\pgm.asv
    2016-06-08 15:42 - 2016-01-14 23:24 - 00000000 ____D C:\Users\Osula\Documents\Miscellaneous
    2016-05-26 17:57 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-05-26 17:54 - 2015-09-01 00:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2016-05-25 19:26 - 2015-08-27 19:14 - 00000000 ____D C:\Users\Osula\AppData\Local\clear.fi
    2016-05-22 13:23 - 2015-01-12 04:28 - 00000000 ____D C:\ProgramData\OEM
    2016-05-21 17:02 - 2016-04-01 19:13 - 00000000 ____D C:\Users\Osula\AppData\Local\Microsoft Help
    2016-05-21 03:23 - 2015-10-30 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2016-05-21 03:20 - 2016-02-13 06:03 - 00000000 ____D C:\Program Files\Windows Journal
    2016-05-21 03:20 - 2015-10-30 00:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 __RSD C:\WINDOWS\Media
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2016-05-21 03:20 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2016-05-21 03:20 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism
    2016-05-21 02:58 - 2016-02-13 06:20 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-05-21 02:58 - 2015-04-02 03:40 - 00000000 ___HD C:\Intel
    2016-05-21 02:55 - 2016-01-31 05:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-05-21 02:55 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-05-21 02:55 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\appcompat
    2016-05-21 02:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2016-05-21 02:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Registration
    2016-05-21 02:46 - 2015-10-30 00:24 - 00000000 __RHD C:\Users\Public\Libraries
    2016-05-21 02:40 - 2016-02-08 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
    2016-05-21 02:40 - 2016-02-08 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
    2016-05-21 02:40 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab
    2016-05-21 02:40 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Help
    2016-05-21 02:40 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-05-21 02:40 - 2015-09-22 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-05-21 02:40 - 2015-09-01 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-05-21 02:40 - 2015-09-01 00:12 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
    2016-05-21 02:40 - 2015-08-28 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS
    2016-05-21 02:40 - 2015-08-28 12:21 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAS
    2016-05-21 02:40 - 2015-08-28 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
    2016-05-21 02:40 - 2015-08-28 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-05-21 02:40 - 2015-04-02 05:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
    2016-05-21 02:40 - 2015-04-02 04:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRIVATE WiFi
    2016-05-21 02:38 - 2013-08-22 06:36 - 00000000 ____D C:\Users\Default.migrated
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2016-05-21 02:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
    2016-05-21 02:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
    2016-05-21 02:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-05-21 02:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\InputMethod
    2016-05-21 02:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\MediaViewer
    2016-05-21 02:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS
    2016-05-21 02:32 - 2016-02-14 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
    2016-05-21 02:32 - 2016-02-06 02:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
    2016-05-21 02:32 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-05-21 02:32 - 2015-04-02 04:39 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
    2016-05-21 02:32 - 2015-01-12 04:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
    2016-05-21 02:32 - 2015-01-12 04:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
    2016-05-21 02:32 - 2015-01-12 04:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
    2016-05-21 02:32 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
    2016-05-21 02:29 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2016-05-21 02:00 - 2016-02-13 07:21 - 00000000 ___HD C:\$WINDOWS.~BT
    2016-05-18 15:53 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\FLEXnet
    2016-05-18 15:52 - 2015-08-31 22:53 - 00000875 _____ C:\WINDOWS\ODBCINST.INI
    2016-05-18 15:51 - 2015-01-12 04:33 - 00000000 ____D C:\ProgramData\Package Cache

    ==================== Files in the root of some directories =======

    2016-06-12 23:46 - 2016-06-12 23:46 - 0127648 _____ () C:\Users\Osula\AppData\Local\42844444.exe
    2015-09-22 15:47 - 2015-09-22 15:47 - 0007594 _____ () C:\Users\Osula\AppData\Local\Resmon.ResmonCfg
    2016-05-21 02:27 - 2016-05-21 02:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Osula\AppData\Local\Temp\3030.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\3E9C.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\476A.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\4BA.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\4xvpymD5X1.exe
    C:\Users\Osula\AppData\Local\Temp\54BA.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\5BA6.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\69F2.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\9559.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\9E77.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\A59.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\AcerPortalSetup.exe
    C:\Users\Osula\AppData\Local\Temp\B78.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\C0B0.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\ChTo8XmqB0.exe
    C:\Users\Osula\AppData\Local\Temp\D81.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\E021.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\evQZosh5zN.exe
    C:\Users\Osula\AppData\Local\Temp\F286.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\F330.tmp.exe
    C:\Users\Osula\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
    C:\Users\Osula\AppData\Local\Temp\Q2r9AMAT5r.exe
    C:\Users\Osula\AppData\Local\Temp\uytbS09mtL.exe
    C:\Users\Osula\AppData\Local\Temp\Vw0gp8AVWh.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll
    [2016-05-21 03:19] - [2016-06-13 00:34] - 0686976 ____A (Microsoft Corporation) DDAB6F48DBA750B6F17F64C72F7B3770

    C:\WINDOWS\SysWOW64\dnsapi.dll
    [2016-05-21 03:19] - [2016-06-13 00:34] - 0535080 ____A (Microsoft Corporation) 3CBC9463DB18B913F34FD1FB7196E969

    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-06-08 14:28

    ==================== End of FRST.txt ============================
     
  5. Nommers

    Nommers TS Rookie Topic Starter

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2016
    Ran by Osula (2016-06-14 15:44:54)
    Running from C:\Users\Osula\Downloads
    Windows 10 Home Version 1511 (X64) (2016-05-21 09:55:12)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3693202215-1944876337-163887280-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3693202215-1944876337-163887280-503 - Limited - Disabled)
    Guest (S-1-5-21-3693202215-1944876337-163887280-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3693202215-1944876337-163887280-1003 - Limited - Enabled)
    Osula (S-1-5-21-3693202215-1944876337-163887280-1001 - Administrator - Enabled) => C:\Users\Osula

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: PCKeeper Antivirus (Enabled - Up to date) {156D9A2F-8BF7-CC79-6637-F31E244756C7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: PCKeeper Antivirus (Enabled - Up to date) {AE0C7BCB-ADCD-C3F7-5C87-C86C5FC01C7A}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2004.0 - Acer Incorporated)
    abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
    AccountService (Version: 1.1.69 - Essentware) Hidden
    Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
    Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
    Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
    Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
    Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
    Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
    Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
    Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
    Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
    AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bootstrapper (x32 Version: 1.1.2.0 - Minitab, Inc.) Hidden
    Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
    CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
    Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
    Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
    J2SE Development Kit 5.0 Update 15 (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0150150}) (Version: 1.5.0.150 - Sun Microsystems, Inc.)
    Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
    Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
    Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
    Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024F0}) (Version: 6.0.240 - Oracle)
    Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
    King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
    LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    MATLAB R2015b (32-bit) (HKLM-x32\...\Matlab R2015b) (Version: 8.6 - MathWorks)
    Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4823.1004 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.4 - Minitab, Inc.)
    Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
    Minitab16 (x32 Version: 16.2.4.0 - Minitab Inc) Hidden
    Minitab16 (x32 Version: 16.2.4.0 - Minitab, Inc.) Hidden
    MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
    NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1073 - Microsoft Corporation) Hidden
    Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
    Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
    Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
    psqlODBC_x64 (HKLM\...\{C0249921-2C35-47C1-83D8-8EABC438A96F}) (Version: 09.03.0400 - PostgreSQL Global Development Group)
    Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
    Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
    R for Windows 3.2.3 (HKLM\...\R for Windows 3.2.3_is1) (Version: 3.2.3 - R Core Team)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
    SAS 9.3 (HKLM-x32\...\{bcd538f9-31bf-4730-920a-066a6f7fb10d}) (Version: - SAS)
    SAS 9.4 (HKLM-x32\...\{adfa23ed-d64f-40f3-bd52-8c4a9a1ff982}) (Version: 9.4 - SAS)
    SAS Enterprise Guide 6.1 (64-bit) (Version: 6.100.0.2870 - SAS Institute Inc.) Hidden
    SAS Framework Data Server 2.2 (HKLM-x32\...\SAS Framework Data Server 2.2) (Version: 2.2 - SAS Institute Inc.)
    Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
    Self-service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
    SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
    Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
    Tableau 9.3 (9300.16.0511.2203) (HKLM-x32\...\{68e685be-aa2b-4592-95bc-bf8e05d34758}) (Version: 9.3.808 - Tableau Software)
    Tableau 9.3 (9300.16.0511.2203) (Version: 9.3.808 - Tableau Software) Hidden
    The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
    TI Connectâ„¢ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
    Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
    Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
    XAMPP (HKLM-x32\...\xampp) (Version: 5.6.21-0 - Bitnami)
    Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3693202215-1944876337-163887280-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02A04770-CD3C-485C-83F1-1AA2C0C81DB6} - \UbtFrameworkService -> No File <==== ATTENTION
    Task: {107D0368-C3E5-41DB-98A9-A9F46F86E0DA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {113489A1-49D4-49ED-9983-CE3296CC4C61} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {134E4787-8D7E-447A-91FF-19E64B1E24BD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {186F655B-27C7-4BD7-A070-D3EADA4FFE94} - \WindApp Update -> No File <==== ATTENTION
    Task: {19133244-19C3-4782-B3DB-0B06AFE888D5} - \Quick Access Quick Launcher -> No File <==== ATTENTION
    Task: {1AE06EF9-EC5F-4C55-9BE5-CDC74842435B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {1FD2A7B1-09BE-45EE-8C4F-EA63CF3886C8} - \Selection Tools Update -> No File <==== ATTENTION
    Task: {22F3BE95-FB53-4C89-888A-167D679A86A3} - \{6D7080EC-D4B7-4A83-9386-58DEBB7D0FB2} -> No File <==== ATTENTION
    Task: {295D7737-2309-4424-B9D7-833CC2EB4B13} - \Software Update Application -> No File <==== ATTENTION
    Task: {34879891-36B0-4BF5-A8EB-01C8542CFE46} - \Power Management -> No File <==== ATTENTION
    Task: {379EECD1-F5E8-4554-B282-FBDB59FFDE8C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
    Task: {3D65FD9A-EE8C-4CC7-B0A5-8B91E5399C20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {43223F43-6695-4F2A-B202-D08F8E63AE22} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {448950F6-1F95-4E5E-87FC-199E8EB046AC} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
    Task: {45AA7B8D-6F22-4983-A5FA-6C6EC0D7B89B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
    Task: {4802B6CB-A43E-4410-8A6D-11F50BA18651} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
    Task: {5375506E-E3D5-43B4-85DF-90DDC4FEF26F} - \SMW_UpdateTask_Time_333739323335303332302d782d233257574a5a4145502a -> No File <==== ATTENTION
    Task: {58E0250C-EA74-46DB-99D0-E655F658F16E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
    Task: {5BFC5580-D154-4020-86D7-6D24B81A130B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {5C5A31E2-4D22-4014-8F6D-16C2E66D706E} - \PCKeeper updater -> No File <==== ATTENTION
    Task: {68BA3724-A993-492E-B35E-B6ED7ACF0295} - \ConsumerInputUpdateTaskMachineCore -> No File <==== ATTENTION
    Task: {708157A3-D245-4F5F-99B1-18C0C5B9DCFE} - \44143837 -> No File <==== ATTENTION
    Task: {73102AAE-29AC-45FB-BA44-AD019FF0CD18} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
    Task: {75088D6F-C2C4-47CD-A04B-A33411959ADE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {7B2AA5F0-DE3C-4133-8282-3E230C8D46FC} - \ACCAgent -> No File <==== ATTENTION
    Task: {7B61A858-24F5-4EF7-AA07-B142381B7FA5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8013F081-549B-44F6-A7CD-27DE74864F03} - \MATLAB R2015b Startup Accelerator -> No File <==== ATTENTION
    Task: {80826F0F-EDA0-410B-AA8C-2D0212CF38DF} - \CIMT_daily_S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
    Task: {85EAD11B-4D8E-4D42-BC6D-503D019D0960} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
    Task: {86256121-D7E4-4F79-A852-593843DA09FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {8AF2B577-1935-40A9-9D59-12CB46E068D4} - \Pritc -> No File <==== ATTENTION
    Task: {930D8135-A0E1-4B94-BE50-0ACAA7D6C7B8} - \CIMT_S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
    Task: {954F652B-4FFB-4659-9AF2-903F35C11706} - \Pa4414383744143837 -> No File <==== ATTENTION
    Task: {9586E6DD-DFEE-4301-9FAD-A11768C7BA92} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
    Task: {9F7CE08B-39C2-49ED-997A-C3575AC74594} - \McAfeeLogon -> No File <==== ATTENTION
    Task: {A9EC8238-46E6-4A94-BAB7-9862CC200EDA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
    Task: {AB53C257-895E-42DB-9D97-E13E387BEB59} - \Quick Access -> No File <==== ATTENTION
    Task: {B03E8F13-0C91-493A-8B3F-5F800B10CBED} - \ConsumerInputUpdateTaskMachineUA -> No File <==== ATTENTION
    Task: {B8BDD896-7C13-46C9-8E1C-1E52531E68A1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
    Task: {B9271889-0C80-49A7-A968-B89C59848397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {BB48F50A-249F-4E47-BE98-280072B8D569} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
    Task: {BE11E725-E4E7-4955-9FC0-B7C4E38F25F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {BF52DA91-F1A3-4BC9-A6FC-6ABC27C69F65} - \Optimize Start Menu Cache Files-S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
    Task: {C12FD3E7-4355-46DB-BBBB-A98A31B12343} - \Launch Manager -> No File <==== ATTENTION
    Task: {C404B3E7-83D0-44E8-8168-D0B915A7E3DD} - System32\Tasks\{F65A491A-6CFB-4A4D-955C-6232D370D843} => pcalua.exe -a "C:\Program Files (x86)\Acer\Acer Portal\uninstall.exe"
    Task: {C4AE7FA5-B20D-40E2-BACE-38A8AC27493A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {CDFD2F6A-7813-4AAE-A958-EB507EB319AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
    Task: {D36EEDBC-BDC3-45A1-8470-15D34109A346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {D4F60932-E833-4912-A748-3050F4ECF804} - \ttwifi -> No File <==== ATTENTION
    Task: {D7C01BC7-3CB8-47E2-A5CF-3F3182D9CD3D} - \BacKGroundAgent -> No File <==== ATTENTION
    Task: {E34A5656-79E3-4E6C-9BFC-6B2F541DDC75} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {E451FF6B-3322-4520-BB63-DBFDA48A4464} - \MAXDriverUpdaterRunAtStartup -> No File <==== ATTENTION
    Task: {EB400857-50E7-405A-80D7-22E365526D8D} - \ACC -> No File <==== ATTENTION
    Task: {EDE2FE96-67A5-44BC-859F-AE0312A27E0F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {EEE9F3CA-6FE3-4C3A-9677-B28DFE4F8DB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
    Task: {FA732DF9-24CD-43DD-850A-61F86CACA045} - \Optimize Start Menu Cache Files-S-1-5-21-3693202215-1944876337-163887280-500 -> No File <==== ATTENTION
    Task: {FD60006C-32A0-4B5A-AAB1-3386C67562C5} - \osTip -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files (x86)\MATLAB\R2015b\bin\win32\MATLABStartupAccelerator.exe
    Task: C:\WINDOWS\Tasks\McAfeeLogon.job => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION (yeabests)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-08-28 12:25 - 2011-05-26 05:21 - 00127336 _____ () C:\Program Files\SASHome\SASFoundation\9.3\sas.exe
    2015-08-28 12:23 - 2011-05-26 05:59 - 00762880 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkmk.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00350720 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknls.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00686080 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsenc.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 01820672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsldb.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00709632 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsudb.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00116224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsicv.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00889344 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlssb.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00204288 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsloc.dll
    2015-08-28 12:23 - 2011-05-26 05:57 - 00092672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkevlgio.dll
    2015-08-28 12:23 - 2011-05-26 05:47 - 00101376 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\skndns.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00431616 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkl4sas.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00096768 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aboot.dll
    2015-08-28 12:23 - 2011-05-26 05:58 - 00157184 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkioe.dll
    2015-08-28 12:24 - 2011-05-26 06:00 - 00265216 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tksecure.dll
    2015-08-28 12:23 - 2011-05-26 05:56 - 00099840 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeeam.dll
    2015-08-28 12:23 - 2011-05-26 05:55 - 00190464 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkarm.dll
    2015-08-28 12:23 - 2011-05-26 05:56 - 00312832 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeavl.dll
    2015-08-28 12:25 - 2011-06-07 15:46 - 02561536 _____ () C:\Program Files\SASHome\SASFoundation\9.3\sashost.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00593408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlssm.dll
    2015-08-28 12:25 - 2011-05-26 05:30 - 00225792 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswztx.dll
    2015-08-28 12:25 - 2011-05-26 05:21 - 02039296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasvwu.dll
    2015-08-28 12:25 - 2011-05-26 05:21 - 00146944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVRES.dll
    2015-08-28 12:24 - 2011-05-26 05:21 - 01216512 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVICON.dll
    2015-08-28 12:25 - 2011-05-26 05:21 - 00971264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVBMP.dll
    2015-08-28 12:25 - 2011-05-26 05:30 - 00233984 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswzx.dll
    2015-08-28 12:25 - 2011-06-07 15:54 - 00155136 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswob.dll
    2015-08-28 12:24 - 2011-06-07 15:54 - 00244224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswobs.dll
    2015-08-28 12:25 - 2011-05-26 05:44 - 01012224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxkern.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00466944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyh.dll
    2015-08-28 12:25 - 2011-05-26 05:45 - 00244736 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7.dll
    2015-08-28 12:25 - 2011-05-26 05:30 - 00278016 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswzsd.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00075776 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyzcrl.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00074752 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyzcr2.dll
    2015-08-28 12:23 - 2011-05-26 05:57 - 00192000 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeutil.dll
    2015-08-28 12:23 - 2011-05-26 06:00 - 00113664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkstring.dll
    2015-08-28 12:24 - 2011-05-26 05:44 - 00670208 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxshel.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00122368 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aroll.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00135168 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4awinf.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00110592 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aioms.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00149504 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkl4iio.dll
    2015-08-28 12:23 - 2011-05-26 05:58 - 00121856 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiop.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00113152 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aiome.dll
    2015-08-28 12:25 - 2011-05-26 05:43 - 00055296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxbam.dll
    2015-08-28 12:25 - 2011-05-26 05:44 - 00177664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxug.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00111616 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7lu.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00129024 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xrt.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00133120 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7l.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xgt.dll
    2015-08-28 12:24 - 2011-05-26 05:44 - 00082944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxsmw.dll
    2015-08-28 12:25 - 2011-05-26 05:43 - 00081408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sastksrv.dll
    2015-08-28 12:24 - 2011-05-26 05:33 - 00485888 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasdosm.dll
    2015-08-28 12:24 - 2011-05-26 05:46 - 00084480 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyys.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00219136 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7yse.dll
    2015-08-28 12:24 - 2011-05-26 05:46 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xin.dll
    2015-08-28 12:24 - 2011-05-26 05:46 - 00096768 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xdl.dll
    2015-08-28 12:25 - 2011-05-26 05:25 - 00113664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxgtf.dll
    2015-08-28 12:25 - 2011-05-26 05:44 - 00147456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxkrn2.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00080384 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiohq.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00117248 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4afref.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00102400 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomen.dll
    2015-08-28 12:23 - 2011-05-26 05:57 - 00114176 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkequ.dll
    2015-08-28 12:24 - 2011-06-07 15:58 - 00770048 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomsvc.dll
    2015-08-28 12:23 - 2011-05-26 05:57 - 00370688 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkexml.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00095232 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aiomc.dll
    2015-08-28 12:23 - 2011-05-26 05:58 - 00211456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkitcp.dll
    2015-08-28 12:23 - 2011-05-26 05:57 - 00143360 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkepdl.dll
    2015-08-28 12:23 - 2011-05-26 06:00 - 00079360 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkperf.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00094208 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomjnl.dll
    2015-08-28 12:23 - 2011-06-07 15:57 - 04475904 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkomi.dll
    2015-08-28 12:24 - 2011-05-26 05:59 - 00832512 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkomip.dll
    2015-08-28 12:24 - 2011-05-26 06:00 - 04594176 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkoms.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00196096 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkbplus.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkepm.dll
    2015-08-28 12:24 - 2011-05-26 05:56 - 00095744 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkela.dll
    2015-08-28 12:24 - 2011-05-26 05:56 - 00270336 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmt.dll
    2015-08-28 12:24 - 2011-06-01 20:47 - 00160256 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfms.dll
    2015-08-28 12:24 - 2011-05-26 05:56 - 00100352 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfbi.dll
    2015-08-28 12:24 - 2011-06-01 20:47 - 00145408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfdt.dll
    2015-08-28 12:24 - 2011-06-01 20:47 - 00115200 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmftm.dll
    2015-08-28 12:24 - 2011-05-26 05:56 - 00113152 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfuw.dll
    2015-08-28 12:24 - 2011-06-01 20:47 - 00299008 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfnl.dll
    2015-08-28 12:24 - 2011-05-26 05:48 - 00295936 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0b3en.dll
    2015-08-28 12:27 - 2011-05-26 05:57 - 00515584 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkersa2.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkesasio.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00096256 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkemvasv.dll
    2015-08-28 12:25 - 2011-05-26 05:37 - 00081408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasolpsv.dll
    2015-08-28 12:24 - 2011-05-26 05:46 - 00083456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7ld.dll
    2015-08-28 12:25 - 2011-05-26 05:37 - 00069632 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasolpwt.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00276992 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkewh.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00104960 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeparse.dll
    2015-08-28 12:24 - 2011-05-26 05:57 - 00147968 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tketok.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00084992 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasmvaio.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00135680 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyhl.dll
    2015-08-28 12:25 - 2011-05-26 05:32 - 00236544 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saseimdb.dll
    2015-08-28 12:24 - 2011-05-26 05:32 - 00213504 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasimdba.dll
    2015-08-28 12:24 - 2011-05-26 05:55 - 00232960 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkbtree.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00421888 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyoio.dll
    2015-08-28 12:25 - 2011-05-26 05:44 - 00406528 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxmac.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00155648 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7opn.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00248320 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7io.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7up.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00076800 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xop.dll
    2015-08-28 12:25 - 2011-05-26 05:46 - 00135168 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyoix.dll
    2015-08-28 12:23 - 2011-05-26 05:47 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0a0en.dll
    2015-08-28 12:25 - 2011-05-26 06:07 - 00135680 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswgp.dll
    2015-08-28 12:25 - 2011-05-26 05:44 - 00421376 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxwher.dll
    2015-08-28 12:24 - 2011-05-26 05:36 - 00075264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasomssv.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 01335296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiompeb.dll
    2015-08-28 12:24 - 2011-05-26 05:48 - 00171520 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0a6en.dll
    2015-08-28 12:24 - 2011-05-26 05:58 - 00265216 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomsam.dll
    2015-08-28 12:23 - 2011-05-26 05:49 - 00108544 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0b8en.dll
    2015-08-28 12:25 - 2011-05-26 05:33 - 01503744 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasautop.dll
    2015-08-28 12:25 - 2011-05-26 05:35 - 00121344 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sassrvp.dll
    2015-08-28 12:24 - 2011-05-26 05:35 - 00757248 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasomip.dll
    2015-08-28 12:24 - 2011-05-26 05:49 - 00092672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0c0en.dll
    2015-08-28 12:25 - 2011-05-26 05:11 - 00139264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saszcpy.dll
    2016-06-12 20:49 - 2016-06-12 20:49 - 00170496 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Gemoajaco.exe
    2015-09-01 00:29 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2016-06-12 17:36 - 2016-06-12 17:36 - 00121344 ____N () C:\Users\Osula\AppData\Roaming\SemcTops\Wenaooak.exe
    2015-09-04 16:38 - 2012-08-16 00:26 - 00337296 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe
    2015-01-12 04:30 - 2012-04-24 03:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    2015-08-28 12:30 - 2011-05-03 16:35 - 00235880 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe
    2015-08-28 12:30 - 2011-05-03 16:24 - 00745984 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkmk.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 02037760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknls.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 01845760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlsldb.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00991232 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlssb.dll
    2015-08-28 12:30 - 2008-12-20 19:52 - 00133120 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkevlgio.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00140800 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\skndns.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00408064 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkl4sas.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00138752 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aboot.dll
    2015-08-28 12:30 - 2011-05-03 16:28 - 00193024 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkioe.dll
    2015-08-28 12:30 - 2011-05-03 16:28 - 00293376 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tksecure.dll
    2015-08-28 12:30 - 2011-06-07 12:49 - 00158720 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeeam.dll
    2015-08-28 12:30 - 2011-05-03 16:26 - 00227840 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkarm.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00279040 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkecradl.dll
    2015-08-28 12:30 - 2011-05-03 16:23 - 00196096 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a8en.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00172544 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aroll.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00158208 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aioms.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00193024 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkl4iio.dll
    2015-08-28 12:30 - 2008-12-20 19:51 - 00160768 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiop.dll
    2015-08-28 12:30 - 2011-05-03 16:29 - 00210944 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeutil.dll
    2015-08-28 12:30 - 2008-12-20 19:51 - 00151552 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstring.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00160768 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aiome.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00361472 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketmi.dll
    2015-08-28 12:30 - 2011-05-03 16:30 - 00180736 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkehml.dll
    2015-08-28 12:30 - 2011-05-03 16:29 - 00245248 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeuri.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00216064 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkedflic.dll
    2015-08-28 12:30 - 2011-05-03 16:26 - 00131584 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomen.dll
    2015-08-28 12:30 - 2011-05-03 16:28 - 00858624 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomsvc.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00376320 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkexml.dll
    2015-08-28 12:30 - 2008-12-20 19:51 - 00362496 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeavl.dll
    2015-08-28 12:30 - 2011-05-03 16:31 - 00137728 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aiomc.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00327168 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkepdl.dll
    2015-08-28 12:30 - 2008-12-20 19:51 - 00125440 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkperf.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00135680 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomjnl.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00453632 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstsv.dll
    2015-08-28 12:30 - 2011-05-03 16:32 - 00985088 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstsvp.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00264704 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkedcm.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00188416 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketsc.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00471552 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkepre.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00391168 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketsb.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00185856 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkevp.dll
    2015-08-28 12:30 - 2008-12-20 19:55 - 01038336 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkcg.dll
    2015-08-28 12:30 - 2010-03-24 23:58 - 00177664 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkefd.dll
    2015-08-28 12:30 - 2011-05-03 16:36 - 00941056 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkescfb.dll
    2015-08-28 12:31 - 2011-06-07 12:49 - 00603648 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkersa2.dll
    2015-08-28 12:30 - 2011-05-03 16:28 - 00137728 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeencr.dll
    2015-08-28 12:30 - 2011-05-03 16:32 - 00178688 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tksecas.dll
    2015-08-28 12:30 - 2011-05-03 16:36 - 00195072 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkdfascl.dll
    2015-08-28 12:30 - 2011-05-03 16:22 - 00211968 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0d1en.dll
    2015-08-28 12:30 - 2011-05-03 16:37 - 00514560 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkefire.dll
    2015-08-28 12:30 - 2011-05-03 16:36 - 00301568 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tket2q.dll
    2015-08-28 12:30 - 2011-05-03 16:35 - 00219648 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkecat.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 01753600 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlsmb.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 01399808 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiompeb.dll
    2015-08-28 12:30 - 2008-12-20 19:33 - 00208384 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a6en.dll
    2015-08-28 12:30 - 2011-05-03 16:26 - 00437760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomsam.dll
    2015-08-28 12:30 - 2011-05-03 16:27 - 00187392 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkitcp.dll
    2015-08-28 12:30 - 2008-12-20 19:37 - 00150528 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0b8en.dll
    2015-08-28 12:30 - 2008-12-20 19:38 - 00143360 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a0en.dll
    2016-06-12 17:36 - 2016-06-12 17:36 - 00170496 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Exesowy.exe
    2016-06-13 01:22 - 2016-06-11 15:57 - 00012288 _____ () C:\WINDOWS\SysWOW64\CpuHeatMapping\16641\CpuHeatMapping.exe
    2016-06-13 01:24 - 2016-06-11 19:26 - 00015872 _____ () C:\WINDOWS\cWinInfos\16610\WinInfos.exe
    2016-06-14 00:02 - 2016-06-14 00:02 - 00272896 _____ () C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354\knscC89C.tmp
    2015-12-26 01:59 - 2015-12-26 01:59 - 00158720 _____ () C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354\qnsw90E4.tmp
    2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-05-21 02:27 - 2015-07-13 10:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-06-12 17:37 - 2016-06-12 17:37 - 00668672 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.dll
    2016-06-12 20:50 - 2016-06-12 20:50 - 00668672 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
    2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2015-01-12 04:36 - 2014-08-22 19:21 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
    2016-05-21 03:03 - 2016-05-21 03:03 - 00959168 _____ () C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
    2015-10-27 18:57 - 2015-09-01 09:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-06-12 17:37 - 2016-06-12 17:37 - 00143872 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.exe
    2016-06-12 20:50 - 2016-06-12 20:50 - 00143872 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.exe
     
  6. Nommers

    Nommers TS Rookie Topic Starter

    2016-02-13 05:54 - 2016-02-13 05:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-05-21 03:19 - 2016-05-21 03:19 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
    2015-10-30 00:18 - 2016-02-13 06:03 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
    2015-10-30 00:18 - 2016-02-13 06:03 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
    2015-10-30 00:18 - 2016-02-13 06:02 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
    2016-06-12 23:46 - 2016-06-12 23:46 - 00036767 _____ () C:\Program Files (x86)\danza\sodom.exe
    2016-05-12 12:04 - 2016-05-12 12:04 - 00102080 _____ () C:\Program Files\Essentware\PCKeeper\OneClickFixServicePS.dll
    2016-05-12 12:04 - 2016-05-12 12:04 - 00092864 _____ () C:\Program Files\Essentware\PCKeeper\SharedNativeLibraryPS.dll
    2016-06-12 23:46 - 2016-06-12 23:46 - 00010752 ____N () C:\Program Files (x86)\prestigious\modality.exe
    2016-06-12 23:46 - 2016-06-12 23:46 - 00006656 ____N () C:\Program Files (x86)\prestigious\settings.dll
    2016-05-21 03:46 - 2016-05-21 03:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-06-13 01:36 - 2016-06-03 18:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
    2016-06-13 01:36 - 2016-06-03 18:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
    2016-06-13 01:36 - 2016-06-03 18:01 - 31491736 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
    2016-06-12 20:49 - 2016-06-12 20:49 - 00112128 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.exe
    2016-06-12 17:36 - 2016-06-12 17:36 - 00112128 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.exe
    2016-06-12 17:37 - 2016-06-13 00:00 - 00218624 ____N () C:\Users\Osula\AppData\Roaming\SemcTops\Apexkoun.din
    2015-09-04 16:38 - 2012-08-16 00:26 - 00720896 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkmk.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00294912 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknls.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00618496 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsenc.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 01626112 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsldb.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00692224 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsudb.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00114688 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsicv.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00737280 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlssb.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00180224 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsloc.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00094208 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkevlgio.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00098304 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\skndns.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00348160 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkl4sas.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00094208 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tk4aboot.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00147456 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkioe.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00233472 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tksecure.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00102400 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeeam.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00167936 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkarm.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00299008 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeavl.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00217088 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkecradl.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00155648 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\t0a8en.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00192512 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkitcp.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00135168 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkepdl.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00114688 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkstring.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00098304 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeencr.dll
    2015-09-04 16:38 - 2012-08-16 00:26 - 00159744 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkels.dll
    2016-06-12 23:55 - 2015-06-23 15:19 - 00168448 _____ () C:\Program Files (x86)\Max Driver Updater\unrar.dll
    2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
    2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
    2016-05-21 03:03 - 2016-05-21 03:03 - 00679624 _____ () C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
    2016-06-12 17:37 - 2016-06-12 17:37 - 00258560 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.dll
    2016-06-12 20:49 - 2016-06-12 20:49 - 00258560 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.dll
    2016-02-22 20:31 - 2016-02-22 20:31 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
    2016-05-21 03:46 - 2016-05-21 03:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-05-21 03:46 - 2016-05-21 03:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
    2016-02-22 20:34 - 2016-02-22 20:34 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
    2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
    2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
    2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
    2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
    2016-05-21 02:32 - 2016-05-21 02:32 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
    2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
    2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 06:25 - 2016-06-14 15:42 - 00001960 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    107.178.255.88 www.statcounter.com
    107.178.255.88 statcounter.com
    107.178.255.88 ssl.goo.88 partner.googleadservices.com
    107.178.255.88 google-analytics.com
    107.178.255.88 www.statcounter.com
    107.178.255.88 statcounter.com
    107.178.255.88 ssl.goo.88 partner.googleadservices.com
    107.178.255.88 google-analytics.com
    107.178.255.88 www.statcounter.com
    107.178.255.88 statcounter.com
    107.178.255.88 ssl.goo.88 partner.googleadservices.com
    107.178.255.88 google-analytics.com
    107.178.255.88 www.statcounter.com
    107.178.255.88 statcounter.com
    107.178.255.88 ssl.goo.88 partner.googleadservices.com
    107.178.255.88 google-analytics.com127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 www.czzsyzgm.com
    127.0.0.1 www.czzsyzxl.com
    127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 www.czzsyzgm.com
    127.0.0.1 www.czzsyzxl.com
    127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 www.czzsyzgm.com
    127.0.0.1 www.czzsyzxl.com
    127.0.0.1 union.baidu2019.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 208.67.222.222 - 208.67.222.220
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{84400623-2BFB-4F8B-8172-8EC524DA54AC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{7223D46D-6415-4441-815C-2D020BE4AC4B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{A69DD841-0684-429F-BA7D-8982E935046B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{F0B74212-AB9C-466A-A1B6-9BCADE2F2AB3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{0A6EAF22-31C5-4E56-934C-F2A85AC742EF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{15A89E04-0A93-430E-8D05-A3DBD413B45C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{FCB1A060-8723-4BD9-B120-D01BD9344C0E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{BAC31D7A-CD08-4D91-A5F3-641CA474529B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{B4030DB2-DF18-4252-830E-A3052898A83F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{03E63D44-1699-41D0-AEE7-55075E34895D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{56946673-C341-477A-B841-738B5AE72810}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{37D1894C-4793-4869-BB70-306E92073078}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{9657EA56-EF2B-4760-8428-99776C65A148}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{654A1C57-0FD7-4935-9DBC-7E5670FEF1E6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
    FirewallRules: [{8EDEF44B-24F6-4C5E-B7D4-D995AC792263}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [{9143C4A5-1E3E-404D-A205-F5AB784C8B82}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
    FirewallRules: [UDP Query User{5252EC73-73B2-49E7-997D-BCF61D0DEC87}C:\users\osula\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\osula\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{F409501D-4464-4409-B54F-84AF94E6FE33}C:\users\osula\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\osula\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{0E1FF49D-960F-43C3-BE99-C6AFCD9B6B6F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{48E02306-33DF-4421-B3EA-CB65AE51A287}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{7358FECC-6010-44ED-8DB6-A33AD78923DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{9568BA53-9392-493E-A97F-E7423E9A1870}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{742E30BD-CB08-4851-AE00-BAB20B599AFB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{9371F8B6-0880-4FC1-AD78-55442D002FBE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{1F8AB10D-980B-4C31-B536-4C7BE3820D9A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{B420B3EB-8B2A-42C6-9893-C1A145AEE61C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{F2F7A823-AB10-4CAA-859C-980F23F288F2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{3ECF4C46-0094-4E37-93EE-046E6ACEA237}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{6E8453E5-1877-4E3A-B498-C31F9DDAED20}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{7C93CB88-65FC-4749-BAED-211A60E91C04}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{FEF6BDF4-1D03-4A26-95A6-40264AC20DDA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [UDP Query User{6FF348DC-FE6F-42FC-B69D-578D34CCEB5A}C:\program files (x86)\java\jre1.6.0_24\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.6.0_24\bin\java.exe
    FirewallRules: [TCP Query User{596E9793-5178-4B54-B6BF-07B647900C1B}C:\program files (x86)\java\jre1.6.0_24\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.6.0_24\bin\java.exe
    FirewallRules: [{E798EBB5-723C-463C-8CF5-B628059C555C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{2BB6E534-450C-490C-A4BA-E4E064275198}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{9EEC3E5E-B7C5-438D-9B22-1A450C34C1CF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{52A83735-E625-44E3-9F2A-DB46112F3216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{1F259B24-CA11-4A1B-8365-06556D3F9329}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{5A75AA31-1533-48F2-ACB3-FC867C14E002}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{13422E11-D316-411F-83D0-9A90508429D8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{E71C79F6-634A-4DFD-AD8B-98F9F01BDC3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{0ED98AC0-FB68-486E-B07B-60789700C945}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{60DE8919-D757-4F18-B864-8B1CD89DAB81}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{CDE4FD7A-A7AE-41A3-8CEB-72731909B51B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{81807977-CBBE-4100-B5BD-E3B5CFBDE67A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{E7EEE991-A2A0-4C1B-B01C-2775DD6310F1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{C6168575-91FA-482F-9F6D-7E234D43FA8B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{3B808315-4573-43BB-A18F-BC146C594F71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{C41D5191-674A-444A-80B2-5C1852302C6A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{E5A6A855-B78A-4182-AF29-4FA65C81FA0E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{BAC4724C-A755-4D2B-A60D-47CB0D0098F3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
    FirewallRules: [{A1715058-D24E-434B-B815-9082CAABD154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{2034FCA1-605E-4620-ABEF-088E4176D266}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
    FirewallRules: [{8776039A-D6A0-4A9C-8F89-A1B796A5865C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
    FirewallRules: [{23E6BB28-1F94-49CB-882F-D105EF09CFFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
    FirewallRules: [{44D5E01B-6D68-4189-AA17-F1180C460660}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    FirewallRules: [{B8852CDD-E984-4918-B1A4-65767850600E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    FirewallRules: [{DB657328-7064-4DD9-89F2-947B8F13C0BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    FirewallRules: [{1B7E6FF6-6ACF-44A7-9A55-0487FC84DD71}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
    FirewallRules: [{7CD58546-02C2-4A4F-B163-C85E691C8AAB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
    FirewallRules: [{37706D87-EF88-482E-BB3B-1144D32E6A3C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
    FirewallRules: [{18125AFE-7511-4E0D-8F3B-B3C36B6AFEC1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
    FirewallRules: [{A18FD9E8-2F2F-40F3-A8D5-87C14D96D243}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
    FirewallRules: [{C8C32171-256C-47DB-89AB-3DE2AF0E33A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{2DE9AE5E-8DBD-4D86-98D6-C23257F73FAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{2A4EC645-D63E-4E53-A278-F0833E9D6343}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{070C7466-043D-4849-95EA-29AF77EE0446}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{8529C79A-D6E9-4051-A797-423C53E6E85A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{EED15F61-0DF2-4FB0-BC29-6625DF4D4307}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{7266A3D5-B6BB-4CBC-BA38-1419834BF883}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [TCP Query User{1183E73B-DB14-46B4-BF06-2A9891186057}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
    FirewallRules: [UDP Query User{CFED1C33-E4EC-4A8A-ADED-A5E762008A38}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
    FirewallRules: [TCP Query User{5C872081-3941-431B-8F04-3FCFCAB70687}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
    FirewallRules: [UDP Query User{839F4A0F-8393-4CF1-8470-BFE8BF0F36B1}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
    FirewallRules: [{20C5EB43-7FB9-4AE5-BC40-A5B1B1591A17}] => (Allow) C:\Users\Osula\AppData\Local\ddnowyes.exe
    FirewallRules: [{ACFBF75C-B599-42CD-B05D-5B5E7EDE6D2A}] => (Allow) C:\Users\Osula\AppData\Local\Temp\installer1.exe
    FirewallRules: [{6392E69E-C3C2-4AB9-99EE-259323F0D3AE}] => (Allow) C:\Users\Osula\AppData\Local\77850382.exe
    FirewallRules: [{244314AF-AF91-4E85-A19A-97A8F1BE4FFE}] => (Allow) C:\Users\Osula\AppData\Local\tinstall.exe
    FirewallRules: [{1345DFD0-B5A2-4524-82BB-C57F26F9719B}] => (Allow) C:\Program Files (x86)\prestigious\modality.exe
    FirewallRules: [{C9477169-3C1A-4A41-99EB-BF4014708442}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
    FirewallRules: [{7DB9B87B-14B1-42F5-BAD6-99573D81A754}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
    FirewallRules: [{9F42257C-4D44-49DD-BC12-C5F5622D2EB4}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
    FirewallRules: [{171EF62A-5DC8-43BD-8BDA-CBB868D9AD7E}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
    FirewallRules: [{B92AE0A4-0A6E-43C0-A4D2-C2B026EC6840}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{EDAD881A-EC73-4BFF-A9C7-3D569ADF4A48}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{CDF2A27E-3B70-4582-9714-2800D9CFCAA2}] => (Allow) C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
    FirewallRules: [{E3669018-8348-45C9-A9E4-5F676B05E7B2}] => (Allow) C:\Program Files (x86)\ADSKIP\ADSkip.exe

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/14/2016 03:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: PCKAVService.exe, version: 1.1.1057.0, time stamp: 0x5756bb6b
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00007ffa00000000
    Faulting process id: 0x28e0
    Faulting application start time: 0xPCKAVService.exe0
    Faulting application path: PCKAVService.exe1
    Faulting module path: PCKAVService.exe2
    Report Id: PCKAVService.exe3
    Faulting package full name: PCKAVService.exe4
    Faulting package-relative application ID: PCKAVService.exe5

    Error: (06/14/2016 03:25:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: PCKAVService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: exception code c0000005, exception address 00007FFA00000000
    Stack:

    Error: (06/14/2016 03:18:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000096fa4
    Faulting process id: 0x55c0
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 03:18:55 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000097640
    Faulting process id: 0x57bc
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 02:43:32 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000096fa4
    Faulting process id: 0x4220
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 02:43:31 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000097640
    Faulting process id: 0x501c
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 02:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0
    Faulting module name: Cortana.Core.dll, version: 0.0.0.0, time stamp: 0x571af2d0
    Exception code: 0xc0000005
    Fault offset: 0x000000000001325d
    Faulting process id: 0x6a4
    Faulting application start time: 0xbackgroundTaskHost.exe0
    Faulting application path: backgroundTaskHost.exe1
    Faulting module path: backgroundTaskHost.exe2
    Report Id: backgroundTaskHost.exe3
    Faulting package full name: backgroundTaskHost.exe4
    Faulting package-relative application ID: backgroundTaskHost.exe5

    Error: (06/14/2016 12:27:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000096fa4
    Faulting process id: 0x4e30
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 12:27:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000097640
    Faulting process id: 0x4cf4
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5

    Error: (06/14/2016 02:18:06 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
    Exception code: 0x80000003
    Fault offset: 0x0000000000096fa4
    Faulting process id: 0x3fa8
    Faulting application start time: 0xsmu.exe0
    Faulting application path: smu.exe1
    Faulting module path: smu.exe2
    Report Id: smu.exe3
    Faulting package full name: smu.exe4
    Faulting package-relative application ID: smu.exe5


    System errors:
    =============
    Error: (06/14/2016 03:42:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
    Description: There was an error while attempting to read the local hosts file.

    Error: (06/14/2016 03:25:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCKAVService service.

    Error: (06/14/2016 03:18:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Search Module Update service terminated unexpectedly. It has done this 14 time(s).

    Error: (06/14/2016 02:43:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/14/2016 02:43:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Search Module Update service terminated unexpectedly. It has done this 13 time(s).

    Error: (06/14/2016 02:42:29 PM) (Source: DCOM) (EventID: 10016) (User: HEARTNSOUL)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HeartnSoulOsulaS-1-5-21-3693202215-1944876337-163887280-1001LocalHost (Using LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

    Error: (06/14/2016 12:29:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
    The handle is invalid.


    Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
    The handle is invalid.


    Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
    The handle is invalid.


    Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
    The handle is invalid.



    CodeIntegrity:
    ===================================
    Date: 2016-06-13 01:31:27.209
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

    Date: 2016-06-13 00:54:57.644
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:05:55.090
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:05:55.083
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:02:07.184
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:02:07.171
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:02:00.716
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:02:00.704
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:01:11.879
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-06-13 00:01:11.863
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4712MQ CPU @ 2.30GHz
    Percentage of memory in use: 62%
    Total physical RAM: 8083.27 MB
    Available physical RAM: 3024.5 MB
    Total Virtual: 9917.47 MB
    Available Virtual: 2566.43 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:913.34 GB) (Free:791.85 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 24A1F117)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  7. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==================================

    [​IMG] You're not saying what your computer issues are.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...