Inactive Nommers 1

Status
Not open for further replies.

Nommers

Posts: 6   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
Ran by Osula (administrator) on HEARTNSOUL (14-06-2016 15:43:27)
Running from C:\Users\Osula\Downloads
Loaded Profiles: Osula (Available Profiles: Osula)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\SASHome\SASFoundation\9.3\sas.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Users\Osula\AppData\Roaming\Gemoajaco\Gemoajaco.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\Osula\AppData\Roaming\SemcTops\Wenaooak.exe
() C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe
() C:\Users\Osula\AppData\Roaming\Exesowy\Exesowy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Windows\SysWOW64\CpuHeatMapping\16641\CpuHeatMapping.exe
() C:\Windows\cWinInfos\16610\WinInfos.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354\knscC89C.tmp
() C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354\qnsw90E4.tmp
(Essentware) C:\Program Files\Essentware\Common\AccountService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.exe
() C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.exe
(csdimedia.com) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Spotify Ltd) C:\Users\Osula\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\danza\sodom.exe
(Essentware) C:\Program Files\Essentware\PCKeeper\PCKeeper.exe
(Essentware) C:\Program Files\Essentware\PCKAV\PCKAV.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
() C:\Program Files (x86)\prestigious\modality.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Essentware) C:\Program Files\Essentware\PCKeeper\OneClickFixService.exe
Failed to access process -> PCKAVService.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.exe
() C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [522552 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2015-12-10] (Citrix Systems, Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [Spotify Web Helper] => C:\Users\Osula\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-27] (Spotify Ltd)
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [RemoteFilesTrayIcon] => "C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe"
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [sodom] => C:\Program Files (x86)\danza\sodom.exe [36767 2016-06-12] ()
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\...\Run: [imax] => C:\Program Files (x86)\prestigious\modality.exe [10752 2016-06-12] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
Startup: C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rugged.lnk [2016-06-14]
ShortcutTarget: rugged.lnk -> C:\Program Files (x86)\prestigious\modality.exe ()
Startup: C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-06-14]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f76e96bb-76ef-4665-9fdb-2e875e0f4d69}: [NameServer] 208.67.222.222,208.67.222.220
Tcpip\..\Interfaces\{f76e96bb-76ef-4665-9fdb-2e875e0f4d69}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131102749255379840&GUID=3E84A72B-965E-4EE1-BFAD-BC15CC9BA8F7
SearchScopes: HKLM -> DefaultScope {2E7D26A4-1FA1-4B1A-B4F1-C994BCDA66A0} URL =
SearchScopes: HKU\S-1-5-21-3693202215-1944876337-163887280-1001 -> DefaultScope OldSearch URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-28] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-28] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-04-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_24\bin\jp2ssv.dll [2015-08-28] (Sun Microsystems, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-01] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-28] (Oracle Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.6.0_24\bin\new_plugin\npjp2.dll [2015-08-28] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-13] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=g6dzftptn095001bq,1d46cc3b-dbab-4e4a-a1d1-67359f55eb64,&vp=ch&prd=set_ch
CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=g6dzftptn095001bq,1d46cc3b-dbab-4e4a-a1d1-67359f55eb64,&vp=ch&prd=set_ch"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com_
CHR Profile: C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-28]
CHR Extension: (Google Docs) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Google Drive) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-01]
CHR Extension: (Ebates Cash Back) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2016-06-13]
CHR Extension: (Google Search) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-28]
CHR Extension: (Google Docs Offline) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Journey (Diary, Journal)) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlncjaehedpdoinepaejmlpbmdkgmpog [2016-06-01]
CHR Extension: (Save to Pocket) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Osula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009264 2016-05-17] (Microsoft Corporation)
R2 CpuHeatMapping; C:\WINDOWS\SysWOW64\CpuHeatMapping/16641\CpuHeatMapping.exe [12288 2016-06-11] () [File not signed]
R2 cWinInfos; C:\WINDOWS\cWinInfos\16610\WinInfos.exe [15872 2016-06-11] () [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R2 SAS PC Files Server; C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe [337296 2012-08-16] ()
S2 SAS [AppDev-Lev1] Connect Spawner; C:\Program Files\SASHome\SASFoundation\9.3\spawner.exe [374632 2011-05-26] ()
R2 SAS [AppDev-Lev1] FrameworkServer - SAS Framework Data Server; C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe [235880 2011-05-03] ()
S2 SAS [AppDev-Lev1] Remote Services; C:\Program Files\SASHome\SASFoundationServices\9.3\wrapper.exe [204800 2006-10-17] () [File not signed]
R2 SAS [AppDev-Lev1] SASMeta - Metadata Server; C:\Program Files\SASHome\SASFoundation\9.3\sas.exe [127336 2011-05-26] ()
S2 SAS [AppDev-Lev1] Share Server; C:\Program Files\SASHome\SASFoundation\9.3\sas.exe [127336 2011-05-26] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 Myots; "C:\Users\Osula\AppData\Roaming\TiaeuNuwgo\Geiou.exe" -cms [X]
S2 SAS [AppDev-Lev1] Object Spawner; "C:\Program Files\SASHome\SASFoundation\9.3\objspawn" -name "SAS [AppDev-Lev1] Object Spawner" [X]
 
===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
U0 rmmahfw; C:\Windows\System32\drivers\cdloo.sys [79064 2016-06-14] (Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [61624 2015-08-21] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 ZeoScanner; C:\Windows\System32\DRIVERS\zeoscanner.sys [34592 2016-01-15] (Windows (R) Win 7 DDK provider)
S3 blNetFilter; \??\C:\WINDOWS\system32\drivers\blNetFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 15:43 - 2016-06-14 15:44 - 00027683 _____ C:\Users\Osula\Downloads\FRST.txt
2016-06-14 15:43 - 2016-06-14 15:43 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\cdloo.sys
2016-06-14 15:43 - 2016-06-14 15:43 - 00000000 ____D C:\FRST
2016-06-14 15:42 - 2016-06-14 15:42 - 02385920 _____ (Farbar) C:\Users\Osula\Downloads\FRST64.exe
2016-06-14 14:40 - 2016-06-14 14:40 - 00000000 ___HD C:\OneDriveTemp
2016-06-14 01:26 - 2016-05-10 22:31 - 00208776 _____ C:\WINDOWS\system32\Drivers\askProtect64.sys
2016-06-14 01:20 - 2016-06-14 15:42 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-06-14 01:20 - 2016-06-14 15:42 - 00000000 ____D C:\ProgramData\Essentware
2016-06-14 01:20 - 2016-06-14 01:21 - 00000000 ____D C:\Program Files\Essentware
2016-06-14 01:20 - 2016-06-14 01:20 - 00003646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-06-14 01:20 - 2016-06-14 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ttwifi
2016-06-14 01:19 - 2016-06-14 15:42 - 00000000 ____D C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354
2016-06-13 22:56 - 2016-06-13 22:59 - 00000000 ____D C:\Users\Osula\Documents\Projects
2016-06-13 19:47 - 2016-06-13 19:47 - 00000000 ____D C:\Users\Osula\Documents\Custom Office Templates
2016-06-13 10:30 - 2016-06-14 15:43 - 00001309 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk
2016-06-13 02:00 - 2016-06-13 02:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\WildTangent
2016-06-13 01:36 - 2016-06-14 15:43 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-13 01:36 - 2016-06-14 15:43 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-13 01:35 - 2016-06-14 14:45 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-13 01:35 - 2016-06-14 14:41 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 01:35 - 2016-06-13 01:40 - 00003986 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-13 01:35 - 2016-06-13 01:40 - 00003754 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-13 01:34 - 2016-06-13 01:34 - 00000000 ____D C:\Users\Osula\AppData\Local\Deployment
2016-06-13 01:33 - 2016-06-14 12:28 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{069F04E0-A70E-4245-ADD0-67843671432B}
2016-06-13 01:24 - 2016-06-13 01:24 - 00000000 ____D C:\WINDOWS\cWinInfos
2016-06-13 01:22 - 2016-06-13 01:22 - 00000000 ____D C:\WINDOWS\SysWOW64\CpuHeatMapping
2016-06-13 01:00 - 2016-06-13 01:00 - 00003260 _____ C:\WINDOWS\System32\Tasks\{F65A491A-6CFB-4A4D-955C-6232D370D843}
2016-06-13 00:59 - 2016-06-13 00:59 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-06-13 00:58 - 2016-06-13 00:58 - 01114354 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-06-13 00:58 - 2016-06-13 00:58 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DEA8F0
2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DE8DF0
2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B3E6F8
2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B3C6E8
2016-06-13 00:51 - 2016-06-13 00:51 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B244F8
2016-06-13 00:50 - 2016-06-13 00:50 - 00000000 ____D C:\Users\Osula\AppData\LocalLow00DC4048
2016-06-13 00:50 - 2016-06-13 00:50 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0000024FF8B0C0C8
2016-06-13 00:48 - 2016-06-13 00:48 - 00000000 ____D C:\WINDOWS\system32\zeo
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow0070E5D0
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow006E5D50
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97EB8
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97C48
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97698
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97428
2016-06-13 00:37 - 2016-06-13 00:37 - 00000000 ____D C:\Users\Osula\AppData\LocalLow000001B842F97288
2016-06-13 00:34 - 2016-06-13 00:34 - 00000000 ____D C:\WINDOWS\system32\joa
2016-06-13 00:00 - 2016-06-13 00:00 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\SemcTops
2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Exesowy
2016-06-13 00:00 - 2016-06-13 00:00 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2016-06-12 23:59 - 2016-06-14 15:42 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-06-12 23:59 - 2016-06-12 23:59 - 00060136 ____N (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.removed4195953
2016-06-12 23:56 - 2016-06-14 15:42 - 00000000 ____D C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354
2016-06-12 23:55 - 2016-06-14 15:42 - 00000000 ____D C:\Users\Osula\AppData\LocalLow\Company
2016-06-12 23:55 - 2016-06-13 00:00 - 00000000 ____D C:\Users\Osula\AppData\Local\Tempfolder
2016-06-12 23:55 - 2016-06-12 23:55 - 00027456 ____N C:\WINDOWS\system32\Drivers\bsdpf64.sys
2016-06-12 23:55 - 2016-06-12 23:55 - 00026944 ____N C:\WINDOWS\system32\Drivers\bsdpr64.sys
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ___HD C:\Program Files (x86)\prestigious
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ___HD C:\Program Files (x86)\danza
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Gemoajaco
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\Users\Osula\AppData\Roaming\csdimedia
2016-06-12 23:55 - 2016-06-12 23:55 - 00000000 ____D C:\uninst
2016-06-12 23:54 - 2016-06-14 15:43 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater
2016-06-12 23:46 - 2016-06-12 23:46 - 00127648 _____ C:\Users\Osula\AppData\Local\42844444.exe
2016-06-12 23:43 - 2016-06-12 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-06-12 23:40 - 2016-06-12 23:43 - 00000000 ____D C:\xampp
2016-06-12 20:51 - 2016-06-12 23:55 - 00065344 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-06-12 00:25 - 2016-06-12 00:29 - 00000000 ____D C:\Users\Osula\Documents\Phuc L Lang
2016-06-08 05:18 - 2016-06-08 05:18 - 00394752 _____ C:\WINDOWS\system32\bi3.exe
2016-05-26 16:46 - 2016-05-26 16:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-21 22:03 - 2016-05-28 12:51 - 00000000 ____D C:\Users\Osula\AppData\Local\MicrosoftEdge
2016-05-21 14:39 - 2016-04-22 00:57 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-05-21 03:31 - 2016-05-21 03:31 - 00000000 ____D C:\Users\Osula\AppData\Local\NetworkTiles
2016-05-21 03:23 - 2016-05-21 02:55 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-21 03:20 - 2016-05-21 03:21 - 00000000 ____D C:\Windows.old
2016-05-21 03:19 - 2016-06-13 00:34 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-21 03:19 - 2016-06-13 00:34 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-21 03:19 - 2016-05-21 03:19 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-21 03:19 - 2016-05-21 03:19 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-21 03:19 - 2016-05-21 03:19 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-21 03:19 - 2016-05-21 03:19 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-21 03:19 - 2016-05-21 03:19 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
 
2016-05-21 03:19 - 2016-05-21 03:19 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-21 03:19 - 2016-05-21 03:19 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-21 03:19 - 2016-05-21 03:19 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-21 03:19 - 2016-05-21 03:19 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-05-21 03:19 - 2016-05-21 03:19 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-21 03:19 - 2016-05-21 03:19 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-05-21 03:19 - 2016-05-21 03:19 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-21 03:19 - 2016-05-21 03:19 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-21 03:19 - 2016-05-21 03:19 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
 
2016-05-21 03:19 - 2016-05-21 03:19 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-21 03:19 - 2016-05-21 03:19 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-21 03:19 - 2016-05-21 03:19 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-21 03:14 - 2016-05-21 03:14 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files\MSBuild
2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-21 03:12 - 2016-05-21 03:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-21 03:11 - 2016-05-21 03:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-05-21 03:11 - 2016-05-21 03:11 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-05-21 03:11 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-05-21 03:11 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-21 03:11 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-05-21 03:11 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-21 03:11 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-21 03:11 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-21 03:07 - 2016-05-21 03:07 - 00000000 ____D C:\Users\Osula\Mobile uploads
2016-05-21 03:03 - 2016-06-14 15:43 - 00002405 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-21 03:01 - 2016-05-21 03:01 - 00000000 ____D C:\Users\Osula\AppData\Local\ActiveSync
2016-05-21 03:00 - 2016-05-21 03:00 - 00000000 ____D C:\Users\Osula\AppData\Local\Publishers
2016-05-21 02:58 - 2016-06-02 15:45 - 00000000 ____D C:\Users\Osula\AppData\Local\Comms
2016-05-21 02:58 - 2016-05-21 02:58 - 00000000 ____D C:\Users\Osula\AppData\Local\TileDataLayer
2016-05-21 02:57 - 2016-05-21 02:57 - 00000020 ___SH C:\Users\Osula\ntuser.ini
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\My Documents
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-05-21 02:54 - 2016-05-21 02:54 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-05-21 02:48 - 2016-06-13 00:57 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-21 02:48 - 2016-05-21 02:48 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-21 02:38 - 2016-06-14 15:43 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-21 02:38 - 2016-05-21 02:38 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2016-05-21 02:38 - 2016-05-21 02:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2016-05-21 02:31 - 2016-05-21 02:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-05-21 02:30 - 2016-05-21 03:07 - 00000000 ____D C:\Users\Osula
2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\My Documents
2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Videos
2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Pictures
2016-05-21 02:30 - 2016-05-21 02:30 - 00000000 _SHDL C:\Users\Osula\Documents\My Music
2016-05-21 02:27 - 2016-06-13 00:58 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-05-21 02:27 - 2016-05-21 02:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\Program Files\Realtek
2016-05-21 02:27 - 2016-05-21 02:27 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-05-21 02:27 - 2015-07-13 10:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-21 02:27 - 2015-07-13 10:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-21 02:27 - 2015-07-13 09:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-21 02:26 - 2016-06-14 14:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-21 02:26 - 2016-05-21 02:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-21 02:26 - 2016-05-21 02:32 - 00000000 ____D C:\Program Files\Intel
2016-05-21 02:26 - 2016-05-21 02:26 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-21 02:26 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-05-21 02:26 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-05-21 02:25 - 2016-05-21 02:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-05-21 02:00 - 2016-05-21 02:53 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-05-21 02:00 - 2016-05-21 02:53 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-05-18 15:52 - 2016-06-14 15:43 - 00001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableau 9.3.lnk
2016-05-18 15:52 - 2016-06-14 15:43 - 00001237 _____ C:\Users\Public\Desktop\Tableau 9.3.lnk
2016-05-18 15:52 - 2016-05-18 15:53 - 00000000 ____D C:\Users\Osula\AppData\Local\Tableau
2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\Tableau
2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\MySQL
2016-05-18 15:52 - 2016-05-18 15:52 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-05-18 15:51 - 2016-05-21 02:40 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-05-18 15:51 - 2016-05-21 02:40 - 00000000 ____D C:\WINDOWS\system32\1033
2016-05-18 15:51 - 2016-05-18 15:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-05-18 15:51 - 2016-05-18 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 15:43 - 2016-04-27 19:30 - 00001995 _____ C:\Users\Public\Desktop\abMusic.lnk
2016-06-14 15:43 - 2016-04-27 18:11 - 00001999 _____ C:\Users\Public\Desktop\abPhoto.lnk
2016-06-14 15:43 - 2016-04-23 13:33 - 00002340 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-14 15:43 - 2016-02-14 02:25 - 00001033 _____ C:\Users\Public\Desktop\TI Connect.lnk
2016-06-14 15:43 - 2016-02-06 02:18 - 00001349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2015b (32-bit).lnk
2016-06-14 15:43 - 2016-02-05 22:54 - 00001685 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2016-06-14 15:43 - 2016-02-05 22:39 - 00001902 _____ C:\Users\Public\Desktop\Minitab 16.lnk
2016-06-14 15:43 - 2016-02-05 22:32 - 00003171 _____ C:\Users\Osula\Desktop\Shortcut to SecureDownloadManager.exe.lnk
2016-06-14 15:43 - 2015-12-31 00:15 - 00001863 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-06-14 15:43 - 2015-12-31 00:15 - 00001857 _____ C:\Users\Osula\Desktop\Spotify.lnk
2016-06-14 15:43 - 2015-08-31 19:14 - 00002959 _____ C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox.lnk
2016-06-14 15:43 - 2015-04-02 04:57 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-06-14 15:43 - 2015-04-02 04:35 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
2016-06-14 15:19 - 2015-09-22 16:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-14 14:44 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-14 14:43 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-14 14:40 - 2015-08-27 19:20 - 00000000 ___RD C:\Users\Osula\OneDrive
2016-06-14 14:39 - 2016-02-06 02:17 - 00000592 _____ C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job
2016-06-14 14:39 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-14 14:39 - 2015-08-27 19:12 - 00000000 __SHD C:\Users\Osula\IntelGraphicsProfiles
2016-06-14 02:32 - 2016-01-14 23:11 - 00000000 ____D C:\Users\Osula\Documents\Recruitment
2016-06-13 20:56 - 2015-11-04 17:58 - 00000000 ____D C:\Users\Osula\AppData\Local\ElevatedDiagnostics
2016-06-13 20:56 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-13 19:43 - 2015-08-27 19:12 - 00000000 ____D C:\Users\Osula\AppData\Local\Packages
2016-06-13 02:00 - 2015-01-12 04:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-13 02:00 - 2015-01-12 04:30 - 00000000 ____D C:\ProgramData\WildTangent
2016-06-13 01:35 - 2015-08-28 11:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-13 01:05 - 2015-09-09 18:11 - 00000000 ____D C:\Users\Osula\AppData\Local\acer
2016-06-13 01:05 - 2015-01-12 04:28 - 00000000 ____D C:\Program Files (x86)\Acer
2016-06-13 01:04 - 2015-01-12 04:32 - 00000000 ____D C:\Program Files\Acer
2016-06-13 01:04 - 2015-01-12 04:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-13 00:58 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-13 00:49 - 2016-02-13 06:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 00:48 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-13 00:35 - 2016-02-13 06:11 - 00474312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-12 00:31 - 2015-09-09 17:52 - 00000000 ____D C:\Users\Osula\Documents\School
2016-06-12 00:29 - 2015-09-10 18:41 - 00000000 ____D C:\Users\Osula\Documents\Reference
2016-06-09 01:19 - 2015-09-01 16:07 - 00353572 _____ C:\Users\Osula\pgm.asv
2016-06-08 15:42 - 2016-01-14 23:24 - 00000000 ____D C:\Users\Osula\Documents\Miscellaneous
2016-05-26 17:57 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-26 17:54 - 2015-09-01 00:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-25 19:26 - 2015-08-27 19:14 - 00000000 ____D C:\Users\Osula\AppData\Local\clear.fi
2016-05-22 13:23 - 2015-01-12 04:28 - 00000000 ____D C:\ProgramData\OEM
2016-05-21 17:02 - 2016-04-01 19:13 - 00000000 ____D C:\Users\Osula\AppData\Local\Microsoft Help
2016-05-21 03:23 - 2015-10-30 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-21 03:20 - 2016-02-13 06:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-21 03:20 - 2015-10-30 00:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 __RSD C:\WINDOWS\Media
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-05-21 03:20 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-05-21 03:20 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-05-21 03:20 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-21 02:58 - 2016-02-13 06:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-21 02:58 - 2015-04-02 03:40 - 00000000 ___HD C:\Intel
2016-05-21 02:55 - 2016-01-31 05:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-05-21 02:55 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-21 02:55 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-05-21 02:54 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-21 02:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Registration
2016-05-21 02:46 - 2015-10-30 00:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-21 02:40 - 2016-02-08 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-05-21 02:40 - 2016-02-08 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2016-05-21 02:40 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab
2016-05-21 02:40 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Help
2016-05-21 02:40 - 2015-10-29 23:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-21 02:40 - 2015-09-22 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-21 02:40 - 2015-09-01 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-05-21 02:40 - 2015-09-01 00:12 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-05-21 02:40 - 2015-08-28 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS
2016-05-21 02:40 - 2015-08-28 12:21 - 00000000 ____D C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAS
2016-05-21 02:40 - 2015-08-28 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-21 02:40 - 2015-08-28 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-21 02:40 - 2015-04-02 05:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2016-05-21 02:40 - 2015-04-02 04:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRIVATE WiFi
2016-05-21 02:38 - 2013-08-22 06:36 - 00000000 ____D C:\Users\Default.migrated
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-05-21 02:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-05-21 02:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-05-21 02:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-05-21 02:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-05-21 02:33 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-05-21 02:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-05-21 02:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-05-21 02:32 - 2016-02-14 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2016-05-21 02:32 - 2016-02-06 02:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2016-05-21 02:32 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-21 02:32 - 2015-04-02 04:39 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2016-05-21 02:32 - 2015-01-12 04:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2016-05-21 02:32 - 2015-01-12 04:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-05-21 02:32 - 2015-01-12 04:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2016-05-21 02:32 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-05-21 02:29 - 2015-10-29 23:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-21 02:00 - 2016-02-13 07:21 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-18 15:53 - 2016-02-05 22:39 - 00000000 ____D C:\ProgramData\FLEXnet
2016-05-18 15:52 - 2015-08-31 22:53 - 00000875 _____ C:\WINDOWS\ODBCINST.INI
2016-05-18 15:51 - 2015-01-12 04:33 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-06-12 23:46 - 2016-06-12 23:46 - 0127648 _____ () C:\Users\Osula\AppData\Local\42844444.exe
2015-09-22 15:47 - 2015-09-22 15:47 - 0007594 _____ () C:\Users\Osula\AppData\Local\Resmon.ResmonCfg
2016-05-21 02:27 - 2016-05-21 02:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Osula\AppData\Local\Temp\3030.tmp.exe
C:\Users\Osula\AppData\Local\Temp\3E9C.tmp.exe
C:\Users\Osula\AppData\Local\Temp\476A.tmp.exe
C:\Users\Osula\AppData\Local\Temp\4BA.tmp.exe
C:\Users\Osula\AppData\Local\Temp\4xvpymD5X1.exe
C:\Users\Osula\AppData\Local\Temp\54BA.tmp.exe
C:\Users\Osula\AppData\Local\Temp\5BA6.tmp.exe
C:\Users\Osula\AppData\Local\Temp\69F2.tmp.exe
C:\Users\Osula\AppData\Local\Temp\9559.tmp.exe
C:\Users\Osula\AppData\Local\Temp\9E77.tmp.exe
C:\Users\Osula\AppData\Local\Temp\A59.tmp.exe
C:\Users\Osula\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Osula\AppData\Local\Temp\B78.tmp.exe
C:\Users\Osula\AppData\Local\Temp\C0B0.tmp.exe
C:\Users\Osula\AppData\Local\Temp\ChTo8XmqB0.exe
C:\Users\Osula\AppData\Local\Temp\D81.tmp.exe
C:\Users\Osula\AppData\Local\Temp\E021.tmp.exe
C:\Users\Osula\AppData\Local\Temp\evQZosh5zN.exe
C:\Users\Osula\AppData\Local\Temp\F286.tmp.exe
C:\Users\Osula\AppData\Local\Temp\F330.tmp.exe
C:\Users\Osula\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Osula\AppData\Local\Temp\Q2r9AMAT5r.exe
C:\Users\Osula\AppData\Local\Temp\uytbS09mtL.exe
C:\Users\Osula\AppData\Local\Temp\Vw0gp8AVWh.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll
[2016-05-21 03:19] - [2016-06-13 00:34] - 0686976 ____A (Microsoft Corporation) DDAB6F48DBA750B6F17F64C72F7B3770

C:\WINDOWS\SysWOW64\dnsapi.dll
[2016-05-21 03:19] - [2016-06-13 00:34] - 0535080 ____A (Microsoft Corporation) 3CBC9463DB18B913F34FD1FB7196E969

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-08 14:28

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2016
Ran by Osula (2016-06-14 15:44:54)
Running from C:\Users\Osula\Downloads
Windows 10 Home Version 1511 (X64) (2016-05-21 09:55:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3693202215-1944876337-163887280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3693202215-1944876337-163887280-503 - Limited - Disabled)
Guest (S-1-5-21-3693202215-1944876337-163887280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3693202215-1944876337-163887280-1003 - Limited - Enabled)
Osula (S-1-5-21-3693202215-1944876337-163887280-1001 - Administrator - Enabled) => C:\Users\Osula

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: PCKeeper Antivirus (Enabled - Up to date) {156D9A2F-8BF7-CC79-6637-F31E244756C7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: PCKeeper Antivirus (Enabled - Up to date) {AE0C7BCB-ADCD-C3F7-5C87-C86C5FC01C7A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2004.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
AccountService (Version: 1.1.69 - Essentware) Hidden
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bootstrapper (x32 Version: 1.1.2.0 - Minitab, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
J2SE Development Kit 5.0 Update 15 (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0150150}) (Version: 1.5.0.150 - Sun Microsystems, Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024F0}) (Version: 6.0.240 - Oracle)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MATLAB R2015b (32-bit) (HKLM-x32\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4823.1004 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.4 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.2.4.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.2.4.0 - Minitab, Inc.) Hidden
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1073 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
psqlODBC_x64 (HKLM\...\{C0249921-2C35-47C1-83D8-8EABC438A96F}) (Version: 09.03.0400 - PostgreSQL Global Development Group)
Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
R for Windows 3.2.3 (HKLM\...\R for Windows 3.2.3_is1) (Version: 3.2.3 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
SAS 9.3 (HKLM-x32\...\{bcd538f9-31bf-4730-920a-066a6f7fb10d}) (Version: - SAS)
SAS 9.4 (HKLM-x32\...\{adfa23ed-d64f-40f3-bd52-8c4a9a1ff982}) (Version: 9.4 - SAS)
SAS Enterprise Guide 6.1 (64-bit) (Version: 6.100.0.2870 - SAS Institute Inc.) Hidden
SAS Framework Data Server 2.2 (HKLM-x32\...\SAS Framework Data Server 2.2) (Version: 2.2 - SAS Institute Inc.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Self-service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Tableau 9.3 (9300.16.0511.2203) (HKLM-x32\...\{68e685be-aa2b-4592-95bc-bf8e05d34758}) (Version: 9.3.808 - Tableau Software)
Tableau 9.3 (9300.16.0511.2203) (Version: 9.3.808 - Tableau Software) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.21-0 - Bitnami)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3693202215-1944876337-163887280-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02A04770-CD3C-485C-83F1-1AA2C0C81DB6} - \UbtFrameworkService -> No File <==== ATTENTION
Task: {107D0368-C3E5-41DB-98A9-A9F46F86E0DA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {113489A1-49D4-49ED-9983-CE3296CC4C61} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {134E4787-8D7E-447A-91FF-19E64B1E24BD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {186F655B-27C7-4BD7-A070-D3EADA4FFE94} - \WindApp Update -> No File <==== ATTENTION
Task: {19133244-19C3-4782-B3DB-0B06AFE888D5} - \Quick Access Quick Launcher -> No File <==== ATTENTION
Task: {1AE06EF9-EC5F-4C55-9BE5-CDC74842435B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1FD2A7B1-09BE-45EE-8C4F-EA63CF3886C8} - \Selection Tools Update -> No File <==== ATTENTION
Task: {22F3BE95-FB53-4C89-888A-167D679A86A3} - \{6D7080EC-D4B7-4A83-9386-58DEBB7D0FB2} -> No File <==== ATTENTION
Task: {295D7737-2309-4424-B9D7-833CC2EB4B13} - \Software Update Application -> No File <==== ATTENTION
Task: {34879891-36B0-4BF5-A8EB-01C8542CFE46} - \Power Management -> No File <==== ATTENTION
Task: {379EECD1-F5E8-4554-B282-FBDB59FFDE8C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {3D65FD9A-EE8C-4CC7-B0A5-8B91E5399C20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {43223F43-6695-4F2A-B202-D08F8E63AE22} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {448950F6-1F95-4E5E-87FC-199E8EB046AC} - \McAfee Remediation (Prepare) -> No File <==== ATTENTION
Task: {45AA7B8D-6F22-4983-A5FA-6C6EC0D7B89B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {4802B6CB-A43E-4410-8A6D-11F50BA18651} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {5375506E-E3D5-43B4-85DF-90DDC4FEF26F} - \SMW_UpdateTask_Time_333739323335303332302d782d233257574a5a4145502a -> No File <==== ATTENTION
Task: {58E0250C-EA74-46DB-99D0-E655F658F16E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {5BFC5580-D154-4020-86D7-6D24B81A130B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5C5A31E2-4D22-4014-8F6D-16C2E66D706E} - \PCKeeper updater -> No File <==== ATTENTION
Task: {68BA3724-A993-492E-B35E-B6ED7ACF0295} - \ConsumerInputUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {708157A3-D245-4F5F-99B1-18C0C5B9DCFE} - \44143837 -> No File <==== ATTENTION
Task: {73102AAE-29AC-45FB-BA44-AD019FF0CD18} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
Task: {75088D6F-C2C4-47CD-A04B-A33411959ADE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7B2AA5F0-DE3C-4133-8282-3E230C8D46FC} - \ACCAgent -> No File <==== ATTENTION
Task: {7B61A858-24F5-4EF7-AA07-B142381B7FA5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8013F081-549B-44F6-A7CD-27DE74864F03} - \MATLAB R2015b Startup Accelerator -> No File <==== ATTENTION
Task: {80826F0F-EDA0-410B-AA8C-2D0212CF38DF} - \CIMT_daily_S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
Task: {85EAD11B-4D8E-4D42-BC6D-503D019D0960} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
Task: {86256121-D7E4-4F79-A852-593843DA09FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8AF2B577-1935-40A9-9D59-12CB46E068D4} - \Pritc -> No File <==== ATTENTION
Task: {930D8135-A0E1-4B94-BE50-0ACAA7D6C7B8} - \CIMT_S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
Task: {954F652B-4FFB-4659-9AF2-903F35C11706} - \Pa4414383744143837 -> No File <==== ATTENTION
Task: {9586E6DD-DFEE-4301-9FAD-A11768C7BA92} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {9F7CE08B-39C2-49ED-997A-C3575AC74594} - \McAfeeLogon -> No File <==== ATTENTION
Task: {A9EC8238-46E6-4A94-BAB7-9862CC200EDA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {AB53C257-895E-42DB-9D97-E13E387BEB59} - \Quick Access -> No File <==== ATTENTION
Task: {B03E8F13-0C91-493A-8B3F-5F800B10CBED} - \ConsumerInputUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {B8BDD896-7C13-46C9-8E1C-1E52531E68A1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
Task: {B9271889-0C80-49A7-A968-B89C59848397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {BB48F50A-249F-4E47-BE98-280072B8D569} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {BE11E725-E4E7-4955-9FC0-B7C4E38F25F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {BF52DA91-F1A3-4BC9-A6FC-6ABC27C69F65} - \Optimize Start Menu Cache Files-S-1-5-21-3693202215-1944876337-163887280-1001 -> No File <==== ATTENTION
Task: {C12FD3E7-4355-46DB-BBBB-A98A31B12343} - \Launch Manager -> No File <==== ATTENTION
Task: {C404B3E7-83D0-44E8-8168-D0B915A7E3DD} - System32\Tasks\{F65A491A-6CFB-4A4D-955C-6232D370D843} => pcalua.exe -a "C:\Program Files (x86)\Acer\Acer Portal\uninstall.exe"
Task: {C4AE7FA5-B20D-40E2-BACE-38A8AC27493A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CDFD2F6A-7813-4AAE-A958-EB507EB319AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {D36EEDBC-BDC3-45A1-8470-15D34109A346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {D4F60932-E833-4912-A748-3050F4ECF804} - \ttwifi -> No File <==== ATTENTION
Task: {D7C01BC7-3CB8-47E2-A5CF-3F3182D9CD3D} - \BacKGroundAgent -> No File <==== ATTENTION
Task: {E34A5656-79E3-4E6C-9BFC-6B2F541DDC75} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {E451FF6B-3322-4520-BB63-DBFDA48A4464} - \MAXDriverUpdaterRunAtStartup -> No File <==== ATTENTION
Task: {EB400857-50E7-405A-80D7-22E365526D8D} - \ACC -> No File <==== ATTENTION
Task: {EDE2FE96-67A5-44BC-859F-AE0312A27E0F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {EEE9F3CA-6FE3-4C3A-9677-B28DFE4F8DB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {FA732DF9-24CD-43DD-850A-61F86CACA045} - \Optimize Start Menu Cache Files-S-1-5-21-3693202215-1944876337-163887280-500 -> No File <==== ATTENTION
Task: {FD60006C-32A0-4B5A-AAB1-3386C67562C5} - \osTip -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files (x86)\MATLAB\R2015b\bin\win32\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\McAfeeLogon.job => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION (yeabests)

==================== Loaded Modules (Whitelisted) ==============

2015-08-28 12:25 - 2011-05-26 05:21 - 00127336 _____ () C:\Program Files\SASHome\SASFoundation\9.3\sas.exe
2015-08-28 12:23 - 2011-05-26 05:59 - 00762880 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkmk.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00350720 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknls.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00686080 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsenc.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 01820672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsldb.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00709632 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsudb.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00116224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsicv.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00889344 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlssb.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00204288 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlsloc.dll
2015-08-28 12:23 - 2011-05-26 05:57 - 00092672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkevlgio.dll
2015-08-28 12:23 - 2011-05-26 05:47 - 00101376 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\skndns.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00431616 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkl4sas.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00096768 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aboot.dll
2015-08-28 12:23 - 2011-05-26 05:58 - 00157184 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkioe.dll
2015-08-28 12:24 - 2011-05-26 06:00 - 00265216 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tksecure.dll
2015-08-28 12:23 - 2011-05-26 05:56 - 00099840 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeeam.dll
2015-08-28 12:23 - 2011-05-26 05:55 - 00190464 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkarm.dll
2015-08-28 12:23 - 2011-05-26 05:56 - 00312832 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeavl.dll
2015-08-28 12:25 - 2011-06-07 15:46 - 02561536 _____ () C:\Program Files\SASHome\SASFoundation\9.3\sashost.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00593408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tknlssm.dll
2015-08-28 12:25 - 2011-05-26 05:30 - 00225792 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswztx.dll
2015-08-28 12:25 - 2011-05-26 05:21 - 02039296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasvwu.dll
2015-08-28 12:25 - 2011-05-26 05:21 - 00146944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVRES.dll
2015-08-28 12:24 - 2011-05-26 05:21 - 01216512 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVICON.dll
2015-08-28 12:25 - 2011-05-26 05:21 - 00971264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\resource\SASVBMP.dll
2015-08-28 12:25 - 2011-05-26 05:30 - 00233984 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswzx.dll
2015-08-28 12:25 - 2011-06-07 15:54 - 00155136 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswob.dll
2015-08-28 12:24 - 2011-06-07 15:54 - 00244224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswobs.dll
2015-08-28 12:25 - 2011-05-26 05:44 - 01012224 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxkern.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00466944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyh.dll
2015-08-28 12:25 - 2011-05-26 05:45 - 00244736 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7.dll
2015-08-28 12:25 - 2011-05-26 05:30 - 00278016 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswzsd.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00075776 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyzcrl.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00074752 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyzcr2.dll
2015-08-28 12:23 - 2011-05-26 05:57 - 00192000 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeutil.dll
2015-08-28 12:23 - 2011-05-26 06:00 - 00113664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkstring.dll
2015-08-28 12:24 - 2011-05-26 05:44 - 00670208 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxshel.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00122368 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aroll.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00135168 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4awinf.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00110592 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aioms.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00149504 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkl4iio.dll
2015-08-28 12:23 - 2011-05-26 05:58 - 00121856 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiop.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00113152 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aiome.dll
2015-08-28 12:25 - 2011-05-26 05:43 - 00055296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxbam.dll
2015-08-28 12:25 - 2011-05-26 05:44 - 00177664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxug.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00111616 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7lu.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00129024 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xrt.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00133120 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7l.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xgt.dll
2015-08-28 12:24 - 2011-05-26 05:44 - 00082944 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxsmw.dll
2015-08-28 12:25 - 2011-05-26 05:43 - 00081408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sastksrv.dll
2015-08-28 12:24 - 2011-05-26 05:33 - 00485888 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasdosm.dll
2015-08-28 12:24 - 2011-05-26 05:46 - 00084480 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyys.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00219136 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7yse.dll
2015-08-28 12:24 - 2011-05-26 05:46 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xin.dll
2015-08-28 12:24 - 2011-05-26 05:46 - 00096768 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xdl.dll
2015-08-28 12:25 - 2011-05-26 05:25 - 00113664 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxgtf.dll
2015-08-28 12:25 - 2011-05-26 05:44 - 00147456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxkrn2.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00080384 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiohq.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00117248 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4afref.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00102400 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomen.dll
2015-08-28 12:23 - 2011-05-26 05:57 - 00114176 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkequ.dll
2015-08-28 12:24 - 2011-06-07 15:58 - 00770048 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomsvc.dll
2015-08-28 12:23 - 2011-05-26 05:57 - 00370688 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkexml.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00095232 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tk4aiomc.dll
2015-08-28 12:23 - 2011-05-26 05:58 - 00211456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkitcp.dll
2015-08-28 12:23 - 2011-05-26 05:57 - 00143360 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkepdl.dll
2015-08-28 12:23 - 2011-05-26 06:00 - 00079360 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkperf.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00094208 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomjnl.dll
2015-08-28 12:23 - 2011-06-07 15:57 - 04475904 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkomi.dll
2015-08-28 12:24 - 2011-05-26 05:59 - 00832512 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkomip.dll
2015-08-28 12:24 - 2011-05-26 06:00 - 04594176 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkoms.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00196096 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkbplus.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkepm.dll
2015-08-28 12:24 - 2011-05-26 05:56 - 00095744 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkela.dll
2015-08-28 12:24 - 2011-05-26 05:56 - 00270336 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmt.dll
2015-08-28 12:24 - 2011-06-01 20:47 - 00160256 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfms.dll
2015-08-28 12:24 - 2011-05-26 05:56 - 00100352 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfbi.dll
2015-08-28 12:24 - 2011-06-01 20:47 - 00145408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfdt.dll
2015-08-28 12:24 - 2011-06-01 20:47 - 00115200 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmftm.dll
2015-08-28 12:24 - 2011-05-26 05:56 - 00113152 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfuw.dll
2015-08-28 12:24 - 2011-06-01 20:47 - 00299008 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkefmfnl.dll
2015-08-28 12:24 - 2011-05-26 05:48 - 00295936 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0b3en.dll
2015-08-28 12:27 - 2011-05-26 05:57 - 00515584 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkersa2.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkesasio.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00096256 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkemvasv.dll
2015-08-28 12:25 - 2011-05-26 05:37 - 00081408 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasolpsv.dll
2015-08-28 12:24 - 2011-05-26 05:46 - 00083456 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7ld.dll
2015-08-28 12:25 - 2011-05-26 05:37 - 00069632 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasolpwt.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00276992 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkewh.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00104960 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkeparse.dll
2015-08-28 12:24 - 2011-05-26 05:57 - 00147968 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tketok.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00084992 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasmvaio.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00135680 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyhl.dll
2015-08-28 12:25 - 2011-05-26 05:32 - 00236544 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saseimdb.dll
2015-08-28 12:24 - 2011-05-26 05:32 - 00213504 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasimdba.dll
2015-08-28 12:24 - 2011-05-26 05:55 - 00232960 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkbtree.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00421888 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyoio.dll
2015-08-28 12:25 - 2011-05-26 05:44 - 00406528 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxmac.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00155648 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7opn.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00248320 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7io.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00090112 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7up.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00076800 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sase7xop.dll
2015-08-28 12:25 - 2011-05-26 05:46 - 00135168 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasyoix.dll
2015-08-28 12:23 - 2011-05-26 05:47 - 00099328 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0a0en.dll
2015-08-28 12:25 - 2011-05-26 06:07 - 00135680 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saswgp.dll
2015-08-28 12:25 - 2011-05-26 05:44 - 00421376 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasxwher.dll
2015-08-28 12:24 - 2011-05-26 05:36 - 00075264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasomssv.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 01335296 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiompeb.dll
2015-08-28 12:24 - 2011-05-26 05:48 - 00171520 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0a6en.dll
2015-08-28 12:24 - 2011-05-26 05:58 - 00265216 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\tkiomsam.dll
2015-08-28 12:23 - 2011-05-26 05:49 - 00108544 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0b8en.dll
2015-08-28 12:25 - 2011-05-26 05:33 - 01503744 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasautop.dll
2015-08-28 12:25 - 2011-05-26 05:35 - 00121344 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sassrvp.dll
2015-08-28 12:24 - 2011-05-26 05:35 - 00757248 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\sasomip.dll
2015-08-28 12:24 - 2011-05-26 05:49 - 00092672 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasext\t0c0en.dll
2015-08-28 12:25 - 2011-05-26 05:11 - 00139264 _____ () C:\Program Files\SASHome\SASFoundation\9.3\core\sasexe\saszcpy.dll
2016-06-12 20:49 - 2016-06-12 20:49 - 00170496 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Gemoajaco.exe
2015-09-01 00:29 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-06-12 17:36 - 2016-06-12 17:36 - 00121344 ____N () C:\Users\Osula\AppData\Roaming\SemcTops\Wenaooak.exe
2015-09-04 16:38 - 2012-08-16 00:26 - 00337296 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\pcfservice.exe
2015-01-12 04:30 - 2012-04-24 03:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-28 12:30 - 2011-05-03 16:35 - 00235880 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkesrv.exe
2015-08-28 12:30 - 2011-05-03 16:24 - 00745984 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkmk.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 02037760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknls.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 01845760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlsldb.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00991232 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlssb.dll
2015-08-28 12:30 - 2008-12-20 19:52 - 00133120 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkevlgio.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00140800 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\skndns.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00408064 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkl4sas.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00138752 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aboot.dll
2015-08-28 12:30 - 2011-05-03 16:28 - 00193024 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkioe.dll
2015-08-28 12:30 - 2011-05-03 16:28 - 00293376 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tksecure.dll
2015-08-28 12:30 - 2011-06-07 12:49 - 00158720 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeeam.dll
2015-08-28 12:30 - 2011-05-03 16:26 - 00227840 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkarm.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00279040 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkecradl.dll
2015-08-28 12:30 - 2011-05-03 16:23 - 00196096 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a8en.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00172544 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aroll.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00158208 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aioms.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00193024 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkl4iio.dll
2015-08-28 12:30 - 2008-12-20 19:51 - 00160768 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiop.dll
2015-08-28 12:30 - 2011-05-03 16:29 - 00210944 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeutil.dll
2015-08-28 12:30 - 2008-12-20 19:51 - 00151552 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstring.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00160768 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aiome.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00361472 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketmi.dll
2015-08-28 12:30 - 2011-05-03 16:30 - 00180736 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkehml.dll
2015-08-28 12:30 - 2011-05-03 16:29 - 00245248 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeuri.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00216064 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkedflic.dll
2015-08-28 12:30 - 2011-05-03 16:26 - 00131584 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomen.dll
2015-08-28 12:30 - 2011-05-03 16:28 - 00858624 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomsvc.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00376320 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkexml.dll
2015-08-28 12:30 - 2008-12-20 19:51 - 00362496 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeavl.dll
2015-08-28 12:30 - 2011-05-03 16:31 - 00137728 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tk4aiomc.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00327168 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkepdl.dll
2015-08-28 12:30 - 2008-12-20 19:51 - 00125440 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkperf.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00135680 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomjnl.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00453632 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstsv.dll
2015-08-28 12:30 - 2011-05-03 16:32 - 00985088 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkstsvp.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00264704 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkedcm.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00188416 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketsc.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00471552 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkepre.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00391168 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tketsb.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00185856 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkevp.dll
2015-08-28 12:30 - 2008-12-20 19:55 - 01038336 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkcg.dll
2015-08-28 12:30 - 2010-03-24 23:58 - 00177664 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkefd.dll
2015-08-28 12:30 - 2011-05-03 16:36 - 00941056 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkescfb.dll
2015-08-28 12:31 - 2011-06-07 12:49 - 00603648 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkersa2.dll
2015-08-28 12:30 - 2011-05-03 16:28 - 00137728 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkeencr.dll
2015-08-28 12:30 - 2011-05-03 16:32 - 00178688 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tksecas.dll
2015-08-28 12:30 - 2011-05-03 16:36 - 00195072 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkdfascl.dll
2015-08-28 12:30 - 2011-05-03 16:22 - 00211968 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0d1en.dll
2015-08-28 12:30 - 2011-05-03 16:37 - 00514560 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkefire.dll
2015-08-28 12:30 - 2011-05-03 16:36 - 00301568 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tket2q.dll
2015-08-28 12:30 - 2011-05-03 16:35 - 00219648 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkecat.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 01753600 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tknlsmb.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 01399808 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiompeb.dll
2015-08-28 12:30 - 2008-12-20 19:33 - 00208384 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a6en.dll
2015-08-28 12:30 - 2011-05-03 16:26 - 00437760 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkiomsam.dll
2015-08-28 12:30 - 2011-05-03 16:27 - 00187392 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\tkitcp.dll
2015-08-28 12:30 - 2008-12-20 19:37 - 00150528 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0b8en.dll
2015-08-28 12:30 - 2008-12-20 19:38 - 00143360 _____ () C:\Program Files\SASHome\SASFrameworkDataServer\2.2\bin\t0a0en.dll
2016-06-12 17:36 - 2016-06-12 17:36 - 00170496 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Exesowy.exe
2016-06-13 01:22 - 2016-06-11 15:57 - 00012288 _____ () C:\WINDOWS\SysWOW64\CpuHeatMapping\16641\CpuHeatMapping.exe
2016-06-13 01:24 - 2016-06-11 19:26 - 00015872 _____ () C:\WINDOWS\cWinInfos\16610\WinInfos.exe
2016-06-14 00:02 - 2016-06-14 00:02 - 00272896 _____ () C:\Program Files (x86)\036785C5-1465801002-E411-85C7-F0761C854354\knscC89C.tmp
2015-12-26 01:59 - 2015-12-26 01:59 - 00158720 _____ () C:\Users\Osula\AppData\Local\036785C5-1465867177-E411-85C7-F0761C854354\qnsw90E4.tmp
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-21 02:27 - 2015-07-13 10:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-12 17:37 - 2016-06-12 17:37 - 00668672 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.dll
2016-06-12 20:50 - 2016-06-12 20:50 - 00668672 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-05-21 03:19 - 2016-05-21 03:19 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-01-12 04:36 - 2014-08-22 19:21 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-05-21 03:03 - 2016-05-21 03:03 - 00959168 _____ () C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2015-10-27 18:57 - 2015-09-01 09:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-12 17:37 - 2016-06-12 17:37 - 00143872 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Hoyde.exe
2016-06-12 20:50 - 2016-06-12 20:50 - 00143872 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Tyjjytz.exe
 
2016-02-13 05:54 - 2016-02-13 05:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-21 03:19 - 2016-05-21 03:19 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 00:18 - 2016-02-13 06:03 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 00:18 - 2016-02-13 06:03 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 00:18 - 2016-02-13 06:02 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-06-12 23:46 - 2016-06-12 23:46 - 00036767 _____ () C:\Program Files (x86)\danza\sodom.exe
2016-05-12 12:04 - 2016-05-12 12:04 - 00102080 _____ () C:\Program Files\Essentware\PCKeeper\OneClickFixServicePS.dll
2016-05-12 12:04 - 2016-05-12 12:04 - 00092864 _____ () C:\Program Files\Essentware\PCKeeper\SharedNativeLibraryPS.dll
2016-06-12 23:46 - 2016-06-12 23:46 - 00010752 ____N () C:\Program Files (x86)\prestigious\modality.exe
2016-06-12 23:46 - 2016-06-12 23:46 - 00006656 ____N () C:\Program Files (x86)\prestigious\settings.dll
2016-05-21 03:46 - 2016-05-21 03:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-13 01:36 - 2016-06-03 18:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-13 01:36 - 2016-06-03 18:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2016-06-13 01:36 - 2016-06-03 18:01 - 31491736 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
2016-06-12 20:49 - 2016-06-12 20:49 - 00112128 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.exe
2016-06-12 17:36 - 2016-06-12 17:36 - 00112128 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.exe
2016-06-12 17:37 - 2016-06-13 00:00 - 00218624 ____N () C:\Users\Osula\AppData\Roaming\SemcTops\Apexkoun.din
2015-09-04 16:38 - 2012-08-16 00:26 - 00720896 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkmk.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00294912 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknls.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00618496 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsenc.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 01626112 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsldb.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00692224 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsudb.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00114688 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsicv.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00737280 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlssb.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00180224 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tknlsloc.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00094208 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkevlgio.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00098304 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\skndns.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00348160 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkl4sas.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00094208 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tk4aboot.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00147456 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkioe.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00233472 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tksecure.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00102400 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeeam.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00167936 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkarm.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00299008 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeavl.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00217088 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkecradl.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00155648 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\t0a8en.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00192512 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkitcp.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00135168 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkepdl.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00114688 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkstring.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00098304 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkeencr.dll
2015-09-04 16:38 - 2012-08-16 00:26 - 00159744 _____ () C:\Program Files\SASHome\x86\SASPCFilesServer\9.3\core\sasext\tkels.dll
2016-06-12 23:55 - 2015-06-23 15:19 - 00168448 _____ () C:\Program Files (x86)\Max Driver Updater\unrar.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-21 03:03 - 2016-05-21 03:03 - 00679624 _____ () C:\Users\Osula\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2016-06-12 17:37 - 2016-06-12 17:37 - 00258560 ____N () C:\Users\Osula\AppData\Roaming\Exesowy\Cowfarcip.dll
2016-06-12 20:49 - 2016-06-12 20:49 - 00258560 ____N () C:\Users\Osula\AppData\Roaming\Gemoajaco\Sujmub.dll
2016-02-22 20:31 - 2016-02-22 20:31 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2016-05-21 03:46 - 2016-05-21 03:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-21 03:46 - 2016-05-21 03:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-22 20:34 - 2016-02-22 20:34 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-05-21 02:32 - 2016-05-21 02:32 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2016-06-14 15:42 - 00001960 ____A C:\WINDOWS\system32\Drivers\etc\hosts

107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.goo.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.goo.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.goo.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.goo.88 partner.googleadservices.com
107.178.255.88 google-analytics.com127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3693202215-1944876337-163887280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Osula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 208.67.222.222 - 208.67.222.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{84400623-2BFB-4F8B-8172-8EC524DA54AC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{7223D46D-6415-4441-815C-2D020BE4AC4B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{A69DD841-0684-429F-BA7D-8982E935046B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{F0B74212-AB9C-466A-A1B6-9BCADE2F2AB3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{0A6EAF22-31C5-4E56-934C-F2A85AC742EF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{15A89E04-0A93-430E-8D05-A3DBD413B45C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{FCB1A060-8723-4BD9-B120-D01BD9344C0E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{BAC31D7A-CD08-4D91-A5F3-641CA474529B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{B4030DB2-DF18-4252-830E-A3052898A83F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{03E63D44-1699-41D0-AEE7-55075E34895D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{56946673-C341-477A-B841-738B5AE72810}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{37D1894C-4793-4869-BB70-306E92073078}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{9657EA56-EF2B-4760-8428-99776C65A148}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{654A1C57-0FD7-4935-9DBC-7E5670FEF1E6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{8EDEF44B-24F6-4C5E-B7D4-D995AC792263}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{9143C4A5-1E3E-404D-A205-F5AB784C8B82}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [UDP Query User{5252EC73-73B2-49E7-997D-BCF61D0DEC87}C:\users\osula\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\osula\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F409501D-4464-4409-B54F-84AF94E6FE33}C:\users\osula\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\osula\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0E1FF49D-960F-43C3-BE99-C6AFCD9B6B6F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{48E02306-33DF-4421-B3EA-CB65AE51A287}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7358FECC-6010-44ED-8DB6-A33AD78923DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9568BA53-9392-493E-A97F-E7423E9A1870}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{742E30BD-CB08-4851-AE00-BAB20B599AFB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9371F8B6-0880-4FC1-AD78-55442D002FBE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1F8AB10D-980B-4C31-B536-4C7BE3820D9A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B420B3EB-8B2A-42C6-9893-C1A145AEE61C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F2F7A823-AB10-4CAA-859C-980F23F288F2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3ECF4C46-0094-4E37-93EE-046E6ACEA237}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6E8453E5-1877-4E3A-B498-C31F9DDAED20}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7C93CB88-65FC-4749-BAED-211A60E91C04}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FEF6BDF4-1D03-4A26-95A6-40264AC20DDA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{6FF348DC-FE6F-42FC-B69D-578D34CCEB5A}C:\program files (x86)\java\jre1.6.0_24\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.6.0_24\bin\java.exe
FirewallRules: [TCP Query User{596E9793-5178-4B54-B6BF-07B647900C1B}C:\program files (x86)\java\jre1.6.0_24\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.6.0_24\bin\java.exe
FirewallRules: [{E798EBB5-723C-463C-8CF5-B628059C555C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2BB6E534-450C-490C-A4BA-E4E064275198}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9EEC3E5E-B7C5-438D-9B22-1A450C34C1CF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{52A83735-E625-44E3-9F2A-DB46112F3216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1F259B24-CA11-4A1B-8365-06556D3F9329}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5A75AA31-1533-48F2-ACB3-FC867C14E002}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{13422E11-D316-411F-83D0-9A90508429D8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E71C79F6-634A-4DFD-AD8B-98F9F01BDC3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED98AC0-FB68-486E-B07B-60789700C945}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{60DE8919-D757-4F18-B864-8B1CD89DAB81}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CDE4FD7A-A7AE-41A3-8CEB-72731909B51B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{81807977-CBBE-4100-B5BD-E3B5CFBDE67A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7EEE991-A2A0-4C1B-B01C-2775DD6310F1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C6168575-91FA-482F-9F6D-7E234D43FA8B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3B808315-4573-43BB-A18F-BC146C594F71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C41D5191-674A-444A-80B2-5C1852302C6A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E5A6A855-B78A-4182-AF29-4FA65C81FA0E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BAC4724C-A755-4D2B-A60D-47CB0D0098F3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A1715058-D24E-434B-B815-9082CAABD154}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2034FCA1-605E-4620-ABEF-088E4176D266}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8776039A-D6A0-4A9C-8F89-A1B796A5865C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{23E6BB28-1F94-49CB-882F-D105EF09CFFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{44D5E01B-6D68-4189-AA17-F1180C460660}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{B8852CDD-E984-4918-B1A4-65767850600E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{DB657328-7064-4DD9-89F2-947B8F13C0BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{1B7E6FF6-6ACF-44A7-9A55-0487FC84DD71}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7CD58546-02C2-4A4F-B163-C85E691C8AAB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{37706D87-EF88-482E-BB3B-1144D32E6A3C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{18125AFE-7511-4E0D-8F3B-B3C36B6AFEC1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A18FD9E8-2F2F-40F3-A8D5-87C14D96D243}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{C8C32171-256C-47DB-89AB-3DE2AF0E33A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2DE9AE5E-8DBD-4D86-98D6-C23257F73FAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A4EC645-D63E-4E53-A278-F0833E9D6343}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{070C7466-043D-4849-95EA-29AF77EE0446}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8529C79A-D6E9-4051-A797-423C53E6E85A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{EED15F61-0DF2-4FB0-BC29-6625DF4D4307}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7266A3D5-B6BB-4CBC-BA38-1419834BF883}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{1183E73B-DB14-46B4-BF06-2A9891186057}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{CFED1C33-E4EC-4A8A-ADED-A5E762008A38}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{5C872081-3941-431B-8F04-3FCFCAB70687}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{839F4A0F-8393-4CF1-8470-BFE8BF0F36B1}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{20C5EB43-7FB9-4AE5-BC40-A5B1B1591A17}] => (Allow) C:\Users\Osula\AppData\Local\ddnowyes.exe
FirewallRules: [{ACFBF75C-B599-42CD-B05D-5B5E7EDE6D2A}] => (Allow) C:\Users\Osula\AppData\Local\Temp\installer1.exe
FirewallRules: [{6392E69E-C3C2-4AB9-99EE-259323F0D3AE}] => (Allow) C:\Users\Osula\AppData\Local\77850382.exe
FirewallRules: [{244314AF-AF91-4E85-A19A-97A8F1BE4FFE}] => (Allow) C:\Users\Osula\AppData\Local\tinstall.exe
FirewallRules: [{1345DFD0-B5A2-4524-82BB-C57F26F9719B}] => (Allow) C:\Program Files (x86)\prestigious\modality.exe
FirewallRules: [{C9477169-3C1A-4A41-99EB-BF4014708442}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7DB9B87B-14B1-42F5-BAD6-99573D81A754}] => (Allow) C:\Program Files (x86)\SrpnFiles\SrpnFiles.exe
FirewallRules: [{9F42257C-4D44-49DD-BC12-C5F5622D2EB4}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{171EF62A-5DC8-43BD-8BDA-CBB868D9AD7E}] => (Allow) C:\Program Files (x86)\SrpnFiles\downloader.exe
FirewallRules: [{B92AE0A4-0A6E-43C0-A4D2-C2B026EC6840}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EDAD881A-EC73-4BFF-A9C7-3D569ADF4A48}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CDF2A27E-3B70-4582-9714-2800D9CFCAA2}] => (Allow) C:\Program Files (x86)\ADSKIP\ADSkipSvc.exe
FirewallRules: [{E3669018-8348-45C9-A9E4-5F676B05E7B2}] => (Allow) C:\Program Files (x86)\ADSKIP\ADSkip.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2016 03:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PCKAVService.exe, version: 1.1.1057.0, time stamp: 0x5756bb6b
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffa00000000
Faulting process id: 0x28e0
Faulting application start time: 0xPCKAVService.exe0
Faulting application path: PCKAVService.exe1
Faulting module path: PCKAVService.exe2
Report Id: PCKAVService.exe3
Faulting package full name: PCKAVService.exe4
Faulting package-relative application ID: PCKAVService.exe5

Error: (06/14/2016 03:25:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: PCKAVService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFA00000000
Stack:

Error: (06/14/2016 03:18:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000096fa4
Faulting process id: 0x55c0
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 03:18:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000097640
Faulting process id: 0x57bc
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 02:43:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000096fa4
Faulting process id: 0x4220
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 02:43:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000097640
Faulting process id: 0x501c
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 02:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d8f0
Faulting module name: Cortana.Core.dll, version: 0.0.0.0, time stamp: 0x571af2d0
Exception code: 0xc0000005
Fault offset: 0x000000000001325d
Faulting process id: 0x6a4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (06/14/2016 12:27:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000096fa4
Faulting process id: 0x4e30
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 12:27:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000097640
Faulting process id: 0x4cf4
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5

Error: (06/14/2016 02:18:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Faulting module name: smu.exe, version: 2.6.5.1219, time stamp: 0x575ec9a3
Exception code: 0x80000003
Fault offset: 0x0000000000096fa4
Faulting process id: 0x3fa8
Faulting application start time: 0xsmu.exe0
Faulting application path: smu.exe1
Faulting module path: smu.exe2
Report Id: smu.exe3
Faulting package full name: smu.exe4
Faulting package-relative application ID: smu.exe5


System errors:
=============
Error: (06/14/2016 03:42:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (06/14/2016 03:25:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCKAVService service.

Error: (06/14/2016 03:18:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Search Module Update service terminated unexpectedly. It has done this 14 time(s).

Error: (06/14/2016 02:43:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/14/2016 02:43:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Search Module Update service terminated unexpectedly. It has done this 13 time(s).

Error: (06/14/2016 02:42:29 PM) (Source: DCOM) (EventID: 10016) (User: HEARTNSOUL)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HeartnSoulOsulaS-1-5-21-3693202215-1944876337-163887280-1001LocalHost (Using LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (06/14/2016 12:29:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
The handle is invalid.


Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
The handle is invalid.


Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
The handle is invalid.


Error: (06/14/2016 12:29:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel(R) Content Protection HECI Service service terminated with the following error:
The handle is invalid.



CodeIntegrity:
===================================
Date: 2016-06-13 01:31:27.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

Date: 2016-06-13 00:54:57.644
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:05:55.090
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:05:55.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:02:07.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:02:07.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:02:00.716
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:02:00.704
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:01:11.879
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-13 00:01:11.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4712MQ CPU @ 2.30GHz
Percentage of memory in use: 62%
Total physical RAM: 8083.27 MB
Available physical RAM: 3024.5 MB
Total Virtual: 9917.47 MB
Available Virtual: 2566.43 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.34 GB) (Free:791.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 24A1F117)

Partition: GPT.

==================== End of Addition.txt ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

redtarget.gif
You're not saying what your computer issues are.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
If you already have MBAM 2.0 installed:
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Status
Not open for further replies.
Back