Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot totally remove Bitdefender- Rkinner was referred to help me

bitdefender

  • Please log in to reply

#1
zavalamerry

zavalamerry

    Member

  • Member
  • PipPip
  • 46 posts

Here is the link to the other forum I started: http://www.geekstogo...-to-wifi/page-5

 

Phillpower2 spoke to Rkinner a few weeks ago about our inability to totally remove the program Bitdefender from my computer.  We tried many programs trying to get rid of the whole program including Revo and Speccy.  I had 3 antivirus programs on my computer and Phillpower2 tried helping me get rid of the unnecessary programs in hopes of making my dongle work better.  The dongle wouldn't hold the wifi signal causing me to lose the internet throughout the day.  I asked for help from geeks to go.  As it turns out the dongle was defective and I had so many problems with Linksys following through with their promises I requested a refund and now have another dongle.  I just got it today so will see if it is better.  My problem is I am in an apartment complex and I have no idea where the router is to be able to get free wifi.  If I cannot get this new wireless adapter to work I will go back to Phillpower2 for help again.  This new one is supposed to pick up signals farther than others. 

 

Anyway Rkinner, it is important that I get my computer cleaned up if for no other reason than making it run better/faster.  My brother-in-law made this computer for me and he said he made it "super" fast (I don't remember how he did this), however it has lost some of it's "super" and Phillpower2 was concerned it might have unnecessary programs and possibly malware and spyware.  Thus the need to get rid of Bitdefender.  

 

Thank you for any help you can give me.  Merry 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP

Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

I'm going to be traveling today & some of tomorrow so may be slow getting back to you.
 


  • 0

#3
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Sorry Rkinner, I am finally getting a moment to run the programs that you suggested.  The first & second reports are too big to cut and paste so I attached them instead.  When I attempted to follow your directions on how to download FRST I was able to download the program but I wasn't able to follow the remaining steps you outlined because my computer did not offer those steps.  It did give a report but again didn't ask me to "scan" anything.  I will attach that report also.  IF I haven't done something right and the reports are wrong please let me know so I can see if there are other reports I just am not seeing. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by MerryZ (administrator) on MERRYZ-PC (11-06-2017 19:21:47)
Running from C:\Users\MerryZ\Downloads
Loaded Profiles: MerryZ (Available Profiles: MerryZ & Merry Z & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Windows\runSW.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Realtek) C:\Windows\SwUSB.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Cisco Consumer Products LLC) C:\Program Files (x86)\Linksys AE6000\WPS_Mon.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-11-12] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53753984 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Run: [Google Update] => C:\Users\MerryZ\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Run: [Google Photos Backup] => C:\Users\MerryZ\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMBE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [228864 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-05-14]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk [2015-10-17]
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\MerryZ\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
GroupPolicy\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-2720924552-1951368585-1981068937-1000] => Proxy is enabled.
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 4.2.2.2 4.2.2.1
Tcpip\..\Interfaces\{6a56ca7a-dd21-4fc4-b338-d825e61b3cd0}: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{95f0d466-ea7c-405a-8f7c-0a6d47e7133b}: [DhcpNameServer] 4.2.2.2 4.2.2.1
Tcpip\..\Interfaces\{d8f76dd7-955c-4c6b-9186-506db6c48210}: [DhcpNameServer] 4.2.2.2 4.2.2.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2720924552-1951368585-1981068937-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aftdwn_17_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzzyC0AtByBtDtDyDzyzztN0D0Tzu0StCzyyDzytN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0F0E0FyBtDtD0EtGyC0C0A0BtGtCyBtCzytGtDyEyByCtGyBzy0EtBtCtDtA0DtB0ByC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0FyEyCtB0EyD0FtGyE0CyCzytGyEyBtDzytGzz0AzzyBtGyCyDyCtAyDyE0Bzzzy0Azz0B2QtN0A0LzutB%26cr%3D1902081554%26a%3Dwbf_aftdwn_17_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2720924552-1951368585-1981068937-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2720924552-1951368585-1981068937-1000 -> {9CBBAC20-6FF0-45CB-804B-36DD0ABC54A4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: k3pjhort.default-1496626783074
FF ProfilePath: C:\Users\MerryZ\AppData\Roaming\Mozilla\Firefox\Profiles\k3pjhort.default-1496626783074 [2017-06-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-17] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2720924552-1951368585-1981068937-1000: @tools.google.com/Google Update;version=3 -> C:\Users\MerryZ\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2720924552-1951368585-1981068937-1000: @tools.google.com/Google Update;version=9 -> C:\Users\MerryZ\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-05-18] (Coupons, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> mysearch.avg.com
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"
CHR NewTab: Profile 1 ->  Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html", Not-active:"chrome-extension://obnljkamlkedffammjddflhjepplhnoj/stubby.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default [2016-03-15]
CHR Extension: (Google Slides) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Google Drive) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-01]
CHR Extension: (YouTube) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-01]
CHR Extension: (AVG Secure Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-01]
CHR Extension: (Google Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-01]
CHR Extension: (Google Sheets) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Do Not Disturb!) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilnddakjdkpofoablibghfikpeknhbia [2015-05-09]
CHR Extension: (Skype) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-01]
CHR Extension: (Google Drawings) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2016-03-01]
CHR Extension: (AVG Secure Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-01]
CHR Extension: (Gmail) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Profile: C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-11]
CHR Extension: (Google Slides) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (AVG Secure Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-12-21]
CHR Extension: (Google Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Calendar) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-03-20]
CHR Extension: (Google Sheets) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]
CHR Extension: (Search Incognito) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fgicbjogflmplknkepgdfobkfcllaneo [2016-09-28]
CHR Extension: (Chrome Remote Desktop) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-06-02]
CHR Extension: (Google Docs Offline) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (ShopAtHome.com: Deals + Cash Back) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmhdchlgkaelnphlklcdddpigfiblbhb [2017-06-02]
CHR Extension: (Do Not Disturb!) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilnddakjdkpofoablibghfikpeknhbia [2015-05-26]
CHR Extension: (Speech Recognition & Translation) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jjgohjmefljmabkekbfgfhockfegohfp [2015-10-30]
CHR Extension: (FromDocToPDF) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-05-15]
CHR Extension: (Google Drawings) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2015-09-27]
CHR Extension: (GoClock) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnohbioeoeajjjijlokmnkhdepemkpeg [2015-06-06]
CHR Extension: (AVG Secure Search) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-20]
CHR Extension: (HowToSuite) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\obnljkamlkedffammjddflhjepplhnoj [2017-05-16]
CHR Extension: (Gmail) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\MerryZ\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2720924552-1951368585-1981068937-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677376 2016-08-02] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc.)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AE6000; C:\WINDOWS\system32\DRIVERS\AE6000w1064.sys [2253648 2017-05-12] (MediaTek Inc.)
S3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\AE2500w764.sys [2576632 2016-12-03] (Broadcom Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 fileHiders; C:\WINDOWS\System32\DRIVERS\fileHiders.sys [32696 2015-08-13] () <==== ATTENTION
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 Linksys_adapter_H; C:\WINDOWS\system32\DRIVERS\AE2500w764.sys [2576632 2016-12-03] (Broadcom Corporation)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [48400 2014-12-31] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2017-03-18] (Realtek Semiconductor Corporation                           )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-11 19:21 - 2017-06-11 19:22 - 00025895 _____ C:\Users\MerryZ\Downloads\FRST.txt
2017-06-11 19:20 - 2017-06-11 19:21 - 00000000 ____D C:\FRST
2017-06-11 19:19 - 2017-06-11 19:20 - 02438656 _____ (Farbar) C:\Users\MerryZ\Downloads\FRST64.exe
2017-06-11 14:02 - 2017-06-11 14:02 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\ControlCenter4
2017-06-11 14:00 - 2017-06-11 14:00 - 00002205 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2017-06-11 14:00 - 2017-06-11 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2017-06-11 14:00 - 2017-06-11 14:00 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-06-11 14:00 - 2016-02-23 02:18 - 01146072 ____R (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2017-06-11 13:59 - 2015-08-12 18:25 - 00454360 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2017-06-11 13:59 - 2014-12-12 17:24 - 00044760 _____ () C:\WINDOWS\runSW.exe
2017-06-11 13:59 - 2010-12-01 09:31 - 00451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2017-06-11 13:59 - 2009-03-31 14:31 - 00380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe
2017-06-11 13:59 - 2009-01-05 20:31 - 00000901 _____ C:\WINDOWS\RtlUI2.exe.manifest
2017-06-11 13:59 - 2007-04-26 14:05 - 00100000 _____ C:\WINDOWS\SysWOW64\EAPPkt9x.VXD
2017-06-11 13:59 - 2001-09-26 11:03 - 00012981 _____ C:\WINDOWS\SysWOW64\REALPKT.VXD
2017-06-11 13:16 - 2017-06-11 13:16 - 00000000 ____D C:\Program Files\Nuance
2017-06-11 13:15 - 2017-06-11 13:16 - 00000000 ____D C:\ProgramData\Nuance
2017-06-11 13:15 - 2017-06-11 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2017-06-11 13:15 - 2017-06-11 13:15 - 00001915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\Users\MerryZ\Documents\MyWebPages
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\Users\MerryZ\AppData\Local\Nuance
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\ProgramData\zeon
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\ProgramData\ScanSoft
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\ProgramData\Macrovision
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\ProgramData\FLEXnet
2017-06-11 13:15 - 2017-06-11 13:15 - 00000000 ____D C:\Program Files (x86)\Nuance
2017-06-11 12:57 - 2017-06-11 12:57 - 00002125 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2017-06-11 12:56 - 2017-06-11 12:56 - 00001692 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\ProgramData\PCFaxTx
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\ProgramData\PCFaxRx
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\ProgramData\ControlCenter4
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\RemoteSetup
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\PC-FAXReceive
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2017-06-11 12:56 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\Browny02
2017-06-11 12:56 - 2015-10-15 15:27 - 00317952 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll
2017-06-11 12:56 - 2015-10-15 15:27 - 00046592 _____ C:\WINDOWS\ChgFscEx.dll
2017-06-11 12:56 - 2015-10-15 15:27 - 00000000 _____ C:\WINDOWS\Brpfx04a.ini
2017-06-11 12:53 - 2017-06-11 12:56 - 00000000 ____D C:\Program Files (x86)\Brother
2017-06-11 12:51 - 2017-06-11 12:52 - 00000000 ____D C:\Users\MerryZ\Downloads\install
2017-06-11 11:47 - 2017-06-11 12:14 - 374701944 _____ (SEIKO EPSON CORPORATION) C:\Users\MerryZ\Downloads\Y15A_C1_ULWT_PP-inst-E2.EXE
2017-06-11 11:21 - 2017-06-11 12:56 - 00000000 ____D C:\ProgramData\Brother
2017-06-11 11:21 - 2017-06-11 11:21 - 00007979 _____ C:\WINDOWS\BROMJ985DW.INI
2017-06-11 11:21 - 2017-06-11 11:21 - 00007854 _____ C:\WINDOWS\BRRBCOM.INI
2017-06-04 18:47 - 2017-06-04 18:47 - 00000000 ____D C:\Users\MerryZ\AppData\Local\Macromedia
2017-06-04 18:39 - 2017-06-04 18:39 - 00000000 ____D C:\Users\MerryZ\Desktop\Old Firefox Data
2017-06-04 18:38 - 2017-06-06 23:39 - 00000000 ____D C:\Users\MerryZ\AppData\LocalLow\Mozilla
2017-06-04 18:38 - 2017-06-04 19:20 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-06-04 18:38 - 2017-06-04 18:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-04 18:35 - 2017-06-04 18:35 - 00246056 _____ (Mozilla) C:\Users\MerryZ\Downloads\Firefox Setup Stub 53.0.3.exe
2017-06-03 22:17 - 2017-06-03 22:18 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\VSeeInstall
2017-06-03 22:15 - 2017-06-03 22:17 - 14342168 _____ (VSee Lab, Inc.) C:\Users\MerryZ\Downloads\vsee_em_nd29750.exe
2017-06-03 22:07 - 2017-06-03 22:07 - 00000000 ____D C:\Users\MerryZ\Downloads\hp_3_megapixel_webcam_gx607aa_updated
2017-06-03 22:06 - 2017-06-03 22:06 - 01570648 _____ (SafeBytes Software Inc.) C:\Users\MerryZ\Downloads\DriverAssist-Setup (1).exe
2017-06-03 22:05 - 2017-06-03 22:05 - 00007295 _____ C:\Users\MerryZ\Downloads\hp_3_megapixel_webcam_gx607aa_updated.zip
2017-06-03 21:55 - 2017-06-03 21:55 - 00000000 ____D C:\Users\MerryZ\AppData\Local\CEF
2017-06-03 21:49 - 2017-06-03 21:49 - 01570648 _____ (SafeBytes Software Inc.) C:\Users\MerryZ\Downloads\DriverAssist-Setup.exe
2017-06-03 18:26 - 2017-06-03 18:27 - 02458632 _____ (Megaify Software ) C:\Users\MerryZ\Downloads\DriverToolkitInstaller (1).exe
2017-06-03 07:29 - 2017-06-03 07:29 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-03 04:31 - 2017-06-03 04:31 - 00000000 ____D C:\Windows.old
2017-06-03 04:30 - 2017-06-03 04:30 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 21352176 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 20505088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 19334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 08320928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02651136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-03 04:30 - 2017-06-03 04:30 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-03 04:30 - 2017-06-03 04:30 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-03 04:30 - 2017-06-03 04:30 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-03 04:30 - 2017-06-03 04:30 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-03 04:30 - 2017-06-03 04:30 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-03 04:30 - 2017-06-03 04:30 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-03 04:30 - 2017-06-03 04:30 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-03 04:30 - 2017-06-03 04:30 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-03 04:30 - 2017-06-03 04:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-03 04:30 - 2017-06-03 04:30 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-03 04:30 - 2017-06-03 04:30 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-03 04:30 - 2017-06-03 04:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-03 04:27 - 2017-06-03 04:27 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-03 04:27 - 2017-06-03 03:33 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\Program Files\MSBuild
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-03 04:26 - 2017-06-03 04:26 - 00000000 ____D C:\inetpub
2017-06-03 04:26 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-03 04:26 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-03 04:26 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-03 04:26 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-03 04:26 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-03 04:26 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-03 04:25 - 2017-06-03 04:25 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-03 03:49 - 2017-06-03 03:49 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-03 03:47 - 2017-06-03 03:47 - 00000000 ____D C:\Users\MerryZ\AppData\Local\DBG
2017-06-03 03:47 - 2017-06-03 03:47 - 00000000 ____D C:\ProgramData\USOShared
2017-06-03 03:46 - 2017-06-03 03:46 - 00000632 __RSH C:\Users\MerryZ\ntuser.pol
2017-06-03 03:46 - 2017-06-03 03:46 - 00000020 ___SH C:\Users\MerryZ\ntuser.ini
2017-06-03 03:46 - 2017-06-03 03:46 - 00000000 _SHDL C:\Users\Default\My Documents
2017-06-03 03:44 - 2017-06-03 03:45 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2017-06-03 03:44 - 2017-06-03 03:45 - 00019053 _____ C:\WINDOWS\diagerr.xml
2017-06-03 03:42 - 2017-06-11 14:15 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19799760-6DE2-40A5-B198-37F9D4B0CBA4}
2017-06-03 03:42 - 2017-06-11 14:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-03 03:42 - 2017-06-07 18:50 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-03 03:42 - 2017-06-03 03:42 - 00003524 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2720924552-1951368585-1981068937-1000UA
2017-06-03 03:42 - 2017-06-03 03:42 - 00003492 _____ C:\WINDOWS\System32\Tasks\EPSON WF-2650 Series Update {7C680D3A-30B6-4197-B0A4-99DA01E49500}
2017-06-03 03:42 - 2017-06-03 03:42 - 00003406 _____ C:\WINDOWS\System32\Tasks\EPSON WF-2650 Series Update {7994C7D7-CFC6-4CD2-9E02-347096AE6BB6}
2017-06-03 03:42 - 2017-06-03 03:42 - 00003382 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-06-03 03:42 - 2017-06-03 03:42 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-03 03:42 - 2017-06-03 03:42 - 00003256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2720924552-1951368585-1981068937-1000Core
2017-06-03 03:42 - 2017-06-03 03:42 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-03 03:42 - 2017-06-03 03:42 - 00002978 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-03 03:42 - 2017-06-03 03:42 - 00002716 _____ C:\WINDOWS\System32\Tasks\{400080EE-6B69-4339-B529-DCEB0B42ACB6}
2017-06-03 03:42 - 2017-06-03 03:42 - 00002476 _____ C:\WINDOWS\System32\Tasks\Logon_Trigger_WPS_Mon_Task
2017-06-03 03:42 - 2017-06-03 03:42 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-06-03 03:42 - 2017-06-03 03:42 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-06-03 03:42 - 2017-06-03 03:42 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-06-03 03:42 - 2017-06-03 03:42 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-06-03 03:42 - 2017-06-03 03:42 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-06-03 03:42 - 2017-06-03 03:42 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-03 03:42 - 2017-06-03 03:42 - 00002090 _____ C:\WINDOWS\System32\Tasks\{B880F35D-910F-4464-BF90-0353139DD88D}
2017-06-03 03:42 - 2017-06-03 03:42 - 00002090 _____ C:\WINDOWS\System32\Tasks\{5BD6AE25-80B9-452F-A2E3-7BCCDD101D32}
2017-06-03 03:42 - 2017-06-03 03:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-06-03 03:42 - 2017-06-03 03:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-06-03 03:38 - 2017-06-03 03:38 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-03 03:36 - 2017-06-03 03:39 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-03 03:36 - 2017-06-03 03:36 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-03 03:36 - 2017-03-18 13:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-03 03:35 - 2017-06-11 14:06 - 01163730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-03 03:35 - 2017-06-05 08:29 - 00000000 ____D C:\Users\MerryZ
2017-06-03 03:35 - 2017-06-03 07:29 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-03 03:35 - 2017-06-03 03:44 - 00000000 ____D C:\Users\Administrator
2017-06-03 03:35 - 2017-06-03 03:40 - 00000000 ____D C:\Users\Merry Z
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\MerryZ\My Documents
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\MerryZ\Documents\My Videos
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\MerryZ\Documents\My Pictures
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\MerryZ\Documents\My Music
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Merry Z\My Documents
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Merry Z\Documents\My Videos
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Merry Z\Documents\My Pictures
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Merry Z\Documents\My Music
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Administrator\My Documents
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Administrator\Documents\My Videos
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Administrator\Documents\My Pictures
2017-06-03 03:35 - 2017-06-03 03:35 - 00000000 _SHDL C:\Users\Administrator\Documents\My Music
2017-06-03 03:34 - 2017-06-03 03:34 - 00975864 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-03 03:34 - 2017-06-03 03:34 - 00000000 ____D C:\Program Files\Realtek
2017-06-03 03:34 - 2017-06-03 03:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-06-03 03:33 - 2017-06-11 14:02 - 00312720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-03 03:33 - 2017-06-03 03:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-02 02:36 - 2017-06-03 03:46 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-01 19:49 - 2017-06-01 19:49 - 00013610 _____ C:\Users\MerryZ\Documents\Merry's Lady Froo Froo picture business card.docm
2017-06-01 09:26 - 2017-06-01 09:26 - 00000000 ____D C:\Users\MerryZ\AppData\Local\UNP
2017-06-01 00:49 - 2017-06-03 03:39 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-01 00:49 - 2017-06-01 00:50 - 00000000 ____D C:\Program Files\UNP
2017-05-30 03:43 - 2017-05-30 03:43 - 00000000 ____D C:\Users\MerryZ\Documents\earrings_files
2017-05-30 03:43 - 2017-05-30 03:41 - 01644699 _____ C:\Users\MerryZ\Documents\earrings.html
2017-05-29 18:34 - 2017-05-29 18:36 - 11646112 _____ (ESET) C:\Users\MerryZ\Downloads\avremover_nt64_enu.exe
2017-05-24 06:06 - 2017-05-24 06:06 - 00000102 _____ C:\Users\MerryZ\Desktop\jewelry.url
2017-05-24 06:04 - 2017-05-24 06:04 - 00000000 ___RD C:\Users\MerryZ\Documents\Saved Pictures
2017-05-24 05:52 - 2017-05-24 05:52 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\DuplicatePhotoCleaner
2017-05-24 05:52 - 2017-05-24 05:52 - 00000000 ____D C:\ProgramData\Duplicate Photo Cleaner
2017-05-24 05:51 - 2017-06-03 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photo Cleaner
2017-05-24 05:51 - 2017-05-24 05:51 - 00000735 _____ C:\Users\Public\Desktop\Duplicate Photo Cleaner.lnk
2017-05-24 05:51 - 2017-05-24 05:51 - 00000000 ____D C:\Program Files\Duplicate Photo Cleaner
2017-05-24 05:46 - 2017-05-24 05:51 - 13255808 _____ (WebMinds, Inc. ) C:\Users\MerryZ\Downloads\duplicatephotocleanersetup.exe
2017-05-21 17:45 - 2017-05-21 17:45 - 01905189 _____ C:\Users\MerryZ\Downloads\editedVideo_5-21-2017_52534_PM.wmv
2017-05-21 14:04 - 2017-05-21 14:09 - 13709641 _____ C:\Users\MerryZ\Downloads\video_1m26s (webcamera.io).mp4
2017-05-21 13:56 - 2017-05-21 13:58 - 10242972 _____ C:\Users\MerryZ\Downloads\video_1m16s (webcamera.io).mp4
2017-05-21 12:00 - 2017-05-21 12:01 - 19257218 _____ C:\Users\MerryZ\Downloads\video_2m08s (webcamera.io).mp4
2017-05-19 21:57 - 2017-05-19 21:59 - 20814893 _____ C:\Users\MerryZ\Downloads\5.17.17.mp4
2017-05-19 11:49 - 2017-05-19 11:49 - 00000000 ____D C:\Users\MerryZ\Downloads\win10_v5.01.25.0 (1)
2017-05-19 11:47 - 2017-05-19 11:47 - 02578560 _____ C:\Users\MerryZ\Downloads\win10_v5.01.25.0 (1).zip
2017-05-19 11:37 - 2017-05-19 11:46 - 02375481 _____ C:\Users\MerryZ\Downloads\Unconfirmed 106375.crdownload
2017-05-17 22:30 - 2017-05-17 22:32 - 00000000 ____D C:\Users\MerryZ\Documents\Sound recordings
2017-05-17 08:28 - 2017-05-17 23:26 - 10694392 _____ (VS Revo Group ) C:\Users\MerryZ\Downloads\RevoUninProSetup (1).exe
2017-05-17 08:27 - 2017-05-17 08:29 - 10694392 _____ (VS Revo Group ) C:\Users\MerryZ\Downloads\RevoUninProSetup.exe
2017-05-16 19:17 - 2017-05-16 19:17 - 00000000 ____D C:\Users\MerryZ\Documents\windows 10
2017-05-16 19:11 - 2017-05-17 08:13 - 00379065 _____ C:\Users\MerryZ\Desktop\5.16.17 speccy after deleting malware.txt
2017-05-16 18:44 - 2017-05-16 18:44 - 00000000 ____D C:\ProgramData\ByteFence
2017-05-16 18:39 - 2017-05-16 18:39 - 00029167 _____ C:\ProgramData\agent.1494985175.bdinstall.bin
2017-05-16 18:27 - 2017-05-16 18:36 - 00000000 ____D C:\Users\MerryZ\Desktop\pictures of Johnny
2017-05-16 18:23 - 2017-05-16 18:23 - 00028694 _____ C:\ProgramData\agent.1494984168.bdinstall.bin
2017-05-16 18:22 - 2017-05-16 18:22 - 00047689 _____ C:\ProgramData\agent.1494984163.bdinstall.bin
2017-05-14 21:12 - 2017-05-14 21:12 - 00386932 _____ C:\Users\MerryZ\Downloads\speccy 5.14.17 after Revo.txt
2017-05-14 21:11 - 2017-05-14 21:11 - 00386562 _____ C:\Users\MerryZ\Downloads\merry speccy 5.13.17 edit.txt
2017-05-14 05:42 - 2017-05-14 05:42 - 13124766 _____ C:\Users\MerryZ\Documents\autorun report 5.14.17 microsoft hidden.arn
2017-05-14 05:41 - 2017-05-14 05:41 - 00084202 _____ C:\Users\MerryZ\Documents\autorun report 5.14.17 windows hidden.txt
2017-05-13 09:19 - 2017-05-13 09:19 - 00003690 _____ C:\ProgramData\1494692397.bdinstall.bin
2017-05-13 08:35 - 2017-06-03 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-13 08:35 - 2017-05-13 08:35 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-13 08:35 - 2017-05-13 08:35 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-13 08:31 - 2017-05-13 08:34 - 07178424 _____ (VS Revo Group ) C:\Users\MerryZ\Downloads\revosetup.exe
2017-05-13 08:05 - 2017-05-13 08:05 - 01305227 _____ C:\Users\MerryZ\Downloads\Autoruns (2).zip
2017-05-13 07:55 - 2017-05-16 18:47 - 00000000 ____D C:\Program Files\ByteFence
2017-05-13 07:48 - 2017-05-13 07:48 - 01253088 _____ (Tararepus ) C:\Users\MerryZ\Downloads\Autoruns.exe
2017-05-12 21:53 - 2017-05-12 21:54 - 01305227 _____ C:\Users\MerryZ\Downloads\Autoruns (1).zip
2017-05-12 21:34 - 2017-05-12 21:34 - 00000000 ____D C:\Users\MerryZ\Downloads\Autoruns
2017-05-12 14:50 - 2017-05-12 14:50 - 12526094 _____ C:\Users\MerryZ\Desktop\MERRYZ-PC.arn
2017-05-12 14:37 - 2017-05-12 14:37 - 01305227 _____ C:\Users\MerryZ\Downloads\Autoruns.zip
2017-05-12 14:29 - 2017-05-12 14:29 - 00003690 _____ C:\ProgramData\1494624587.bdinstall.bin
2017-05-12 14:20 - 2017-05-12 14:20 - 00003690 _____ C:\ProgramData\1494624048.bdinstall.bin
2017-05-12 09:38 - 2017-05-12 09:39 - 00000000 ____D C:\SMCLpav
2017-05-12 09:23 - 2017-05-12 09:23 - 00757656 _____ C:\Users\MerryZ\Downloads\UNINSTALLER.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-11 14:01 - 2017-03-18 04:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-06-11 14:00 - 2017-03-18 14:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-11 13:59 - 2015-04-22 15:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-11 13:59 - 2015-04-22 15:33 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-10 17:08 - 2015-04-22 18:38 - 00000000 ____D C:\Users\MerryZ\AppData\Local\ElevatedDiagnostics
2017-06-09 16:49 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-08 15:42 - 2017-03-18 14:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-07 18:50 - 2016-07-30 08:59 - 00002409 _____ C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-07 18:50 - 2016-07-30 08:59 - 00000000 ___RD C:\Users\MerryZ\OneDrive
2017-06-04 18:38 - 2015-06-06 10:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-04 18:38 - 2015-05-18 21:05 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-04 04:54 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-03 21:27 - 2016-07-31 14:15 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2017-06-03 19:17 - 2017-03-18 13:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-03 18:35 - 2016-09-20 23:44 - 00000000 ____D C:\Users\MerryZ\AppData\Local\ConnectedDevicesPlatform
2017-06-03 04:33 - 2017-03-18 14:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-03 04:31 - 2017-03-18 14:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-03 04:31 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-03 04:31 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-03 04:26 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-03 04:26 - 2017-03-18 13:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-03 04:26 - 2017-03-18 13:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-03 04:26 - 2017-03-18 13:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-03 04:26 - 2017-03-18 13:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-03 04:26 - 2017-03-18 13:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-03 04:26 - 2017-03-18 13:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-03 04:26 - 2017-03-18 13:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-03 04:26 - 2017-03-18 13:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-03 04:26 - 2017-03-18 13:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-03 04:26 - 2017-03-18 13:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-03 04:26 - 2017-03-18 13:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-03 04:26 - 2017-03-18 13:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-03 04:26 - 2017-03-18 13:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-03 04:26 - 2017-03-18 13:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-03 04:26 - 2017-03-18 13:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-06-03 04:26 - 2017-03-18 13:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-03 04:26 - 2017-03-18 13:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-06-03 04:26 - 2017-03-18 13:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-06-03 04:26 - 2017-03-18 13:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-03 04:26 - 2017-03-18 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-06-03 04:26 - 2017-03-18 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-06-03 04:03 - 2016-07-30 08:58 - 00000000 ____D C:\Users\MerryZ\AppData\Local\Packages
2017-06-03 03:47 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-03 03:47 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-03 03:46 - 2017-03-18 14:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-03 03:46 - 2016-04-26 23:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-03 03:45 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-03 03:45 - 2017-03-18 04:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-03 03:44 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-03 03:44 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-03 03:42 - 2017-03-18 19:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-03 03:42 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-03 03:42 - 2016-07-29 07:03 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-03 03:41 - 2017-03-18 14:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-03 03:41 - 2017-03-18 14:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-03 03:41 - 2015-04-22 18:49 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-03 03:39 - 2017-05-09 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-06-03 03:39 - 2017-05-06 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-03 03:39 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-06-03 03:39 - 2015-11-29 12:29 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2017-06-03 03:39 - 2015-10-25 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-03 03:39 - 2015-10-16 21:24 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2017-06-03 03:39 - 2015-05-26 20:59 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-06-03 03:39 - 2015-05-14 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2017-06-03 03:39 - 2015-05-13 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-06-03 03:39 - 2015-05-09 11:43 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2017-06-03 03:39 - 2015-05-08 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-06-03 03:39 - 2015-04-22 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-03 03:37 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-03 03:37 - 2015-10-26 00:10 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-03 03:36 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-06-03 03:36 - 2016-07-29 10:19 - 00000000 ____D C:\Users\Merry Z\AppData\Local\Packages
2017-06-03 03:36 - 2016-04-26 23:21 - 00000000 ____D C:\WINDOWS\ShellNew
2017-06-03 03:36 - 2015-09-03 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-06-03 03:36 - 2015-07-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-06-03 03:36 - 2015-05-13 20:07 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-06-03 03:36 - 2015-04-26 16:33 - 00000000 ____D C:\Program Files\Microsoft Games
2017-06-03 03:36 - 2015-04-22 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2017-06-03 03:36 - 2009-07-13 20:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-03 03:34 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-03 03:12 - 2017-03-18 20:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-30 22:26 - 2017-05-01 21:22 - 1030593490 _____ C:\WINDOWS\MEMORY.DMP
2017-05-30 18:22 - 2010-11-20 20:27 - 00565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 18:16 - 2017-04-14 19:12 - 00000000 ____D C:\Users\MerryZ\Documents\Johnny
2017-05-30 09:40 - 2015-07-23 18:11 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\Skype
2017-05-30 05:16 - 2017-04-30 19:22 - 00000000 ____D C:\Users\MerryZ\Desktop\Pics sent to Johnny
2017-05-22 22:20 - 2015-04-22 16:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 22:18 - 2015-04-22 16:16 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-16 19:03 - 2015-10-24 15:08 - 00000000 ____D C:\Users\MerryZ\AppData\Local\Hardcoded Software
2017-05-16 19:03 - 2015-10-24 15:07 - 00000000 ____D C:\Program Files\Hardcoded Software
2017-05-16 19:00 - 2016-06-02 17:56 - 00000000 ____D C:\Program Files (x86)\Canon
2017-05-16 18:59 - 2016-06-02 21:34 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\canon
2017-05-16 18:56 - 2015-05-07 23:55 - 00000000 ____D C:\Program Files (x86)\Hp
2017-05-16 18:55 - 2015-05-07 23:55 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-05-16 18:53 - 2015-05-09 10:35 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-05-16 18:53 - 2015-05-09 10:07 - 00000000 ____D C:\Users\MerryZ\AppData\Local\Hewlett-Packard
2017-05-15 20:56 - 2015-04-22 15:15 - 00000000 ____D C:\Users\MerryZ\AppData\Local\VirtualStore
2017-05-14 07:43 - 2015-10-16 21:13 - 00000000 ____D C:\Users\MerryZ\AppData\Roaming\VERIZON
2017-05-12 22:13 - 2017-04-24 20:39 - 00000000 ____D C:\Users\MerryZ\Desktop\smiley faces
2017-05-12 10:17 - 2015-12-30 16:19 - 02253648 _____ (MediaTek Inc.) C:\WINDOWS\system32\Drivers\AE6000w1064.sys
2017-05-12 10:17 - 2015-12-30 16:19 - 00352408 _____ (Mediatek Inc.) C:\WINDOWS\system32\RaCoInstx.dll
2017-05-12 10:17 - 2015-12-30 16:13 - 00079216 _____ C:\WINDOWS\system32\Drivers\FW_7662.bin
2017-05-12 10:17 - 2015-12-30 16:13 - 00020626 _____ C:\WINDOWS\system32\Drivers\Patch_7662.bin
2017-05-12 10:17 - 2015-12-30 16:13 - 00016389 _____ C:\WINDOWS\system32\RaCoInst.dat
2017-05-12 09:24 - 2015-04-22 20:55 - 00000000 ____D C:\ProgramData\Panda Security
 
==================== Files in the root of some directories =======
 
2015-06-07 00:18 - 2015-06-07 00:18 - 0245226 _____ () C:\ProgramData\1433660781.bdinstall.bin
2015-08-12 11:51 - 2015-08-12 11:51 - 0037823 _____ () C:\ProgramData\1439405470.bdinstall.bin
2015-08-12 11:53 - 2015-08-12 11:53 - 0097979 _____ () C:\ProgramData\1439405471.bdinstall.bin
2015-08-12 19:18 - 2015-08-12 19:18 - 0237460 _____ () C:\ProgramData\1439431394.bdinstall.bin
2015-10-24 10:35 - 2015-10-24 10:37 - 0177506 _____ () C:\ProgramData\1445708147.bdinstall.bin
2015-10-24 10:40 - 2015-10-24 10:40 - 0037838 _____ () C:\ProgramData\1445708403.bdinstall.bin
2015-10-24 10:45 - 2015-10-24 10:45 - 0094105 _____ () C:\ProgramData\1445708404.bdinstall.bin
2015-10-25 12:29 - 2015-10-25 12:29 - 0237090 _____ () C:\ProgramData\1445764663.bdinstall.bin
2015-10-26 19:38 - 2015-10-26 19:38 - 0037602 _____ () C:\ProgramData\1445913537.bdinstall.bin
2015-10-26 19:42 - 2015-10-26 19:42 - 0177336 _____ () C:\ProgramData\1445913538.bdinstall.bin
2015-10-28 19:44 - 2015-10-28 19:44 - 0037839 _____ () C:\ProgramData\1446086681.bdinstall.bin
2015-10-28 19:50 - 2015-10-28 19:50 - 0094780 _____ () C:\ProgramData\1446086682.bdinstall.bin
2015-10-30 18:51 - 2015-10-30 18:51 - 0003690 _____ () C:\ProgramData\1446256276.bdinstall.bin
2015-10-30 18:51 - 2015-10-30 18:51 - 0003690 _____ () C:\ProgramData\1446256283.bdinstall.bin
2015-10-30 18:51 - 2015-10-30 18:51 - 0003690 _____ () C:\ProgramData\1446256294.bdinstall.bin
2015-10-30 18:54 - 2015-10-30 18:54 - 0003690 _____ () C:\ProgramData\1446256444.bdinstall.bin
2015-10-30 23:39 - 2015-10-30 23:39 - 0003690 _____ () C:\ProgramData\1446273582.bdinstall.bin
2015-10-30 23:42 - 2015-10-30 23:42 - 0003690 _____ () C:\ProgramData\1446273755.bdinstall.bin
2015-10-30 23:42 - 2015-10-30 23:42 - 0003690 _____ () C:\ProgramData\1446273762.bdinstall.bin
2015-10-30 23:42 - 2015-10-30 23:42 - 0003690 _____ () C:\ProgramData\1446273773.bdinstall.bin
2015-10-30 23:42 - 2015-10-30 23:42 - 0003690 _____ () C:\ProgramData\1446273776.bdinstall.bin
2015-10-30 23:43 - 2015-10-30 23:43 - 0003690 _____ () C:\ProgramData\1446273781.bdinstall.bin
2015-11-01 17:30 - 2015-11-01 17:30 - 0003690 _____ () C:\ProgramData\1446424215.bdinstall.bin
2015-11-16 20:26 - 2015-11-16 20:26 - 0003690 _____ () C:\ProgramData\1447730794.bdinstall.bin
2015-11-16 20:26 - 2015-11-16 20:26 - 0003690 _____ () C:\ProgramData\1447730807.bdinstall.bin
2017-05-11 18:56 - 2017-05-11 18:56 - 0003690 _____ () C:\ProgramData\1494554175.bdinstall.bin
2017-05-11 18:58 - 2017-05-11 18:58 - 0003690 _____ () C:\ProgramData\1494554291.bdinstall.bin
2017-05-11 19:12 - 2017-05-11 19:12 - 0003690 _____ () C:\ProgramData\1494555155.bdinstall.bin
2017-05-12 14:20 - 2017-05-12 14:20 - 0003690 _____ () C:\ProgramData\1494624048.bdinstall.bin
2017-05-12 14:29 - 2017-05-12 14:29 - 0003690 _____ () C:\ProgramData\1494624587.bdinstall.bin
2017-05-13 09:19 - 2017-05-13 09:19 - 0003690 _____ () C:\ProgramData\1494692397.bdinstall.bin
2017-05-16 18:22 - 2017-05-16 18:22 - 0047689 _____ () C:\ProgramData\agent.1494984163.bdinstall.bin
2017-05-16 18:23 - 2017-05-16 18:23 - 0028694 _____ () C:\ProgramData\agent.1494984168.bdinstall.bin
2017-05-16 18:39 - 2017-05-16 18:39 - 0029167 _____ () C:\ProgramData\agent.1494985175.bdinstall.bin
2015-04-22 15:34 - 2015-04-22 15:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-08 13:29 - 2017-05-16 18:51 - 0010096 _____ () C:\ProgramData\hpzinstall.log
 
Files to move or delete:
====================
C:\Users\Administrator\NTUSER (2).DAT
C:\Windows\Tasks\{400080EE-6B69-4339-B529-DCEB0B42ACB6}.job
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-06-03 03:33
 
==================== End of FRST.txt ============================

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   19.14KB   34 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Reboot if it doesn't do it for you.
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top about 10-20 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
 
 

 


  • 0

#5
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Again.. I hope these are the documents you need... If not please clarify for me, thanx for your help

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   21.31KB   35 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

I don't think that BitDefender is your problem.  I am seeing signs in your speccy log that the hard drive may be failing.

 

 

Get HD Tune from:

 

http://www.hdtune.co.../hdtune_255.exe

 

This is a direct download so it will start without changing the page you are on.  Once it downloads, right click on it and Show In Folder (or go to the downloads folder and find the file)  then right click on the file and Run As Admin.  Accept the defaults.  The program should start after it finishes installing.  Close all other programs and hit HD Tune's Start.  If the hard drive is healthy you should get a fairly smooth curve that stays up at the top of the graph most of the time.  If it oscillates wildly or the maximum is very low (under 100 - we would actually like to see something like 500 on a healthy drive) then the drive is dying and needs to be replaced.   

 

 

You have: 119GB ADATA SP 900 SATA Disk Device

 

So I would try Adata's Toolbox:

 

http://www.adata.com/en/ss/software-6/

 

The download is a zip file so you need to right click on the file and Extract All, Extract.  Then right click on the file and Run As Admin.  There is a box to click to launch the program on the last page of the install.  

 

Sometimes clicking on System Optimization will help speed up the drive.  You can also run the Diagnostic software.  I would run the Full rather than the Quick.


  • 0

#7
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Before I do the fixlist.txt download again... did I do it right the first time?  If not then I will need more instructions... just wanted to know before I did it again only to be wrong again


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP

perfectly


  • 0

#9
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

o.k.  the first time I tried to run these programs it made my computer crash.  This time was o.k. but my computer is now making really strange noise (not constantly only 2 times now) high pitched squeel ... hard to describe. 

 

Here are the reports you asked me to run. 

Attached Thumbnails

  • ADATA drive info.png
  • ADATA system info.jpg
  • diagnostics ADATA.jpg
  • HD tune results.jpg

Attached Files


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP

You can uninstall HD Tune.  Your drive is not as good as it should be but it's not as bad as my own which is failing.

 

 

When you ran the ADATA program did you do the Full Diagnostics Scan?  Did it take very long?

 

I assume the noise is not coming from the speakers.  In that case, the only moving parts that could make noise are the fans.  There is usually one on the motherboard that cools the CPU, one in the power supply, and perhaps one on the video card if it's a separate unit.  

 

Get speedfan from:

 

 
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
 
After you click off the the help notice it should show you your temps and the speed of your CPU fan.  Watch a video or play a game and see if the temperature climbs?  What is the maximum that temp that it shows?
 
 
Get the newest driver from Realtek:
 
 
You want the top one.   Win10 Auto Installation Program   Hit the Global button to download it. This is a zip file so you will need to right click on the saved file and Extract All, Extract.  This will give you a folder.  Double click on the folder and locate setup.exe (you may not see the .exe).  Right click on it and Run as Admin. to start the install.
 
Once you have the driver installed, Search for
device manager
hit Enter.
 
Open the Network Adapters by clicking on the arrow in front of it. (If it is not already open)  Right click on the Wireless adapter and select Properties then Power Management then Uncheck the box in front of Allow the computer to turn off this device to save power.  OK.
Close Device Manager window.
 
Search for
 
control panel
 
hit Enter
 
View by:  Large Icons.
Programs and Features
 
Turn Windows Features On or Off
Wait for the window to fill it takes a long time.  Do not press the OK button.  Find .NET Framework 4.6 Advanced Services.  Click on the plus sign.  Find WCF Services.  Click on the plus sign.  Uncheck TCP Port Sharing.  OK.  Close.

  • 0

Advertisements


#11
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

thank you i will do all this tomorrow i hope since i am running out of time to get my jewelry show put together and make more pieces (a wonderful oppertunity for me) :yeah: .  i forgot to tell you that i gave up on the dongle and got cable. 


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP

No hurry.  Do it when you can.


  • 0

#13
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

When I ran ADATA it only took a few seconds to run and yes I did do a full scan. 

 

I am trying to download speedfan and cannot find the right download button.  When I press on the download buttons on the page from the link you sent me I get a download for PDF conversion, Windows 10 drivers and easy speed test.  I tried entering "speedfan" download into my browser and still came up with same downloads.  Not sure what I am doing wrong. 

 

Updated the Realtek drivers.  Only difference was when you told me to find : Find .NET Framework 4.6 Advanced Services. my system said 4.7 

 

What is all this for? 

 

Not sure if you are the one to ask... I got rid of the dongle because I kept losing the internet.  So I had Charter installed.  Now when I go to MS word or some of the other programs it takes forever for my computer to acknowlege the command that I asked for.  This morning again I tried to type a letter and couldn't because the computer (?) didn't acknowledge my key strokes.  I had to reboot for it to register.  Is this part of my hard drive issue? 


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,748 posts
  • MVP

See following for location of correct button.  You probably are seeing ads.  I use Ublock Origin https://www.ublock.org/and do not see them.

speedfan.JPG

If you no longer use the Realtek then you don't need to try to update it.

 

 


  • 0

#15
zavalamerry

zavalamerry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Thank you I got the download... will try to figure out how to run it.... 

My bf pulled a stupid and is in prison... to be able to video visit him I have to go through Jpay.  I try out each of my webcams (they all plug into usb ports) using their cam and audio test and all of my cams always shows my pic and voice are good .  However when it comes time for the official visit I click on the link they provide and it comes up with "checking for your equipment" and it can never find my cam... is this a realtek issue? 


  • 0






Similar Topics


Also tagged with one or more of these keywords: bitdefender

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP