Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Did I or Do I still have a Keylogger. Credit Card No. Fraud Twice


  • Please log in to reply
2 replies to this topic

#1 Bignose2

Bignose2

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 18 May 2018 - 05:02 PM

Hi,

8 May 2018, I had fraudulent C/Card payments. £200 & £800 - C/Card refund OK.

I suspected (& still think) some online hack of somewhere card details held, I don't usually save but over the few years is a chance I have save, none recent.

9th May

Full scan with Defender & this found, I also usually run Adwcleaner runtime but nothing found.

TrojanDownloader:O97M/Donoff

It showed a doc file in my documents. I am so extremely careful about links in email so amazed how this got there

Quick scan or whatever is in the background did not pick up on this, only the full scan.

I was not especially worried, I wondered if an old file that has just been sitting there, not run but found will full scan, maybe it was, wife is careful but does use this PC from time to time.

11th May
Must have done another scan,
Exploit:O97M/CVE-2017-11882!rfn
Lists a different doc file.
Not sure how this was not picked up with the 9th May scan or was not fully removed or something else, new defintions perhaps?

Few scans since & Adwcleaner

14th May New card

Activated & I only entered registered this card on PayPal - All on same PC. Did not put card details anywhere else.

Later that night I got a warning text from Bank, sure enough fraudulent payment, This was the first payment & stopped OK. £200

Direct or online card - Not via paypal

I will mention & not sure why not picked up before but 99% sure can't be the issue but of course I am not an expert but generally pretty savvy. Trojan:Win32/Tilken.B!cl . This was Actiador.exe. A file on my D drive, about 4 years ago something I downloaded. Alcholhol CD writer/image thingy. Definately not run or even looked at for years but am surprised why not picked up now but of course the databases are updated all the time.

Changed all passwords using a chromebook. Is on same network though.

Since I have tried

 

Adwcleaner
Zemana

MalwareBytes Root Beta
Malwarebytes - Installs - removed after
Kaspersky Security Scan - Installs - removed after

Chrome's Clean-Up computer

Windows 10 PC up to date & back on defender

ESET

Nothing found on any of these.

If I had had a keylogger good chance they would have got my PayPay password so I just feel things would have been worse, I did not change this after the first fraud.

I would like to stick with Defender as main AV btu would like a few run time scanner advise.

I mainly use chrome on the PC

Everything runs fine, seems fine.

I have quite a large wifi network, lots of devices, nothing suspicious, very quite rural,

Hitman Pro caused BSOD but rebooted fine but do not want to try again. I know perhaps should be suspicious but with all the other tests OK figured OK.
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by GregReed (administrator) on HOME (18-05-2018 22:36:07)
Running from D:\Downloads
Loaded Profiles: GregReed (Available Profiles: GregReed)
Platform: Windows 10 Pro Version 1803 17134.48 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\spaceman.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft) C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Sage UK Limited) C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe
(Sage (UK) Limited) C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\GregReed\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir78760_9683\old_chrome.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\GregReed\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFViewer\PdfPro7Hook.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_171\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21595.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pplinks.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PPMailerOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [574872 2017-10-16] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Winpopup LAN Messenger] => C:\Program Files (x86)\Winpopup LAN Messenger\WinPopup.exe [3437056 2014-08-09] (Fomine Software)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4526328 2017-10-16] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-10-16] (Acronis International GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-08] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDFViewer\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [Amazon Music] => C:\Users\GregReed\AppData\Local\Amazon Music\Amazon Music Helper.exe [3464680 2016-11-21] ()
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [Google Update] => C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-17] (Google Inc.)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46214128 2018-04-12] ()
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [8C5356907ED18E5E2AA5654F742723FA1069A100._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-15] (Google Inc.)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [EasyNetMonitorPro] => C:\Users\GregReed\AppData\Local\EasyNetMonitorPro\EasyNetMonitorPro.exe [468992 2016-06-30] (NiceKit)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [GoogleChromeAutoLaunch_E7C5259FB89A11F70C88A6F7C4EB4729] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-15] (Google Inc.)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [Spotify Web Helper] => C:\Users\GregReed\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-15] (Spotify Ltd)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2324480 2018-03-26] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{462185ea-9c65-4b8f-9aff-bf3ed279f554}: [NameServer] 192.168.2.1,8.8.4.4
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4155437166-3815807146-88625829-1001 -> DefaultScope {A158EDCC-4C4E-4174-A21E-B5952BE67827} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-4155437166-3815807146-88625829-1001 -> {A158EDCC-4C4E-4174-A21E-B5952BE67827} URL = hxxp://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-17] (Oracle Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-17] (Oracle Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {3F14D76D-8C1A-47CA-A2CB-34982BCD44DE} file://kens/My%20Data/Outlook/OutlookYearView.CAB
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: ppwvmlxr.default-1519486282208
FF ProfilePath: C:\Users\GregReed\AppData\Roaming\Mozilla\Firefox\Profiles\ppwvmlxr.default-1519486282208 [2018-05-17]
FF Plugin: @itstructures.com/ffactivex -> C:\WINDOWS\SysWOW64\npffax.dll [2013-12-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @google.com/zxwebplugin -> C:\WINDOWS\SysWOW64\nptvswebplugin.dll [2014-10-29] ()
FF Plugin-x32: @itstructures.com/ffactivex -> C:\Program Files\Firefox ActiveX Plugin\npffax.dll [2011-12-28] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tenvis.com/vlc,version=2.1.5 -> C:\Program Files (x86)\TENVIS EasySetup\plug-in\LT\LT_Trd_Lib\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin-x32: ChromeWebPlugin -> C:\Program Files (x86)\WebContrl\npGS_ChromePlugins.dll [2013-05-27] ( )
FF Plugin-x32: FireFoxWebPlugin -> C:\Program Files (x86)\WebContrl\npGS_Plugins.dll [2013-05-27] ( )
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDFViewer\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-4155437166-3815807146-88625829-1001: @tools.google.com/Google Update;version=3 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-4155437166-3815807146-88625829-1001: @tools.google.com/Google Update;version=9 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-4155437166-3815807146-88625829-1001: runtop.com/RTPlayer -> C:\Program Files (x86)\VVVIPCamera\npRTPlayer.dll [2016-11-05] (RunTop)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.co.uk/
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/?gws_rd=ssl","hxxps://www.google.co.uk/"
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default [2018-05-18]
CHR Extension: (Custom Calendar Background) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjecbgflnhmeldadcbblhfdimhifpki [2018-02-28]
CHR Extension: (Cheltenham2016 - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjmglhobpmpipmbeaolhhabdobmegel [2017-03-14]
CHR Extension: (Kens Cams) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\afdkbjdehejgcdpijnidpapdjcbakafb [2017-09-28]
CHR Extension: (Log in | Sainsbury's) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aidnoedafhbemafnpinjgecpanpjppcn [2016-01-17]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-03-14]
CHR Extension: (Google) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdiihgabadffhbjnjephgknnbfifbejj [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-07-14]
CHR Extension: (Netflix) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2017-06-18]
CHR Extension: (2017 Main - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaeldgclohmopepjbflnicnjfjlakil [2017-03-14]
CHR Extension: (2016 Main) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiigkiiejoificjaeddjniabneomjakm [2017-03-14]
CHR Extension: (Google Play Music) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-05-11]
CHR Extension: (Ericom Cloud Browser for Internet Explorer) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gahjiajfldfkbglaegkndeccohnpcoce [2017-06-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-14]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Home Cams) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjfdlpmhenklekgncbbmhaaemgpcjlji [2016-01-17]
CHR Extension: (Google Keep) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcfcmgpnmpinpidjdgejehjchlbglpde [2018-03-23]
CHR Extension: (IE Tab) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-05-02]
CHR Extension: (Google Calendar - Month of Jan 2017) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjpceadhnpnpdelkidbjdmoodafopfkp [2017-03-14]
CHR Extension: (Google Keep - notes and lists) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-05-15]
CHR Extension: (Apps Launcher) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmgkhchjindcjamnckoiahagecjnkdc [2017-10-23]
CHR Extension: (Karen Email) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpamjjihfbebghambnbdjjgnnkecjip [2017-03-15]
CHR Extension: (5 Ingredients - Quick & Easy Food - G...) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\jncdpenddahgjijohlpbpjkjppcacchf [2017-10-10]
CHR Extension: (2018 Main - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkfoflkmpfcjlplpnogmnnndgfdbamn [2017-11-02]
CHR Extension: (Spotify Web Player - Spotify) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfbnhhcmmpmjfkkakaplojljcodkmobo [2017-03-14]
CHR Extension: (Google Calendar - May 2018) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjbdgfilnfhdoflbpgamdcdgpehopbep [2018-05-18]
CHR Extension: (Google Hangouts) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2018-02-19]
CHR Extension: (Google Calendar) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpapfhofnheffbjgnoklieffaiamdmgi [2017-03-14]
CHR Extension: (2017 Main - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljhpmohmjfnheggbohmffmhnlefhjkem [2017-07-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-17]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2018-05-15]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-11-29]
CHR Extension: ((1) Roundcube Webmail :: Inbox) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdacikjpanbbnkdgdendpfjbpfedndpj [2016-01-17]
CHR Extension: (Google) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbfijcbdifemgfjcjhpedldobambfmc [2017-11-17]
CHR Extension: (Martin Work) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmaimnnbofedgcgkhicggkecipnpeep [2017-03-14]
CHR Extension: (Amazon Music Library) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\modeimgedapfaccjaiblcfbgdjfpnagp [2017-03-14]
CHR Extension: (Google Calendar - November) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\najemjgnkdnfhifcpefekliplenhkkma [2017-11-17]
CHR Extension: (Google Hangouts) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-02-14]
CHR Extension: (Xmas 15 - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkkmnoldigndgmclannbadfdoahblbfk [2016-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Google) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\odgnbaeenlhjakecipnonljennmnaogg [2017-11-17]
CHR Extension: (5 Ingredients - Quick & Easy Food - G...) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\oihjdplhkiiddglgliijahalonmgbfak [2017-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-27]
CHR Extension: (Kens Cams) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlgdaeddcnnalfbhlaooofdpbilkehp [2016-01-17]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-04]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-06]
CHR Extension: (Google Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-06]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-06]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-06]
CHR Extension: (Google Play Music) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-09-07]
CHR Extension: (Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-06]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-06]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10 [2018-05-15]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Custom Calendar Background) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\acjecbgflnhmeldadcbblhfdimhifpki [2018-02-27]
CHR Extension: (Log in | Sainsbury's) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aidnoedafhbemafnpinjgecpanpjppcn [2016-12-05]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-12-05]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (Google) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\cdiihgabadffhbjnjephgknnbfifbejj [2016-12-05]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-12-05]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-12]
CHR Extension: (Google Play Music) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-05-10]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-14]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-12]
CHR Extension: (Home Cams) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\gjfdlpmhenklekgncbbmhaaemgpcjlji [2016-12-05]
CHR Extension: (IE Tab) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-04-27]
CHR Extension: (Google Keep - notes and lists) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-05-15]
CHR Extension: (iChrome New Tab - A Fast, Productive New Tab) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\iccjgbbjckehppnpajnmplcccjcgbdep [2018-01-30]
CHR Extension: (Webmail Login) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\jdpamjjihfbebghambnbdjjgnnkecjip [2016-12-05]
CHR Extension: (Google Calendar - November) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\kjbdgfilnfhdoflbpgamdcdgpehopbep [2017-11-17]
CHR Extension: (Google Hangouts) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\knipolnnllmklapflnccelgolnpehhpl [2018-02-26]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-27]
CHR Extension: ((1) Roundcube Webmail :: Inbox) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mdacikjpanbbnkdgdendpfjbpfedndpj [2016-12-05]
CHR Extension: (Xmas 15 - Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nkkmnoldigndgmclannbadfdoahblbfk [2016-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (iChrome - A Fast, Productive Home Page) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\oghkljobbhapacbahlneolfclkniiami [2018-01-30]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-27]
CHR Extension: (Kens Cams) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pnlgdaeddcnnalfbhlaooofdpbilkehp [2016-12-05]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11 [2018-03-23]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-03]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-21]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-03]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-03]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-03-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-03]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-14]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12 [2017-12-13]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-10]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-07]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-07]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-10]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-12-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-12-07]
CHR Extension: (Google Hangouts) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-07]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-07]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-06]
CHR Extension: (Google Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-06]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-06]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-06]
CHR Extension: (Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-06]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-06]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-06]
CHR Extension: (Google Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-06]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-06]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-06]
CHR Extension: (Google Play Music) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-09-07]
CHR Extension: (Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-06]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-06]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-06]
CHR Extension: (Google Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-06]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-06]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-06]
CHR Extension: (Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-06]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-06]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-05-15]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-30]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-30]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-07]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-23]
CHR Extension: (Google Play Music) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-05-14]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-30]
CHR Extension: (Chrome Remote Desktop) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-12-19]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-05-15]
CHR Extension: (Apps Launcher) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ijmgkhchjindcjamnckoiahagecjnkdc [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-20]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-28]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6 [2017-11-04]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-07]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-07]
CHR Extension: (Spotify - Music for every moment) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2017-10-31]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-31]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-26]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-10-31]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-31]
CHR Extension: (Bubble Shooter Exclusive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pfaogkfljpdfmodbmbogiiblppijleen [2017-10-31]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-31]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7 [2018-01-24]
CHR Extension: (Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-14]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-14]
CHR Extension: (Adobe Acrobat) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-14]
CHR Extension: (Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-01-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-13]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8 [2017-03-22]
CHR Extension: (Google Slides) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-09]
CHR Extension: (Google Docs) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-09]
CHR Extension: (Google Drive) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-09]
CHR Extension: (YouTube) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-09]
CHR Extension: (Google Sheets) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-09]
CHR Extension: (Google Docs Offline) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-11-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-09]
CHR Extension: (Gmail) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-09]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\Profile 9 [2017-03-22]
CHR Profile: C:\Users\GregReed\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-10]
CHR HKU\S-1-5-21-4155437166-3815807146-88625829-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\GregReed\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-11-18]
CHR HKU\S-1-5-21-4155437166-3815807146-88625829-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [3115040 2017-10-16] (Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1213544 2017-10-16] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2017-10-23] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\66.0.3359.12\remoting_host.exe [71000 2018-03-06] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-04-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-05-14] (Dropbox, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-10-16] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-10-16] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1723280 2017-10-16] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.)
R2 Sage AutoUpdate Manager Service; C:\Program Files (x86)\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe [8192 2015-08-24] (Microsoft) [File not signed]
R2 Sage AutoUpdate Manager Service v2; C:\Program Files (x86)\Common Files\Sage\Shared\AutoUpdateManager\v2\Sage.Central.AutoUpdateManager.Service.exe [8192 2016-10-26] (Sage UK Limited) [File not signed]
R2 Sage SData Service; C:\Program Files (x86)\Common Files\Sage SData\Sage.SData.Service.exe [49152 2009-08-21] (Sage (UK) Limited) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-10-16] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 AU8168; C:\WINDOWS\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [564304 2017-10-23] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2017-10-23] (Acronis International GmbH)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-05-15] ()
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-15] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-18] (Malwarebytes)
S3 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-08-25] (Audials AG)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-09-10] (Realtek )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2017-10-23] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [213336 2017-10-23] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2017-10-23] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [326416 2017-10-23] (Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2017-10-23] (Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-26] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-15] (Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-18 18:12 - 2018-05-18 18:12 - 000008021 _____ C:\Users\GregReed\Documents\html.odt
2018-05-17 13:54 - 2018-05-17 13:54 - 000002691 _____ C:\Users\GregReed\Desktop\Google Calendar - May 2018.lnk
2018-05-17 07:33 - 2018-05-17 07:33 - 000000000 ____D C:\Users\GregReed\AppData\Local\ESET
2018-05-16 19:14 - 2018-05-18 19:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-05-16 19:14 - 2018-05-17 06:44 - 000001504 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-05-16 19:14 - 2018-05-17 06:38 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-16 19:14 - 2018-05-17 06:38 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-05-16 19:14 - 2018-05-16 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-05-16 19:13 - 2018-05-16 19:13 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-16 19:00 - 2018-05-16 19:00 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\17220377.sys
2018-05-16 18:59 - 2018-05-16 19:12 - 000000000 ____D C:\Users\GregReed\Desktop\mbar
2018-05-16 18:59 - 2018-05-16 19:12 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-05-16 17:07 - 2018-05-16 17:07 - 000000977 _____ C:\Users\GregReed\Desktop\V216 TRY Gte Email for TEXTS better format.accdb - Shortcut.lnk
2018-05-16 16:53 - 2018-05-18 12:38 - 000000000 ____D C:\Users\GregReed\AppData\Local\Deployment
2018-05-16 14:04 - 2018-05-17 13:35 - 000000000 ____D C:\Users\GregReed\AppData\Local\PlaceholderTileLogoFolder
2018-05-16 12:51 - 2018-05-16 12:04 - 000000000 ____D C:\Windows.old
2018-05-16 12:45 - 2018-05-16 12:51 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-16 12:44 - 2018-05-16 12:45 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-16 12:44 - 2018-05-16 12:44 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-16 12:43 - 2018-05-16 12:43 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-16 12:43 - 2018-05-16 12:43 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-05-16 12:43 - 2018-05-16 12:43 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-16 12:43 - 2018-05-16 12:43 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-16 12:43 - 2018-05-16 12:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-16 12:43 - 2018-05-16 12:43 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2018-05-16 12:43 - 2018-05-16 12:43 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-16 12:43 - 2018-05-16 12:43 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-05-16 12:41 - 2018-05-16 12:41 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-16 12:41 - 2018-05-16 12:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-16 12:41 - 2018-05-16 12:41 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 12:41 - 2018-05-16 12:41 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 12:41 - 2018-05-16 12:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-16 12:41 - 2018-05-16 12:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-16 12:41 - 2018-05-16 12:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-16 12:41 - 2018-05-16 12:41 - 000000000 ____D C:\Program Files\MSBuild
2018-05-16 12:41 - 2018-05-16 12:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-05-16 12:41 - 2018-05-16 12:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-05-16 12:40 - 2018-05-16 12:40 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-16 12:40 - 2018-05-16 12:40 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-16 12:40 - 2018-05-16 12:40 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-16 12:40 - 2018-05-16 12:40 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-16 12:40 - 2018-05-16 12:40 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-16 12:40 - 2018-05-16 12:40 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-16 12:40 - 2018-05-16 12:40 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-16 12:40 - 2018-05-16 12:40 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-16 12:11 - 2018-05-16 12:11 - 000001417 _____ C:\Users\GregReed\Desktop\Microsoft Edge.lnk
2018-05-16 12:11 - 2018-05-16 12:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-16 12:04 - 2018-05-18 22:32 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88D473B5-B420-4C71-80CF-45F3115EA789}
2018-05-16 12:04 - 2018-05-17 22:07 - 000003710 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001UA1d257f7ef7191ed
2018-05-16 12:04 - 2018-05-17 22:07 - 000003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001Core1d257f7ef6c3a88
2018-05-16 12:04 - 2018-05-17 15:47 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 12:04 - 2018-05-17 15:47 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 12:04 - 2018-05-17 06:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-16 12:04 - 2018-05-16 12:04 - 000003600 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001UA
2018-05-16 12:04 - 2018-05-16 12:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-05-16 12:04 - 2018-05-16 12:04 - 000003436 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-16 12:04 - 2018-05-16 12:04 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001Core
2018-05-16 12:04 - 2018-05-16 12:04 - 000003212 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-16 12:04 - 2018-05-16 12:04 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4155437166-3815807146-88625829-1001
2018-05-16 12:04 - 2018-05-16 12:04 - 000002808 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4155437166-3815807146-88625829-1001
2018-05-16 12:04 - 2018-05-16 12:04 - 000002424 _____ C:\WINDOWS\System32\Tasks\PrivaZer_SkipUAC
2018-05-16 12:04 - 2018-05-16 12:04 - 000002036 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-16 12:04 - 2018-05-16 12:04 - 000000020 ___SH C:\Users\GregReed\ntuser.ini
2018-05-16 12:04 - 2018-05-16 12:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-05-16 12:04 - 2018-05-16 12:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-05-16 12:03 - 2018-05-17 06:48 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-16 12:03 - 2018-05-16 12:04 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-05-16 12:03 - 2018-05-16 12:04 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-05-16 11:55 - 2018-05-16 11:55 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-16 11:54 - 2018-05-17 06:43 - 000000000 ____D C:\Users\GregReed
2018-05-16 11:54 - 2018-05-16 11:55 - 000000000 ____D C:\Users\GregReed\AppData\Local\Microsoft Help
2018-05-16 11:54 - 2018-05-16 11:54 - 000000000 ____D C:\Users\GregReed\AppData\Local\Google
2018-05-16 11:54 - 2018-05-16 11:54 - 000000000 ____D C:\ProgramData\USOShared
2018-05-16 11:54 - 2018-04-12 00:34 - 000001105 _____ C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-16 11:54 - 2017-06-05 16:42 - 000002227 _____ C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2018-05-16 11:53 - 2018-05-16 11:53 - 000002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2018-05-16 11:53 - 2018-05-16 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-16 11:53 - 2016-11-14 10:45 - 000615992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-16 11:52 - 2018-05-18 22:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-16 11:52 - 2018-05-16 11:56 - 000418744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-16 11:52 - 2018-04-12 00:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-16 09:37 - 2018-05-16 12:04 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-15 18:24 - 2018-05-18 19:47 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-15 18:24 - 2018-05-17 06:42 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-15 18:24 - 2018-05-17 06:42 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-15 18:24 - 2018-05-17 06:42 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-15 18:24 - 2018-05-15 18:24 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-15 18:21 - 2018-05-15 18:21 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2018-05-15 18:21 - 2018-05-15 18:21 - 000000000 ____D C:\ProgramData\HitmanPro
2018-05-15 12:27 - 2018-05-15 12:30 - 000582277 _____ C:\Users\GregReed\Desktop\libturbojpeg.dll
2018-05-15 12:27 - 2018-05-15 12:30 - 000007168 _____ C:\Users\GregReed\Desktop\ScreenBrightness.exe
2018-05-15 12:27 - 2018-05-15 12:30 - 000007143 _____ C:\Users\GregReed\Desktop\BlueIrisViewer_Errors.txt
2018-05-15 12:27 - 2018-05-15 12:30 - 000001701 _____ C:\Users\GregReed\Desktop\BIVSettings.cfg
2018-05-15 10:49 - 2018-05-15 10:49 - 000000064 _____ C:\Users\GregReed\Desktop\Google Calendar - May 2018.url
2018-05-15 10:46 - 2018-05-15 10:46 - 000002911 _____ C:\Users\GregReed\Desktop\Chrome Remote Desktop.lnk
2018-05-15 09:22 - 2018-05-16 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-15 09:22 - 2018-05-15 09:22 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-15 09:22 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-15 09:19 - 2018-05-15 09:19 - 000001237 _____ C:\Users\GregReed\Desktop\KENS Recordings.lnk
2018-05-15 09:19 - 2018-05-15 09:19 - 000001237 _____ C:\Users\GregReed\Desktop\HOME Recordings.lnk
2018-05-15 09:13 - 2018-05-18 22:36 - 003022985 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-05-15 09:13 - 2018-05-15 09:53 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-05-15 09:13 - 2018-05-15 09:21 - 000125787 _____ C:\WINDOWS\ZAM.krnl.trace
2018-05-15 09:13 - 2018-05-15 09:13 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-05-15 09:13 - 2018-05-15 09:13 - 000000000 ____D C:\Users\GregReed\AppData\Local\Zemana
2018-05-15 00:13 - 2018-05-16 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-14 22:42 - 2018-05-14 22:55 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-05-14 22:35 - 2018-05-14 22:35 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\SafeInCloud
2018-05-14 20:42 - 2018-05-14 20:42 - 007271632 _____ (Malwarebytes) C:\Users\GregReed\Desktop\adwcleaner_7.1.1.exe
2018-05-14 12:45 - 2018-05-14 12:45 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-05-14 12:45 - 2018-05-14 12:45 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-05-14 12:45 - 2018-05-14 12:45 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-05-14 12:45 - 2018-05-14 12:45 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-12 10:52 - 2018-05-16 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe In Cloud
2018-05-12 10:52 - 2018-05-12 10:52 - 000000000 ____D C:\Program Files (x86)\Safe In Cloud
2018-05-09 11:56 - 2018-05-09 11:56 - 000000000 ____D C:\Program Files (x86)\VueSoft
2018-05-02 17:03 - 2018-05-02 17:03 - 000000892 _____ C:\Users\GregReed\Desktop\V215 Pre_sort_GetFromRegd.accdb - Shortcut.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-18 22:36 - 2015-07-30 08:06 - 000000000 ____D C:\FRST
2018-05-18 22:34 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-18 22:30 - 2016-11-23 08:05 - 000000000 ____D C:\Users\GregReed\AppData\LocalLow\Mozilla
2018-05-18 18:12 - 2014-09-03 23:18 - 000000000 ____D C:\Users\GregReed\Documents\Access Kennels
2018-05-18 18:01 - 2014-10-02 07:37 - 000000000 _____ C:\Users\GregReed\Documents\output.txt
2018-05-18 16:11 - 2018-01-24 02:14 - 000000000 ____D C:\Users\GregReed\AppData\Local\Packages
2018-05-18 16:02 - 2017-06-14 18:08 - 000013245 _____ C:\WINDOWS\BRRBCOM.INI
2018-05-18 15:59 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-18 15:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-18 15:03 - 2014-09-04 15:11 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\.oit
2018-05-18 15:03 - 2014-09-04 15:11 - 000000000 ____D C:\ProgramData\TEMP
2018-05-17 21:53 - 2014-11-29 10:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 14:41 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-05-17 13:54 - 2015-08-06 12:07 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-05-17 12:55 - 2014-09-04 15:19 - 000000000 ___RD C:\Users\GregReed\Documents\Paperport
2018-05-17 10:44 - 2014-09-04 13:53 - 000000000 ____D C:\Users\GregReed\Documents\Access Others
2018-05-17 10:07 - 2014-11-10 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-17 10:07 - 2014-11-10 15:45 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-17 10:05 - 2014-11-10 15:45 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-05-17 06:45 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-17 06:43 - 2014-10-10 12:46 - 000000000 ___RD C:\Users\GregReed\Google Drive
2018-05-17 06:42 - 2017-06-14 18:08 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-17 06:41 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-17 06:40 - 2016-06-20 17:10 - 000000000 ____D C:\Users\GregReed\AppData\Local\SafeInCloud
2018-05-17 06:39 - 2017-06-12 12:40 - 000000000 ____D C:\Program Files (x86)\Kingo ROOT
2018-05-17 06:38 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-17 06:38 - 2015-10-30 07:28 - 000000000 ____D C:\Users\Default.migrated
2018-05-17 03:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-16 19:00 - 2014-09-08 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-16 12:51 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-16 12:51 - 2018-04-12 00:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ModemLogs
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InputMethod
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2018-05-16 12:51 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-16 12:51 - 2018-02-26 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2018-05-16 12:51 - 2018-02-26 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-05-16 12:51 - 2018-01-28 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-16 12:51 - 2018-01-22 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyCam
2018-05-16 12:51 - 2018-01-20 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONVIF Device Manager
2018-05-16 12:51 - 2018-01-20 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2018-05-16 12:51 - 2017-12-15 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-05-16 12:51 - 2017-12-09 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HCMS
2018-05-16 12:51 - 2017-12-09 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPC_AX
2018-05-16 12:51 - 2017-10-31 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-05-16 12:51 - 2017-10-30 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-05-16 12:51 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-16 12:51 - 2017-09-19 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-16 12:51 - 2017-09-06 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2018-05-16 12:51 - 2017-07-04 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Control Utility 2
2018-05-16 12:51 - 2017-07-04 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2018-05-16 12:51 - 2017-07-04 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX-i
2018-05-16 12:51 - 2017-07-04 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
2018-05-16 12:51 - 2017-06-16 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-05-16 12:51 - 2017-06-14 08:57 - 000000000 ____D C:\Program Files\UNP
2018-05-16 12:51 - 2017-05-04 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCameraSetup
2018-05-16 12:51 - 2016-11-20 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-05-16 12:51 - 2016-09-18 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sricam
2018-05-16 12:51 - 2016-09-18 07:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeviceViewer
2018-05-16 12:51 - 2016-07-26 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Camera
2018-05-16 12:51 - 2016-02-13 18:14 - 000000000 ____D C:\WINDOWS\ShellNew
2018-05-16 12:51 - 2016-02-06 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2018-05-16 12:51 - 2016-01-12 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-05-16 12:51 - 2015-11-05 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetSurveillance
2018-05-16 12:51 - 2015-11-03 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Iris 4
2018-05-16 12:51 - 2015-11-03 15:12 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2018-05-16 12:51 - 2015-11-03 15:12 - 000000000 ____D C:\WINDOWS\system32\1033
2018-05-16 12:51 - 2015-09-03 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2018-05-16 12:51 - 2015-08-24 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moneysoft
2018-05-16 12:51 - 2015-08-07 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2018-05-16 12:51 - 2015-05-07 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-05-16 12:51 - 2015-04-18 07:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF Rename
2018-05-16 12:51 - 2015-03-18 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TENVIS Search Tool
2018-05-16 12:51 - 2015-03-17 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TENVIS EasySetup
2018-05-16 12:51 - 2015-03-15 04:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2018-05-16 12:51 - 2015-01-20 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoMove 2
2018-05-16 12:51 - 2014-11-30 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-05-16 12:51 - 2014-11-29 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-05-16 12:51 - 2014-11-24 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoSplitter
2018-05-16 12:51 - 2014-11-23 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2018-05-16 12:51 - 2014-11-23 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2018-05-16 12:51 - 2014-11-20 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2018-05-16 12:51 - 2014-11-20 12:42 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2018-05-16 12:51 - 2014-11-11 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-16 12:51 - 2014-09-17 15:45 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-05-16 12:51 - 2014-09-17 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6200 series
2018-05-16 12:51 - 2014-09-17 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual CADD 7.0
2018-05-16 12:51 - 2014-09-12 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronics Line RP
2018-05-16 12:51 - 2014-09-12 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2018-05-16 12:51 - 2014-09-12 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2018-05-16 12:51 - 2014-09-09 08:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2018-05-16 12:51 - 2014-09-05 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAN Speed Test
2018-05-16 12:51 - 2014-09-04 17:13 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-05-16 12:51 - 2014-09-04 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winpopup LAN Messenger
2018-05-16 12:51 - 2014-09-04 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sage 50 Payroll
2018-05-16 12:51 - 2014-09-04 10:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sage Accounts
2018-05-16 12:51 - 2014-09-04 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDTele Tools 4.0
2018-05-16 12:51 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-16 12:51 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2018-05-16 12:51 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2018-05-16 12:50 - 2018-04-12 00:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-16 12:46 - 2018-04-12 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-05-16 12:46 - 2018-04-12 17:14 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\IME
2018-05-16 12:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-16 12:45 - 2017-04-04 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-05-16 12:45 - 2016-03-03 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-05-16 12:45 - 2015-03-12 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-05-16 12:45 - 2014-09-12 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2018-05-16 12:45 - 2014-09-04 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2018-05-16 12:45 - 2014-09-04 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sage Tools
2018-05-16 12:43 - 2018-04-12 17:36 - 000000000 ____D C:\WINDOWS\Containers
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-16 12:43 - 2018-04-12 17:18 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-16 12:43 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-05-16 12:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-16 12:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-16 12:22 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-16 12:11 - 2016-09-28 06:56 - 000000000 ____D C:\Users\GregReed\AppData\Local\ConnectedDevicesPlatform
2018-05-16 12:04 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-16 12:04 - 2018-01-24 07:00 - 000000000 ___RD C:\Users\GregReed\3D Objects
2018-05-16 12:04 - 2016-02-13 18:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-16 12:04 - 2014-09-05 11:16 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-05-16 12:03 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-16 12:01 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-16 12:01 - 2014-09-04 19:12 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-16 12:00 - 2018-04-12 00:38 - 000000000 __RSD C:\WINDOWS\media
2018-05-16 11:55 - 2016-10-20 15:03 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyNetMonitorPro
2018-05-16 11:55 - 2016-09-01 14:22 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubiquiti UniFi
2018-05-16 11:55 - 2015-08-13 14:08 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebControl
2018-05-16 11:55 - 2015-08-06 12:07 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2018-05-16 11:55 - 2015-07-22 08:14 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2018-05-16 11:55 - 2015-07-20 13:29 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Drive
2018-05-16 11:55 - 2015-02-09 15:33 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Surveillance System
2018-05-16 11:55 - 2014-11-30 14:11 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2018-05-16 11:55 - 2014-11-25 09:10 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-05-16 11:55 - 2014-10-09 14:55 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebContrl
2018-05-16 11:55 - 2014-09-13 07:31 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2018-05-16 11:55 - 2014-09-04 15:13 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2018-05-16 11:54 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-16 11:54 - 2018-01-25 16:53 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WugFresh Development
2018-05-16 11:54 - 2018-01-15 09:24 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-05-16 11:54 - 2016-05-26 21:25 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2018-05-16 11:54 - 2014-09-12 11:33 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2018-05-16 11:52 - 2017-06-14 18:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-16 10:56 - 2012-07-26 03:55 - 000008192 __RSH C:\BOOTSECT.BAK
2018-05-15 14:48 - 2018-03-14 18:51 - 000070656 ___SH C:\Users\GregReed\Desktop\Thumbs.db
2018-05-15 12:30 - 2015-11-13 05:38 - 000001107 _____ C:\Users\GregReed\Desktop\Kens 2  Viewer.lnk
2018-05-15 12:30 - 2015-11-04 14:25 - 000001102 _____ C:\Users\GregReed\Desktop\Kens Viewer.lnk
2018-05-15 12:29 - 2015-11-11 14:01 - 000001102 _____ C:\Users\GregReed\Desktop\Home  Viewer.lnk
2018-05-15 09:19 - 2017-12-07 20:07 - 000001237 _____ C:\Users\GregReed\Desktop\FamilyReed1 - Chrome.lnk
2018-05-15 09:19 - 2017-11-03 08:20 - 000001237 _____ C:\Users\GregReed\Desktop\meetjoeblack - Chrome.lnk
2018-05-15 08:25 - 2014-09-09 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak
2018-05-15 06:19 - 2014-11-30 14:11 - 000000000 ____D C:\Users\GregReed\AppData\Local\PrivaZer
2018-05-15 00:14 - 2016-07-04 18:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-14 22:43 - 2015-11-09 09:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-14 20:42 - 2015-07-29 22:53 - 000000000 ____D C:\AdwCleaner
2018-05-14 16:05 - 2014-09-04 10:28 - 000000000 ____D C:\Program Files (x86)\Sage Payroll
2018-05-13 10:22 - 2015-02-10 09:33 - 000000000 ____D C:\Users\GregReed\AppData\Roaming\vlc
2018-05-12 18:15 - 2014-09-03 22:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-12 10:51 - 2016-06-20 17:09 - 000000000 ____D C:\Users\GregReed\AppData\Local\Downloaded Installations
2018-05-11 10:53 - 2014-10-08 11:43 - 000000000 _____ C:\Users\GregReed\Documents\Nuance Image Printer Writer Port
2018-05-09 16:29 - 2014-09-04 00:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 16:22 - 2017-10-11 10:16 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 16:22 - 2014-09-04 00:18 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-09 11:56 - 2015-07-20 13:28 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-02 11:10 - 2012-07-26 06:26 - 000000981 _____ C:\WINDOWS\win.ini
2018-05-02 11:04 - 2014-09-04 10:19 - 000001268 _____ C:\WINDOWS\SysWOW64\SGLCH32.USR
2018-05-01 22:22 - 2018-04-12 00:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 22:22 - 2018-04-12 00:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-01 18:48 - 2017-10-31 15:53 - 000000000 ____D C:\Users\GregReed\Documents\Georgia
2018-05-01 12:48 - 2016-02-05 21:35 - 000000800 ____H C:\Users\GregReed\Documents\PP11Thumbs.ptn2
2018-05-01 12:48 - 2014-09-04 15:18 - 000587028 ____H C:\Users\GregReed\Documents\PP11Thumbs.ptn
2018-04-26 07:36 - 2018-02-26 17:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-04-24 07:35 - 2014-09-04 19:21 - 000000000 __RDO C:\Users\GregReed\OneDrive
2018-04-23 01:45 - 2015-11-06 12:05 - 000000000 ____D C:\Users\GregReed\AppData\Local\IE Tab
 
==================== Files in the root of some directories =======
 
2016-10-18 18:18 - 2016-10-18 18:18 - 000021368 _____ (Schneider Electric) C:\Users\GregReed\en_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000021368 _____ (Schneider Electric) C:\Users\GregReed\es_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000021880 _____ (Schneider Electric) C:\Users\GregReed\fr_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000021880 _____ (Schneider Electric) C:\Users\GregReed\grm_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000021368 _____ (Schneider Electric) C:\Users\GregReed\it_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000020344 _____ (Schneider Electric) C:\Users\GregReed\jp_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 001079808 _____ (Microsoft Corporation) C:\Users\GregReed\mfc80u.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000626688 _____ (Microsoft Corporation) C:\Users\GregReed\msvcr80.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 013923704 _____ (Schneider Electric) C:\Users\GregReed\PCPE Setup.exe
2016-10-18 18:18 - 2016-10-18 18:18 - 000021368 _____ (Schneider Electric) C:\Users\GregReed\pt_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000018808 _____ () C:\Users\GregReed\ResourceReader.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000020856 _____ (Schneider Electric) C:\Users\GregReed\ru_res.dll
2016-10-18 18:18 - 2016-10-18 18:18 - 000019832 _____ (Schneider Electric) C:\Users\GregReed\zh_res.dll
2015-11-05 14:30 - 2015-11-05 14:30 - 000001173 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2015-07-20 17:18 - 2015-07-20 17:22 - 000048479 _____ () C:\Program Files (x86)\PhotoMove 2SummaryReportTemp.txt
2016-06-10 11:57 - 2016-06-10 11:57 - 021737496 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-11-23 11:58 - 2015-08-07 11:22 - 000000451 _____ () C:\Users\GregReed\AppData\Roaming\burnaware.ini
2017-07-04 17:45 - 2017-07-04 17:45 - 000000268 ___RH () C:\Users\GregReed\AppData\Roaming\Plants
2017-07-04 17:45 - 2017-07-04 17:45 - 000000268 ___RH () C:\Users\GregReed\AppData\Roaming\Plug-Ins
2014-11-23 12:03 - 2014-11-23 12:03 - 000000031 _____ () C:\Users\GregReed\AppData\Local\burnaware.ini
2015-08-23 16:34 - 2018-01-02 12:14 - 000010240 _____ () C:\Users\GregReed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-21 13:26 - 2018-01-21 13:26 - 000008083 _____ () C:\Users\GregReed\AppData\Local\recently-used.xbel
2015-11-13 04:11 - 2015-11-13 04:11 - 000007601 _____ () C:\Users\GregReed\AppData\Local\Resmon.ResmonCfg
2017-06-12 12:40 - 2017-06-12 12:58 - 000000187 _____ () C:\Users\GregReed\AppData\Local\uts.ini
 
Some files in TEMP:
====================
2018-05-17 10:05 - 2018-05-17 10:05 - 001884616 _____ (Oracle Corporation) C:\Users\GregReed\AppData\Local\Temp\jre-8u171-windows-au.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-16 11:52
 
==================== End of FRST.txt ============================
 
 
 

Edited by hamluis, 18 May 2018 - 06:28 PM.


BC AdBot (Login to Remove)

 


#2 Bignose2

Bignose2
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 18 May 2018 - 05:05 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by GregReed (18-05-2018 22:37:12)
Running from D:\Downloads
Windows 10 Pro Version 1803 17134.48 (X64) (2018-05-16 11:04:46)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4155437166-3815807146-88625829-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4155437166-3815807146-88625829-503 - Limited - Disabled)
GregReed (S-1-5-21-4155437166-3815807146-88625829-1001 - Administrator - Enabled) => C:\Users\GregReed
Guest (S-1-5-21-4155437166-3815807146-88625829-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4155437166-3815807146-88625829-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4155437166-3815807146-88625829-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Accounts (HKLM-x32\...\{7061F715-D782-4120-A034-2B4B4F28CC1D}) (Version: 16.0.14.147 - Sage (UK) Ltd) Hidden
Acronis True Image (HKLM-x32\...\{080F3345-4E8D-4C69-87FF-8D7D5330FE29}) (Version: 22.4.9850 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{080F3345-4E8D-4C69-87FF-8D7D5330FE29}Visible) (Version: 22.4.9850 - Acronis)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Amazon Cloud Drive (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
Amazon Music (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Amazon Amazon Music) (Version: 5.2.2.1608 - Amazon Services LLC)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
AnyCam (HKLM-x32\...\{F4DF464D-6BF2-4596-AE90-03BC57461DAF}) (Version: 2.4.0 - OneZeroFlow)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.1.0 - SlySoft)
A-PDF Rename (HKLM-x32\...\A-PDF Rename_is1) (Version:  - A-PDF Solution)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audials (HKLM-x32\...\{526391BC-F777-41FD-AF0C-278168C4B301}) (Version: 11.0.55900.0 - Audials AG)
AutoHotkey 1.1.27.06 (HKLM\...\AutoHotkey) (Version: 1.1.27.06 - Lexikos)
AutoSplitter v1.5.0 (HKLM-x32\...\AutoSplitter_is1) (Version:  - )
AutoSplitter v1.8.6 (HKLM-x32\...\AutoSplitter_by_ChimeraCreativeStudio_is1) (Version:  - Chimera Creative Studio)
Backup and Sync from Google (HKLM\...\{D827660F-36C3-4CB6-BCFF-C0E066935C55}) (Version: 3.41.9267.0638 - Google, Inc.)
Blue Iris 4 (HKLM-x32\...\{24DBFE51-243F-4538-BB28-2FD7EC8E7F16}) (Version: 4.2.3.4 - Perspective Software)
Blue Iris ActiveX Control (HKLM-x32\...\{7106E079-28CA-4FEC-A083-6577EB674526}) (Version: 4.0.0.9 - Perspective Software) Hidden
Blue Iris ActiveX Control (HKLM-x32\...\InstallShield_{7106E079-28CA-4FEC-A083-6577EB674526}) (Version: 4.0.0.9 - Perspective Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J6720DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{FBB43A99-0B72-461A-A6D2-2F1B54D36B69}) (Version: 66.0.3359.12 - Google Inc.)
CoreLib (HKLM-x32\...\{CDD1370B-D620-4279-A33C-B21530B30E5C}) (Version: 1.00.0001 - Nuance Communications, Inc.)
DeviceViewer v2.3.6.4 (HKLM-x32\...\DeviceViewer_is1) (Version: 2.3.6.4 - )
DMSView version 2.16.2.24 (HKLM\...\{90499AC9-7707-4429-9A4B-DBB5F8C227B2}_is1) (Version: 2.16.2.24 - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 49.4.69 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EasyNetMonitorPro 3.08 (HKLM-x32\...\{0A788CA2-3642-46FE-97B3-3B921FE73648}) (Version: 3.08.000 - NiceKit)
Electronics Line RP (HKLM-x32\...\Electronics Line RP) (Version:  - )
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
Firefox ActiveX Plugin r39 (HKLM\...\{97F2985C-B74A-4672-960E-E3769AE5657A}}_is1) (Version:  - )
Freemake Video Converter version 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Photos Backup (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Google Photos Backup) (Version: 1.1.3.6 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{935B5F9A-7BE5-4594-8354-0FF01D9C1065}) (Version: 4.0.241 - Fieldston Software)
HCMS version 2.2.9.2 (HKLM-x32\...\{F931AA0C-F58E-446B-B553-02348CB6E943}_is1) (Version: 2.2.9.2 - )
HDIPCamera V1.0.1.2 (HKLM-x32\...\HDIPCamera_is1) (Version:  - HDIPCamera)
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 4520 series Basic Device Software (HKLM\...\{AA543771-C534-4954-831A-9862C626796F}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Internet Submissions (HKLM-x32\...\{241179CA-4600-4B6E-8860-9E0F921BE600}) (Version: 4.0.0.0 - Sage (UK) Ltd)
IP Camera (HKLM-x32\...\IP Camera) (Version:  - )
IPC_AX version 2.4.13.10 (HKLM-x32\...\{470152BB-B692-4228-8AF6-BFF42ADC00CB}_is1) (Version: 2.4.13.10 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{391DFEAC-1BAD-4A40-9817-6041A011C6C3}) (Version: 12.7.2.60 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
KDTele Tools version 4.0 (Build 34). (HKLM-x32\...\KDTele Tools_is1) (Version:  - )
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
LAN Speed Test (HKLM-x32\...\{CE48BAE6-CDEF-4EB2-9AB0-67018F25C7C4}_is1) (Version: 3.5 - Totusoft) <==== ATTENTION
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.9226.2126 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Moneysoft Payroll Manager (HKLM-x32\...\{B50CDF59-6BD6-4CF3-80BB-BE3B5B5150B1}_is1) (Version:  - Moneysoft Ltd.)
Mozilla Firefox 58.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-GB)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 en-GB)) (Version: 52.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version:  - )
Nexus Root Toolkit (HKLM-x32\...\Nexus Root Toolkit) (Version: 2.1.9 - WugFresh)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Node.js (HKLM\...\{672B5547-D20B-4D19-9BFD-B93C32BC77DA}) (Version: 6.9.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0001 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM-x32\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Nvx (HKLM-x32\...\Nvx) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
ONVIF Device Manager v2.2.250 (HKLM-x32\...\{6AC771CF-4EAA-41B7-A398-61A33701E076}) (Version: 2.2.250 - Synesis)
oPlayer (HKLM-x32\...\{AA1B7F27-A49D-4D7F-9755-570AF5597160}) (Version: 1.0.30 - object)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
Payroll for Windows (HKLM-x32\...\{0478E3E6-9EBC-4AE6-A678-2D7918ECF523}) (Version: 22.04 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{0B4CB0A5-8A41-4E95-9250-F04A335FEBF2}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{1871BF81-07C1-45C8-B076-46F04E3378E8}) (Version: 23.02 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{1BA6A551-A2E7-4EB4-8F2A-2984BADBFA42}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{25634E50-BD45-4F40-B7EB-E2516004F946}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{2FB36DDD-6F65-4AA9-8C07-5DAB5F0D0467}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{36FCF533-C372-4BC2-9F89-2959462D37AD}) (Version: 22.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{372DB16B-D275-41BD-BA9D-1EF898055B28}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{38F5A8E8-B095-4E0D-86F1-278A95960929}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{3A4DC42C-BC6E-4F16-828B-9B8B50C38248}) (Version: 24.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{401B343A-5167-41FF-BD56-D0176EE467B7}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{408C614A-5819-408E-915B-E681C6D22FC2}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{451F0344-EAB7-4C4A-B58A-98D7E13FF6DE}) (Version: 22.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{5474678D-8565-4A49-B74B-E06E9E9189EC}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{5894E325-16F4-48B3-8CB6-3674838CF353}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{5A2FB188-A7ED-422F-A87F-065AEDBD2007}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{5CF8A037-78F9-41FD-9964-73EA935A97A4}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{6580F3D7-75FF-43BC-8717-EECF05A51569}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{67D219B9-E6A3-45B4-B486-946227553F3B}) (Version: 22.04 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{6B2E0C35-C68D-4EE5-BFE1-29A3FAC7AA45}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{715ABF18-5952-4D96-9610-EAE4B3524CFA}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{767914A1-6D1D-4124-99D6-A21C36C120B8}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{82A62E97-3B16-4A1A-B05F-240AFCD526E7}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{83D568DD-D02D-44D0-B7FB-E31F550E81DB}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{86B8D2D3-88A8-4AE8-ABF9-560B75BF9934}) (Version: 22.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{8CB92BB7-902C-4C14-8838-AF93343B38C0}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{8DB28140-6E17-4137-BA40-F44E5C39B0F8}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{90AEB775-7616-4827-A387-D320CDCFACE9}) (Version: 23.02 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{91691CC6-BF92-44B5-BD01-4BB488A6C06D}) (Version: 23.02 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{9725A7ED-C0DA-490E-8AEB-DB40FA7C760B}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{9A6ADB29-DD37-4A6E-9126-D0603164B4BA}) (Version: 24.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{9DA2FF25-A39C-4914-86C7-08C08DC893A6}) (Version: 22.04 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{9EA8B54B-31A1-41AD-8F37-1CA90B736582}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{A41EB9E9-CD2C-4508-A8F6-756352FF4F2A}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{A52FD783-1121-4435-B218-9D744059FDA8}) (Version: 24.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{A54EC5AD-1D2D-4EF4-9D63-588F504AE7F8}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{A6C0F932-43C4-404F-8748-90682CE7DE2A}) (Version: 22.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{A706253A-D766-4234-B4D9-C2283FE84595}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{B30178D6-2955-4D2C-8F37-9C91AAD6B778}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{B537827E-BB83-4CC7-A0A3-0E7191300AE1}) (Version: 23.02 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{B8E6B217-E4B3-4C96-906F-555E9CE2257E}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{C71D12E5-1C0E-4B0F-A089-EA7038356733}) (Version: 23.02 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{C773E3B5-D3AE-4C9F-ACB8-B1E5AA3A6D2C}) (Version: 24.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{D29BA226-72CF-4A9C-AB10-144F0039BAD8}) (Version: 22.04 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{D49136A7-3C5B-4BB0-B5CE-080A5F7F0567}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{D5ACD8FE-4063-412B-8B7C-33820856D127}) (Version: 24.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{E2892E4B-4339-4FDD-AE62-563A3CC58326}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{E3E26B45-6CD7-4142-9630-A103D7161982}) (Version: 22.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{E5CBEEC6-B6AC-4855-8C8A-E8369973A9CF}) (Version: 22.04 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{E8A47446-CA8D-49A3-8924-026C7956AC66}) (Version: 21.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{EC98615F-E59D-4842-B1C5-AFCA9C78EB35}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{EE706708-386A-488D-BB66-F7588F7BC5D8}) (Version: 23.00 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{F56FA2D1-0D10-4C10-B33A-26AF26808712}) (Version: 20.01 - Sage (UK) Limited) Hidden
Payroll for Windows (HKLM-x32\...\{FF0F7C86-550E-4658-8AFF-312870D1901A}) (Version: 20.01 - Sage (UK) Limited) Hidden
PhotoMove 2.5 version 2.5.1.8 (HKLM-x32\...\{546443DF-4D82-484A-8E00-2136243B8B9A}_is1) (Version: 2.5.1.8 - Mike Baker @ Rediscovering Photography)
PhotoMove 2.5 version 2.5.2.1 (HKLM-x32\...\{546443DF-4D82-484A-8E00-2136243B8B9A}}_is1) (Version: 2.5.2.1 - Mike Baker @ Rediscovering Photography)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.3.0 - Nikon Corporation)
PrintableCal (HKLM-x32\...\{196688EC-4622-41A7-9E0F-0E6DA183E77D}) (Version: 1.10.0 - VueSoft LLC) Hidden
PrintableCal (HKLM-x32\...\{2947d523-65fe-424b-87a6-4b826bfdfcf3}) (Version: 1.10.0 - VueSoft LLC)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.42.0 - Goversoft LLC)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
SafeInCloud Password Manager (HKLM-x32\...\{5BBE97A9-16EA-418C-8333-D3DDE8012E44}) (Version: 18.1.2 - Andrey Shcherbakov)
Sage 50 Accounts 2010 (HKLM-x32\...\InstallShield_{7061F715-D782-4120-A034-2B4B4F28CC1D}) (Version: 16.0.14.147 - Sage (UK) Ltd)
Sage 50 Payroll (HKLM-x32\...\{271699D7-4058-4E19-B83D-FB4DAEB86703}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{3B36D011-7CA7-4478-8F0F-5F20DF8D78D9}) (Version: 22.00 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{537EA1EF-79F9-436B-B4C4-1A47D9BAB0D8}) (Version: 21.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{54762DD4-BA6C-4CEA-8EF7-2F389B007C7A}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{612D38BB-01AE-4F40-AAF0-134F1C61D63C}) (Version: 23.02 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{97986AD9-1FF3-4977-883F-26648F6CC640}) (Version: 23.00 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{ADE804C2-E305-4945-A3BF-1CB8146FC961}) (Version: 23.00 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{B0AFF079-7358-4C0C-B89F-074A263F551C}) (Version: 24.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{BD8FC82A-A367-4D6F-BF00-14597CD97443}) (Version: 22.00 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{C939AFF2-9225-4F17-96DD-AE6E08869DD2}) (Version: 21.03 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{CBD3E120-F359-48C2-8594-58057C3804FD}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{D0EEC414-9E56-47FD-868C-CD271362D3BA}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{E101D10B-4088-4654-8B42-C13FD717667F}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{E470B080-D12D-4719-AE13-6E62A9E9F8A6}) (Version: 20.01 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{E90DCD83-FCE4-4D06-9E53-569D01C83EE4}) (Version: 22.04 - Sage (UK) Ltd.)
Sage 50 Payroll (HKLM-x32\...\{FB430590-9CA6-418B-9E33-A716BCC9DFBE}) (Version: 23.02 - Sage (UK) Ltd.)
Sage Payroll for Windows (HKLM-x32\...\{E2A38BC2-3C2C-484D-A747-8C03ED51C1A3}) (Version: 6.00 - Sage)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Sricam version 1.5 (HKLM-x32\...\{56BAA41B-F3C4-41A4-9CD6-047B311FBF35}_is1) (Version: 1.5 - ShenZhen Sricctv Technology Co., Ltd.)
Surveillance System (HKLM-x32\...\Surveillance System) (Version: 3.0.0.34 - )
TENVIS EasySetup version 1.2.1.2 (HKLM-x32\...\{DD6D33F2-C303-4DAD-9AA3-403325EADDF0}_is1) (Version: 1.2.1.2 - Tenvis)
TENVIS Search Tool version 3.0.0.0 (HKLM-x32\...\{DB29C219-1A30-4211-AE77-67D06A8FA45F}}_is1) (Version: 3.0.0.0 - Tenvis)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Viewer_IPCam version 1.2.0.6 (HKLM-x32\...\{F08D9B83-1DDA-4C31-BB28-84F913001002}_is1) (Version: 1.2.0.6 - Viewer_IPCam)
ViewNX-i (HKLM\...\{3AAC376E-2451-4CD0-9B07-DCC7CBBD578C}) (Version: 1.2.7 - Nikon Corporation)
Visual CADD 7.0 (HKLM-x32\...\Visual CADD7.0) (Version: 7.0 - TriTools Partners)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WebContrl (HKLM-x32\...\WebContrl1.0.0.5) (Version: 1.0.0.5 - Grandstream)
WebControl (HKLM-x32\...\WebControl1.0.0.7) (Version: 1.0.0.7 - Grandstream)
WhatsApp (HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\WhatsApp) (Version: 0.2.8000 - WhatsApp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
Winpopup LAN Messenger 5.5.7 (HKLM-x32\...\Winpopup LAN Messenger_is1) (Version:  - FOMINE SOFTWARE)
XnView 2.20 (HKLM-x32\...\XnView_is1) (Version: 2.20 - Gougelet Pierre-e)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{1624DDC1-5218-4853-B327-CE6861445894}\InprocServer32 -> ole.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-04-12] (Google)
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2017-05-18] ()
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDFCreate\bin\DirectShellExt.dll [2010-07-16] (Zeon International Investment Corp. )
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2017-05-18] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2017-05-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-04-12] (Google)
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2017-05-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-01-03] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll [2017-05-18] ()
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0E98BF19-9FBE-4E8D-8C11-31CAAC1253C2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FC7EE81-FFC2-4332-8AFB-A298778DF10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1369E675-8087-4287-B2E5-7C60508CA4CE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {15397009-BA22-48DD-B190-A259A210886A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {1624BEEF-BC1C-4CC3-A731-6AF63E08A127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {19DECD3E-119E-4B5A-9893-252F69BEBFE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {1F8D52F4-876D-4F56-B9F8-017B6B08A483} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {23F0A045-5E1A-4FDD-98A4-72224AE0456D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {30FE8DE7-970D-4538-AC20-F8318DC0D5F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001Core => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {341910FD-4305-4C47-89AB-27CE0614B9B8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-04] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40E1EBA7-9CB8-4944-93DC-C122CDA2DDC1} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {433DE626-B98D-4BBD-8B36-E3047E7D7C66} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {49FFB0F1-A52D-4D22-8703-DC6142B59897} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001UA => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5D2A4A6B-D79E-4445-8E16-6575680D7CBB} - \WPD\SqmUpload_S-1-5-21-4155437166-3815807146-88625829-1001 -> No File <==== ATTENTION
Task: {5F406253-6EDC-400B-9B39-4BFF6EB5B10D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {698F1450-9045-4CE6-9072-DC5DF39A01C5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-04] (Dropbox, Inc.)
Task: {6B09A74D-97D1-4B73-884E-1E145CA4AADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {6C59D3D7-22F5-468C-A70C-CDB3A1A4982A} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [2018-03-07] (Goversoft LLC)
Task: {7C609BDB-0E8F-4326-9FC6-B4FEEDB7889C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7D3703A0-6887-4223-9313-F9F928659B12} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {814F7FAA-520E-4B7B-A88D-018BF8D160E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {864F91A4-2299-4C58-97C2-1799861E01C2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8B1246FC-9775-4B60-9B40-5ECF0C174C4A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-12] (Microsoft Corporation)
Task: {A150F319-BFF5-4FFB-B12E-69C7AB6F4946} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AA7F492D-C5BA-4B1F-AEA5-09AF2BDB4D70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {AF6F0BC0-A17B-4B0F-9F2F-E59323F2241F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {B647DC07-7BC6-4D70-BDDF-B25CE912BC17} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B7D4B2D2-B1F9-4A37-B454-E49B26232955} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001Core1d257f7ef6c3a88 => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B8A4B5FF-671C-48AF-B3E2-C323CDC55841} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-12] (Microsoft Corporation)
Task: {C1A3CD72-5E96-4385-B2E4-E04B271FC9C2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C5CC7506-2763-455B-A656-67BAF59D125F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6C162AF-7F25-43DF-B53C-88778E26B314} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DD22B353-D537-49DC-BE1E-70B07886A2E6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-12] (Microsoft Corporation)
Task: {E0887DE9-12F2-4CF1-A174-EAE33A53D40B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {E6DBC54B-64B1-44CD-B54F-DBE1D7DBB681} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {E89EA493-195E-49DE-BCFB-6A3739F70166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {FCE92E33-4C3E-4EEA-A0FD-AD5495627030} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {FDF07994-41D2-4139-A5EF-E98971FCF23B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001UA1d257f7ef7191ed => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001Core.job => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4155437166-3815807146-88625829-1001UA.job => C:\Users\GregReed\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\GregReed\Documents\GregsShortCuts\Cameras\Cats.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --qt-minimal-view --width=240 --height=180 --video-x=700 --video-y=700 hxxp://192.168.2.90/videostream.cgi?user=user&pwd=ironlegs
ShortcutWithArgument: C:\Users\GregReed\Documents\GregsShortCuts\Cameras\Corridor.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --qt-minimal-view --width=240 --height=180 --video-x=700 --video-y=700 hxxp://192.168.2.91/videostream.cgi?user=user&pwd=ironlegs
ShortcutWithArgument: C:\Users\GregReed\Documents\GregsShortCuts\Cameras\Kitchen.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --qt-minimal-view --width=240 --height=180 --video-x=700 --video-y=700 hxxp://192.168.2.93/videostream.cgi?user=user&pwd=ironlegs
ShortcutWithArgument: C:\Users\GregReed\Documents\GregsShortCuts\Cameras\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --qt-minimal-view hxxp://192.168.2.123/videostream.asf?user=user&pwd=ironlegs
ShortcutWithArgument: C:\Users\GregReed\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\Desktop\Google Calendar - May 2018.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kjbdgfilnfhdoflbpgamdcdgpehopbep
ShortcutWithArgument: C:\Users\GregReed\Desktop\TV.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> hxxp://user:ironlegs@192.168.2.94:80/videostream.cgi
ShortcutWithArgument: C:\Users\GregReed\Desktop\Old Cameras\Ponies OLD.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --repeat hxxp://192.168.2.124/videostream.cgi?user=user&pwd=ironlegs&resolution=64&rate=0
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=odgnbaeenlhjakecipnonljennmnaogg
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Calendar - May 2018 (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kjbdgfilnfhdoflbpgamdcdgpehopbep
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Calendar - May 2018.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kjbdgfilnfhdoflbpgamdcdgpehopbep
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Calendar - November.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=najemjgnkdnfhifcpefekliplenhkkma
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 10" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 10" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 10" --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mgbfijcbdifemgfjcjhpedldobambfmc
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\KensRD.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 10" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\SecurityRD.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WindrushRD.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome Remote Desktop (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 5" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 10" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Calendar - May 2018 (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kjbdgfilnfhdoflbpgamdcdgpehopbep
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\GregReed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\68712832bc7a55b0\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-06-14 18:08 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-16 22:52 - 2017-10-16 22:52 - 001213544 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-23 09:55 - 2017-10-23 09:55 - 006096688 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2018-05-15 09:22 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-15 09:22 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-10-16 22:38 - 2017-10-16 22:38 - 000574872 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2017-10-16 22:37 - 2017-10-16 22:37 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:35 - 2018-04-12 17:19 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-26 10:27 - 2018-04-26 10:27 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-26 10:27 - 2018-04-26 10:27 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-26 10:27 - 2018-04-26 10:27 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-26 10:27 - 2018-04-26 10:27 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-21 02:11 - 2018-02-21 02:11 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-21 02:11 - 2018-02-21 02:11 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-21 02:11 - 2018-02-21 02:11 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 16:14 - 2017-09-26 16:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-21 02:11 - 2018-02-21 02:11 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntPlat.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2014-09-13 07:31 - 2016-11-21 05:09 - 003464680 _____ () C:\Users\GregReed\AppData\Local\Amazon Music\Amazon Music Helper.exe
2018-04-12 14:43 - 2018-04-12 14:43 - 046214128 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-03-26 09:04 - 2018-03-26 09:04 - 002324480 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2018-05-17 06:42 - 2018-05-17 06:42 - 000113152 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_ctypes.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000080896 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\bz2.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001585152 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_hashlib.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000128512 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32api.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000137728 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\pywintypes27.dll
2018-05-17 06:42 - 2018-05-17 06:42 - 000548864 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\pythoncom27.dll
2018-05-17 06:42 - 2018-05-17 06:42 - 000689664 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\unicodedata.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000438784 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32com.shell.shell.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001489408 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._core_.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001007104 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._gdi_.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001039872 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._windows_.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001325056 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._controls_.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000916992 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._misc_.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 001084416 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\pysqlite2._sqlite.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000149504 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32file.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000136192 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32security.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000007680 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\hashobjs_ext.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000020992 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\thumbnails_ext.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000118784 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\usb_ext.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000047616 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_socket.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 002224640 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_ssl.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000014848 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\common.time34.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000023040 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32event.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000033280 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows.conditional.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000019968 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows.winwrap.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000107520 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows.volumes.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000223232 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32gui.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000173568 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_elementtree.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000169472 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\pyexpat.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000048128 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32inet.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000103424 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\wx._html2.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000046080 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_psutil_windows.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000633272 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows._cacheinvalidation.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000011776 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32crypt.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000301568 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\PIL._imaging.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000032256 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_multiprocessing.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 005458944 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\cello.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000026112 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\_yappi.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000044032 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32process.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000027648 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32pipe.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000010752 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\select.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000029696 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32pdh.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000038400 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows.connectivity.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000071168 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\windows.device_monitor.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000020480 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32profile.pyd
2018-05-17 06:42 - 2018-05-17 06:42 - 000026624 _____ () C:\Users\GregReed\AppData\Local\Temp\_MEI16762\win32ts.pyd
2017-10-16 23:24 - 2017-10-16 23:24 - 004526328 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-10-16 22:37 - 2017-10-16 22:37 - 007003048 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-05-17 21:53 - 2018-05-15 04:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-17 21:53 - 2018-05-15 04:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000152000 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 002763200 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000626624 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000046016 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000042944 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000091072 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000083392 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 002568640 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000118720 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000267712 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000091072 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000059328 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000074176 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000684480 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000833984 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000140224 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000055232 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000026560 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-01 15:45 - 2016-06-01 15:45 - 000150464 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 001605056 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000349120 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 001487808 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000068032 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000049600 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000051648 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 002251200 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 012298176 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000134592 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000330688 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000031168 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000347584 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000051136 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000037824 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000816576 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000821184 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 001521088 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000844736 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000339392 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000032704 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000049600 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000056256 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000437696 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000038848 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000028096 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000199616 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 003009472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000426432 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000031680 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000031168 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000035264 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000455616 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000135104 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000032192 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 015975872 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000028608 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2016-06-01 15:47 - 2016-06-01 15:47 - 000095680 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000916928 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000041920 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000133056 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000068032 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000033216 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000046528 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000030656 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000059840 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000042944 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000053696 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000043456 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000027072 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-01 15:46 - 2016-06-01 15:46 - 000026560 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2018-05-18 15:59 - 2018-05-18 15:59 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.9.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-08 10:21 - 2018-05-08 10:21 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.9.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-18 15:59 - 2018-05-18 15:59 - 007813120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.9.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-05-03 18:54 - 2018-05-03 18:55 - 066466304 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 06:48 - 2017-09-30 06:48 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-03 18:54 - 2018-05-03 18:54 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-03 18:54 - 2018-05-03 18:54 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 20:58 - 2018-04-05 20:58 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 015563776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-03 18:54 - 2018-05-03 18:54 - 004018176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-05-03 18:54 - 2018-05-03 18:54 - 003281920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 001386496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-02 07:26 - 2018-02-02 07:26 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 000878080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-05-03 18:54 - 2018-05-03 18:55 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\SKU.dll
2017-10-16 23:22 - 2017-10-16 23:22 - 003480464 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2017-10-16 23:22 - 2017-10-16 23:22 - 001315608 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2017-10-16 23:20 - 2017-10-16 23:20 - 021196856 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2017-10-16 22:39 - 2017-10-16 22:39 - 000404512 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2017-10-16 22:24 - 2017-10-16 22:24 - 000136736 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000255008 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000793512 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 008981024 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2017-10-16 22:38 - 2017-10-16 22:38 - 000053792 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2017-10-16 22:37 - 2017-10-16 22:37 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-10-16 22:24 - 2017-10-16 22:24 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2018-05-15 00:13 - 2018-05-14 12:45 - 000863048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-15 00:13 - 2018-05-14 12:45 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2016-07-04 18:17 - 2018-05-14 12:44 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-07-04 18:17 - 2018-05-14 12:47 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-15 00:13 - 2018-05-14 12:44 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-15 00:13 - 2018-05-14 12:45 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-07-04 18:17 - 2018-05-14 12:44 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 17:51 - 2018-05-14 12:48 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-15 00:13 - 2018-05-14 12:45 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-07-04 18:17 - 2018-05-14 12:44 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-15 00:13 - 2018-05-14 12:44 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-07-04 18:17 - 2018-05-14 12:47 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-05 17:51 - 2018-05-14 12:48 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-20 21:46 - 2018-05-14 12:44 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-08 17:58 - 2018-05-14 12:48 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 18:33 - 2018-05-14 12:48 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-07-04 18:17 - 2018-05-14 12:48 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-28 01:27 - 2018-05-14 12:48 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-23 22:13 - 2018-05-14 12:48 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-23 22:13 - 2018-05-14 12:48 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 22:13 - 2018-05-14 12:48 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 22:13 - 2018-05-14 12:48 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-04 18:17 - 2018-05-14 12:44 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-07-04 18:17 - 2018-05-14 12:48 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-15 00:13 - 2018-05-14 12:45 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-15 00:13 - 2018-05-14 12:46 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-05-15 00:13 - 2018-05-14 12:45 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-01-11 20:55 - 2018-05-14 12:48 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-11 20:20 - 2018-05-14 12:47 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-15 00:13 - 2018-05-14 12:46 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-15 00:13 - 2018-05-14 12:46 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-07-04 18:17 - 2018-05-14 12:48 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-05 17:51 - 2018-05-14 12:48 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-05-15 00:13 - 2018-05-14 12:47 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-02-28 01:27 - 2018-05-14 12:48 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2018-02-26 16:43 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-05-16 19:14 - 2018-05-16 19:14 - 001105704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000542046 _____ () C:\Users\GregReed\AppData\Local\Temp\libgdxGregReed\440484e8\gdx.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000298496 _____ () C:\Users\GregReed\AppData\Local\Temp\libgdxGregReed\75ed6c88\lwjgl.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000390144 _____ () C:\Users\GregReed\AppData\Local\Temp\libgdxGregReed\75ed6c88\OpenAL32.dll
2018-05-17 10:08 - 2018-05-17 10:08 - 000582277 _____ () D:\My Programs\BlueIrisViewer\BlueIrisViewer2Kens\libturbojpeg.dll
2012-12-05 13:29 - 2012-12-05 13:29 - 000559244 _____ () C:\Program Files (x86)\Nuance\PaperPort\sqlite3.dll
2017-10-30 14:24 - 2018-04-29 15:35 - 000164528 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [240]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\sharepoint.com -> hxxps://fpkennels-files.sharepoint.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2018-04-03 22:35 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "Winpopup LAN Messenger"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{697C43A8-B4E2-4208-99F6-434748E2F4C9}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{D06C6FB8-8960-4742-96D9-E5D204A74C42}] => (Allow) C:\Program Files (x86)\HCMS\HCMS.exe
FirewallRules: [{FF0CA737-01EE-4229-86E6-8A2EC55FC612}] => (Allow) C:\Program Files (x86)\HCMS\HCMS.exe
FirewallRules: [{3607B53A-748D-4624-A8B7-FD9BB356E765}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{9AC50B76-FAE5-4537-8031-F7329407182D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{991B12CC-79CB-40C1-A9CB-EF624DBCB65C}C:\users\gregreed\appdata\local\ie tab\10.12.27.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\10.12.27.1\ietabhelper.exe
FirewallRules: [UDP Query User{29D43554-0A86-4083-ACFA-B561C2216B33}C:\users\gregreed\appdata\local\ie tab\10.12.27.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\10.12.27.1\ietabhelper.exe
FirewallRules: [TCP Query User{E019DBE9-58ED-4FCC-A313-96351DFAD48A}C:\users\gregreed\appdata\local\ie tab\11.1.2.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.2.1\ietabhelper.exe
FirewallRules: [UDP Query User{FA1057C9-E0C4-4046-8D90-43424A6271BD}C:\users\gregreed\appdata\local\ie tab\11.1.2.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.2.1\ietabhelper.exe
FirewallRules: [TCP Query User{CF107604-AFC3-41F0-AD2E-5D2D4773370D}C:\users\gregreed\appdata\local\ie tab\11.1.5.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.5.1\ietabhelper.exe
FirewallRules: [UDP Query User{A7840B3A-BEF8-438B-9575-7AED88CB5034}C:\users\gregreed\appdata\local\ie tab\11.1.5.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.5.1\ietabhelper.exe
FirewallRules: [TCP Query User{49D419E6-5D35-43C4-AC14-02A38BBE921D}C:\users\gregreed\appdata\local\ie tab\11.1.13.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.13.1\ietabhelper.exe
FirewallRules: [UDP Query User{35CA359F-0C8D-4AD7-AFEE-744738007865}C:\users\gregreed\appdata\local\ie tab\11.1.13.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.1.13.1\ietabhelper.exe
FirewallRules: [TCP Query User{411FEDD1-403F-48B0-BC8A-CBDA40219DC5}C:\program files (x86)\anycam\anycam.exe] => (Allow) C:\program files (x86)\anycam\anycam.exe
FirewallRules: [UDP Query User{C3BE954F-A9DB-4B02-8BB4-3068003F8474}C:\program files (x86)\anycam\anycam.exe] => (Allow) C:\program files (x86)\anycam\anycam.exe
FirewallRules: [TCP Query User{89CC4D2A-6F2B-48A6-9788-879BAF04C15E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DACAFCB9-7B6E-40DE-A48B-B71C5FE008CD}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3A01D537-FDFC-4D6C-B8E3-EA45B599172A}C:\users\gregreed\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\gregreed\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{0689EF05-65C0-447E-824D-8ACC7FA71539}C:\users\gregreed\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\gregreed\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{D0C29FF3-0822-48CA-9D2B-F14C843F82AC}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{8DF3538B-D7B4-47A6-BA41-226FA47A15B0}C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 4520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{231B3683-5A19-4912-B755-F29A35160EF1}C:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe] => (Allow) C:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe
FirewallRules: [UDP Query User{9DBE5933-37F8-4283-BF9F-2382B076FE22}C:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe] => (Allow) C:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe
FirewallRules: [TCP Query User{76F434A5-1CFB-4DAF-8C8E-EB595E1E0EBC}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe
FirewallRules: [UDP Query User{9CC45FA8-F521-436A-BFED-44E6342483D5}C:\program files (x86)\dropbox\client\dropbox.exe] => (Allow) C:\program files (x86)\dropbox\client\dropbox.exe
FirewallRules: [TCP Query User{35467387-536F-415E-81D7-9FB2CBF1AB42}C:\users\gregreed\appdata\local\ie tab\11.4.23.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.4.23.1\ietabhelper.exe
FirewallRules: [UDP Query User{3B77C12E-F8FB-434F-9B44-6CCC15DCF048}C:\users\gregreed\appdata\local\ie tab\11.4.23.1\ietabhelper.exe] => (Allow) C:\users\gregreed\appdata\local\ie tab\11.4.23.1\ietabhelper.exe
FirewallRules: [{F5592A73-ED31-460F-B2DD-8F0022A705A4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4B1FDD74-3097-450E-A324-43538ED89154}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{6658C3B8-73AC-433E-9DBF-CDFC568B6547}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
 
==================== Restore Points =========================
 
16-05-2018 12:21:55 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/18/2018 02:54:15 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (05/17/2018 02:54:16 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Home.local already in use; will try Home-2.local instead
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Home.local. Addr 192.168.2.2
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.2:5353   16 Home.local. AAAA FD3D:9CA8:A726:0001:9C90:C72D:C01D:BE8C
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Home.local. AAAA FE80:0000:0000:0000:9C90:C72D:C01D:BE8C
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.2:5353   16 Home.local. AAAA FD3D:9CA8:A726:0001:9C90:C72D:C01D:BE8C
 
Error: (05/17/2018 07:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 Home.local. Addr 192.168.2.2
 
 
System errors:
=============
Error: (05/18/2018 12:42:56 AM) (Source: DCOM) (EventID: 10016) (User: Home)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Home\GregReed SID (S-1-5-21-4155437166-3815807146-88625829-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/17/2018 07:36:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/17/2018 07:36:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\GregReed\AppData\Local\Temp\ehdrv.sys
 
Error: (05/17/2018 07:36:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/17/2018 07:36:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\GregReed\AppData\Local\Temp\ehdrv.sys
 
Error: (05/17/2018 07:36:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/17/2018 07:36:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\GregReed\AppData\Local\Temp\ehdrv.sys
 
Error: (05/17/2018 07:36:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
 
Windows Defender:
===================================
Date: 2018-05-17 06:45:23.121
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
CodeIntegrity:
===================================
 
Date: 2018-05-17 17:53:18.860
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-17 17:53:18.858
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-17 13:38:18.130
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-05-17 13:38:18.105
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-05-17 13:38:18.082
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-05-17 13:38:18.025
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-05-17 13:38:17.979
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-05-17 13:38:17.934
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
Processor: AMD FX™-4300 Quad-Core Processor 
Percentage of memory in use: 77%
Total physical RAM: 8093.13 MB
Available physical RAM: 1832.01 MB
Total Virtual: 10013.13 MB
Available Virtual: 1781.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:222.69 GB) (Free:66.32 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Storage space) (Fixed) (Total:1853.37 GB) (Free:669.3 GB) NTFS
Drive e: (Old D) (Fixed) (Total:931.39 GB) (Free:805.63 GB) NTFS
Drive v: (photo) (Network) (Total:912.45 GB) (Free:447.93 GB) NTFS
 
\\?\Volume{7d596a94-0000-0000-0000-30ac37000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 7D596A94)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
 
==================== End of Addition.txt ============================


#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:59 AM

Posted 19 May 2018 - 08:36 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir78760_9683\old_chrome.exe
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [8C5356907ED18E5E2AA5654F742723FA1069A100._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-15] (Google Inc.)
HKU\S-1-5-21-4155437166-3815807146-88625829-1001\...\Run: [GoogleChromeAutoLaunch_E7C5259FB89A11F70C88A6F7C4EB4729] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-15] (Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{1624DDC1-5218-4853-B327-CE6861445894}\InprocServer32 -> ole.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4155437166-3815807146-88625829-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\GregReed\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: {0E98BF19-9FBE-4E8D-8C11-31CAAC1253C2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FC7EE81-FFC2-4332-8AFB-A298778DF10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1369E675-8087-4287-B2E5-7C60508CA4CE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {1624BEEF-BC1C-4CC3-A731-6AF63E08A127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1F8D52F4-876D-4F56-B9F8-017B6B08A483} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {23F0A045-5E1A-4FDD-98A4-72224AE0456D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {40E1EBA7-9CB8-4944-93DC-C122CDA2DDC1} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {5D2A4A6B-D79E-4445-8E16-6575680D7CBB} - \WPD\SqmUpload_S-1-5-21-4155437166-3815807146-88625829-1001 -> No File <==== ATTENTION
Task: {5F406253-6EDC-400B-9B39-4BFF6EB5B10D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7C609BDB-0E8F-4326-9FC6-B4FEEDB7889C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {864F91A4-2299-4C58-97C2-1799861E01C2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A150F319-BFF5-4FFB-B12E-69C7AB6F4946} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B647DC07-7BC6-4D70-BDDF-B25CE912BC17} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C1A3CD72-5E96-4385-B2E4-E04B271FC9C2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C5CC7506-2763-455B-A656-67BAF59D125F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6C162AF-7F25-43DF-B53C-88778E26B314} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E0887DE9-12F2-4CF1-A174-EAE33A53D40B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [240]

Task: {0E98BF19-9FBE-4E8D-8C11-31CAAC1253C2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FC7EE81-FFC2-4332-8AFB-A298778DF10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1369E675-8087-4287-B2E5-7C60508CA4CE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {1624BEEF-BC1C-4CC3-A731-6AF63E08A127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1F8D52F4-876D-4F56-B9F8-017B6B08A483} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {23F0A045-5E1A-4FDD-98A4-72224AE0456D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {40E1EBA7-9CB8-4944-93DC-C122CDA2DDC1} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {7C609BDB-0E8F-4326-9FC6-B4FEEDB7889C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {864F91A4-2299-4C58-97C2-1799861E01C2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A150F319-BFF5-4FFB-B12E-69C7AB6F4946} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B647DC07-7BC6-4D70-BDDF-B25CE912BC17} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C1A3CD72-5E96-4385-B2E4-E04B271FC9C2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C5CC7506-2763-455B-A656-67BAF59D125F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D6C162AF-7F25-43DF-B53C-88778E26B314} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E0887DE9-12F2-4CF1-A174-EAE33A53D40B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

C:\WINDOWS\Microsoft\Windows\Setup\gwx\refreshgwxcontent
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime
C:\WINDOWS\Microsoft\Windows\Setup\gwx\launchtrayprocess
C:\WINDOWS\Microsoft\Windows\Setup\gwx\rundetector
C:\WINDOWS\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent
C:\WINDOWSSystem32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\Time-5d
C:\WINDOWS\Microsoft\Windows\Setup\gwx\refreshgwxconfig
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\Logon-5d
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d
C:\WINDOWS\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d

C:\WINDOWS\System32\GWX\
\Microsoft\Windows\Setup\gwx\
\Microsoft\Windows\Setup\GWXTriggers\
System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\
C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir78760_9683

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
<<<>>>

Please post the log and let me know what problem persists.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users