Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Amazon Phishing attack?


  • This topic is locked This topic is locked
10 replies to this topic

#1 jammalg

jammalg

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 20 July 2018 - 06:40 AM

Hi. I have a problem. I ordered an item from Amazon which was defective and I wrote a review about it. I received an email from the manufacturer who asked me it I wanted to have them send me a new item - I said yes. Soon after that someone wrote to amazon using my email address and asked Amazon to send "me" a pin to get into my Amazon account.Whoever it was started sending out glowing reviews about things I never bought and changed the password on my Amazon account. I contacted Amazon and had them delete my Amazon account - I have not been back since. However, I keep receiving emails from Amazon with "The key you requested" to get into your account.  1) Is someone in my PC or email account? I mean how else could then get my PIN? 2) is there a way I can scan for this and if needed clean then off my PC?  Thanks for your help.  PS - I actually did receive a new non-defective item . . .the manufacturer is from India, I think.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,695 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:27 AM

Posted 20 July 2018 - 07:15 PM

Greetings jammalg and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Now that you have already started a topic please follow the steps as outlined here. Make sure to copy and paste both logs in your reply. If you receive an error message the content is too long simply post each report in a separate reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 jammalg

jammalg
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 21 July 2018 - 06:32 PM

Gary, Call me Jim.  I will try my best to login at least 1x per day However, due to my work, I might not be able to get back to you for 2 days. Since I just read your reply, I'll now get the data you requested. Give me a few minutes to get it for you - please.  Thank You for your help. Jim



#4 jammalg

jammalg
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 21 July 2018 - 06:45 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by User (administrator) on J-ASUS-LAPTOP (21-07-2018 19:40:43)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & Aran & Sara & a_guest & Administrator)
Platform: Windows 10 Home Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(ASUS) C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apache Software Foundation) C:\Program Files\Atlassian\JIRA\bin\tomcat8.exe.x64
() C:\Program Files\Everything\Everything.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Everything\Everything.exe
() C:\Program Files\Everything\Everything.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Evaer Technology) C:\Users\User\AppData\Local\Evaer\videochannel.exe
(EuroTech) C:\Users\User\AppData\Local\Evaer\StreamMgrSv.exe
(Dashlane, Inc.) C:\Users\User\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane, Inc.) C:\Users\User\AppData\Roaming\Dashlane\DashlanePlugin.exe
() C:\Program Files (x86)\ASUS\Remote Drive Pro\RDP_Manager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Program Files (x86)\ASUS\Remote Drive Pro\RemoteDrive_RDP.exe
() C:\Program Files (x86)\ASUS\Remote Drive Pro\RemoteDrive_RDP.exe
(Mega Limited) C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() E:\Programs f\Corel VideoStudio 2018\VSNotification.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-23] (Logitech Inc.)
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [970720 2015-08-14] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [552368 2016-12-30] (Greenshot)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3990488 2016-09-15] (Stardock Corporation)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] ()
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [87352 2018-06-13] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\ASUSWSLoader.exe [63968 2016-10-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-01-16] (Razer Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [avichannel] => C:\Users\User\AppData\Local\Evaer\videochannel.exe [1752096 2018-03-20] (Evaer Technology)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [stmgrsv] => C:\Users\User\AppData\Local\Evaer\streammgrsv.exe [2789408 2018-03-20] (EuroTech)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [Dashlane] => C:\Users\User\AppData\Roaming\Dashlane\Dashlane.exe [382928 2018-07-18] (Dashlane, Inc.)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [DashlanePlugin] => C:\Users\User\AppData\Roaming\Dashlane\DashlanePlugin.exe [410064 2018-07-18] (Dashlane, Inc.)
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Run: [Remove Drive Manager] => C:\Program Files (x86)\ASUS\Remote Drive Pro\RDP_Manager.exe [947496 2015-08-26] ()
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [36864 2018-04-11] (Microsoft Corporation)
SSODL: EldosMountNotificator-cbfs5 - {8EF7EC55-3B0F-41AB-BD14-585E3D96C565} - C:\Windows\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {8EF7EC55-3B0F-41AB-BD14-585E3D96C565} - C:\Windows\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GameFirst IV.exe - Shortcut.lnk [2016-06-12]
ShortcutTarget: GameFirst IV.exe - Shortcut.lnk -> C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe (Apextitan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN Connect.lnk [2016-06-15]
ShortcutTarget: OpenVPN Connect.lnk -> C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe ()
Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar248.lnk [2018-04-07]
ShortcutTarget: Sidebar248.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2018-04-02]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar657.lnk [2018-07-21]
ShortcutTarget: Sidebar657.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e03c906-f4e2-4e34-ba42-78f159599c93}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9fca2444-43f7-40dd-8644-e2f3c38ed1b4}: [DhcpNameServer] 172.20.50.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-05-16] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\User\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2018-07-18] (Dashlane, Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-03-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\User\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2018-07-18] (Dashlane, Inc.)
Toolbar: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)

FireFox:
========
FF DefaultProfile: iqewc7d3.default
FF DefaultProfile: jammalg@rochester.rr.com
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default [2018-07-21]
FF Homepage: Mozilla\Firefox\Profiles\iqewc7d3.default -> hxxps://arstechnica.com/
FF NewTab: Mozilla\Firefox\Profiles\iqewc7d3.default -> about:newtab
FF Extension: (Disconnect) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\2.0@disconnect.me.xpi [2017-04-07]
FF Extension: (Google™ Logo Restorer) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\@googlelogorestorer.xpi [2017-01-31] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\abb@amazon.com.xpi [2018-05-10]
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27] [Legacy]
FF Extension: (Bing Search Engine) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\bingsearchweb_uniwin@microsoft.com.xpi [2018-05-03]
FF Extension: (Classic Toolbar Buttons) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\CSTBB@NArisT2_Noia4dev.xpi [2017-09-23] [Legacy]
FF Extension: (Facebook Disconnect) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\facebook@disconnect.me.xpi [2016-04-27] [Legacy]
FF Extension: (Firebug) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-09] [Legacy]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\firefox@ghostery.com.xpi [2018-07-21]
FF Extension: (iCloud Bookmarks) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\firefoxdav@icloud.com.xpi [2017-12-16]
FF Extension: (Forecastfox (fix version)) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\forecastfox@s3_fix_version.xpi [2018-05-24]
FF Extension: (Google Disconnect) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\google@disconnect.me.xpi [2016-04-27] [Legacy]
FF Extension: (LavaFox V2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\info@djzig.com [2017-10-07] [Legacy]
FF Extension: (Dashlane) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\jetpack-extension@dashlane.com.xpi [2018-07-21]
FF Extension: (Facebook™ Disconnect) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\jid0-dBgF7UkIiOsWqvBng4hYu@jetpack.xpi [2016-09-09] [Legacy]
FF Extension: (IP Address and Domain Information) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2018-03-03]
FF Extension: (Decentraleyes) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2018-07-04]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2018-07-21]
FF Extension: (Qute 5++) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\Qute5pp@magicp.jp.xpi [2017-11-16] [Legacy]
FF Extension: (Qute 6++) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\Qute6pp@magicp.jp.xpi [2017-11-16] [Legacy]
FF Extension: (S3.Translator) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\s3google@translator.xpi [2018-04-07]
FF Extension: (Disconnect Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\search@disconnect.me.xpi [2016-04-27] [Legacy]
FF Extension: (TrafficLight) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\trafficlight@bitdefender.com.xpi [2018-03-08]
FF Extension: (Twitter Disconnect) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\twitter@disconnect.me.xpi [2016-04-27] [Legacy]
FF Extension: (Walnut2 for Firefox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2017-08-20] [Legacy]
FF Extension: (Blue Fox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2017-08-05] [Legacy] [not signed]
FF Extension: (LittleFox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi [2017-08-20] [Legacy]
FF Extension: (Past modern revisited, reloaded) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{29ff5940-915b-11e5-a837-0800200c9a66}.xpi [2017-08-05] [Legacy]
FF Extension: (Advanced Dork:) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{31E65147-5A53-4e52-8A64-FF7EBFA36D76}.xpi [2017-01-02] [Legacy]
FF Extension: (Walnut for Firefox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2017-08-20] [Legacy]
FF Extension: (Nautipolis for Firefox) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}.xpi [2017-08-20] [Legacy]
FF Extension: (NoScript) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-07-21]
FF Extension: (YouTube High Definition) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2018-01-05]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-07-11]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-21]
FF Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2018-01-24]
FF Extension: (Firefox 2, the theme, reloaded) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi [2017-10-22] [Legacy]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iqewc7d3.default\searchplugins\bing-.xml [2018-04-29]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF Extension: (No Name) - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff [2017-10-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\User\AppData\Roaming\Dashlane\5.17.0.23881\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: (No Name) - C:\Users\User\AppData\Roaming\Dashlane\5.17.0.23881\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2018-07-18] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npzohoassisthelper.dll [2016-05-04] (Zoho Corporation Private Ltd)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.nytimes.com/?register=google&WT.z_jog=1&hF=t&vS=undefined
CHR StartupUrls: Default -> "hxxps://www.huffingtonpost.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> dontbubble.us
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-07-21]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dark Legends) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfbekphmapfjpdkfedomagjpccekhaa [2017-10-21]
CHR Extension: (ContentBlockHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnpejopbfnjicblkhclaaefhblgkfpd [2018-01-05]
CHR Extension: (From Dust) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2016-05-25]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-25]
CHR Extension: (AdGuard AdBlocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-04-10]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2016-05-25]
CHR Extension: (James White) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-06-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-25]
CHR Extension: (Honey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-07-08]
CHR Extension: (DuckDuckGo for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao [2017-01-02]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-17]
CHR Extension: (Incognito-Filter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2016-05-25]
CHR Extension: (Facebook Disconnect) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-05-25]
CHR Extension: (Blur) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2018-05-01]
CHR Extension: (Dashlane - Password Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2018-07-17]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (iCloud Bookmarks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-21]
CHR Extension: (Full Screen Weather) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-05-25]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-05-25]
CHR Extension: (Unshorten.link) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbobdaaeaihkghbokihkofcbndhmbdpd [2018-04-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Planetarium) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2016-05-25]
CHR Extension: (Disconnect Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmobfennjmjnkdbklhcnnfbhfibedgkk [2017-01-02]
CHR Extension: (Darkness - Beautiful Dark Themes) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\imilbobhamcfahccagbncamhpnbkaenm [2018-07-12]
CHR Extension: (Disconnect) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2016-05-25]
CHR Extension: (Kuunga Cloud Beta) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobcomhgiakmmlagfihelbokdnfpilig [2016-05-25]
CHR Extension: (Chromarks - Chrome Bookmarks Menu) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdheengilgkagjehknnnofigbmlnnfj [2017-01-02]
CHR Extension: (Video Downloader professional) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmdldgcmokdpmacblnehppgkjphcbpnn [2018-06-25]
CHR Extension: (CanvasDraw) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfimpamngmggpbamfoomdpebdoleghe [2016-05-25]
CHR Extension: (mMinesweeper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcflfaeifjpflolgopilpfijmlmpjkdi [2017-10-21]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-11]
CHR Extension: (Video DownloadHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2018-07-11]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-24]
CHR Extension: (Apollo project management and CRM) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfebegblceghehidfjikckahgpinbma [2016-05-25]
CHR Extension: (Ghostery Fixer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaegpmdlhnpldpoadmnnbddbkcdmbhb [2016-05-25]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-07-17]
CHR Extension: (Downloads) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2018-03-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Better History) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2018-04-07]
CHR Extension: (Adblock Pro) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-11-18]
CHR Extension: (Spelunky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogggnbbinagpdjpnmfihhgdlogfdmdko [2017-10-21]
CHR Extension: (AdBlocker Ultimate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2018-04-07]
CHR Extension: (Mercury Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2018-04-07]
CHR Extension: (My IP Address) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinipodgkaoigpmhmmchojdmleccamce [2016-05-25]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-06-25]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [321920 2018-06-18] (AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [111416 2015-06-26] (ASUSTek Computer Inc.)
R2 ASUS Rog Macro Key; C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe [492344 2015-07-02] (ASUS)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.8.559\AsusWSWinService.exe [75264 2016-05-04] (ASUS Cloud Corporation) [File not signed]
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2137280 2018-04-17] (Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [108072 2018-05-30] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6893704 2018-06-19] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-25] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-25] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51392 2018-07-12] (Dropbox, Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [105936 2018-05-08] (Bitdefender)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [392480 2018-07-08] (EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation)
R2 JIRASoftware030618191203; C:\Program Files\Atlassian\JIRA\bin\tomcat8.exe [86656 2018-05-29] (Apache Software Foundation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-23] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-11-29] ()
R2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064 2015-07-30] () [File not signed]
S3 Origin Client Service; E:\Entertainment f\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-08-11] (Razer Inc)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [49704 2016-03-14] (ASUSTeK COMPUTER INC.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532352 2017-11-06] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [502144 2017-11-13] (Razer Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1831064 2015-11-04] (Intel Corporation)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [112712 2018-05-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1001072 2018-05-16] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [522624 2018-05-16] (Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-11-29] (Intel® Corporation)
S3 Zoho Assist-Remote Support; C:\Program Files (x86)\ZohoMeeting\ZohoMeeting.exe [715392 2016-05-04] ()
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-29] (The OpenVPN Project)
S3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-17] (ASUS Corporation)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1177008 2018-05-16] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-16] (BitDefender)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-16] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [130840 2018-05-16] (BitDefender LLC)
R2 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45104 2018-05-16] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-16] (BitDefender)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [416960 2014-03-06] (EldoS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-07-13] (Malwarebytes)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [189544 2018-05-16] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R0 ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-16] (Bitdefender)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [51712 2009-09-09] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-23] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-07-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-07-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-07-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-07-21] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (Titan ARC Corp.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-11] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_62e8f88c97b34401\nvlddmkm.sys [14461344 2017-06-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-07] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-19] (Realtek )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-08-19] (Razer, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [27136 2016-04-21] (The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [607640 2018-06-11] (Bitdefender)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-27] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-27] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-21 19:40 - 2018-07-21 19:41 - 000049671 _____ C:\Users\User\Desktop\FRST.txt
2018-07-21 19:40 - 2018-07-21 19:40 - 000000000 ____D C:\FRST
2018-07-21 19:38 - 2018-07-21 19:38 - 002412544 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2018-07-21 18:04 - 2018-07-21 18:04 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-07-21 06:02 - 2018-07-21 06:02 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-07-21 06:02 - 2018-07-21 06:02 - 000003538 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-07-21 05:59 - 2018-07-21 05:59 - 000000000 ___HD C:\OneDriveTemp
2018-07-20 08:40 - 2018-07-20 08:40 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-20 08:40 - 2018-07-20 08:40 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-07-20 08:40 - 2018-07-20 08:40 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-07-19 06:38 - 2018-07-19 06:38 - 000001965 _____ C:\Users\User\Desktop\Dashlane.lnk
2018-07-18 18:34 - 2018-07-18 18:34 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2734777235-2699382002-2112644930-1001
2018-07-18 18:34 - 2018-07-18 18:34 - 000002374 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-15 20:44 - 2018-07-15 20:44 - 000467473 _____ C:\Users\User\Downloads\Statement_06_13_2018.PDF
2018-07-15 20:44 - 2018-07-15 20:44 - 000466052 _____ C:\Users\User\Downloads\Statement_05_16_2018.PDF
2018-07-15 20:44 - 2018-07-15 20:44 - 000466052 _____ C:\Users\User\Downloads\Statement_05_16_2018(1).PDF
2018-07-15 20:44 - 2018-07-15 20:44 - 000466030 _____ C:\Users\User\Downloads\Statement_07_11_2018.PDF
2018-07-15 15:25 - 2018-07-15 15:25 - 000015275 _____ C:\Users\User\Downloads\Document.pdf
2018-07-14 17:55 - 2018-07-14 17:55 - 000002670 _____ C:\Users\Public\Desktop\Skype.lnk
2018-07-14 17:55 - 2018-07-14 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-14 17:54 - 2018-07-14 17:54 - 000003202 _____ C:\WINDOWS\System32\Tasks\{F04A64EC-32D2-4533-8B02-982139A94E79}
2018-07-14 17:42 - 2018-07-14 17:44 - 058834376 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skype_7.41.0.101.exe
2018-07-14 17:38 - 2018-07-14 17:40 - 058818504 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skype_7.40.0.151.exe
2018-07-14 17:34 - 2018-07-14 17:36 - 059162608 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\skype_8.12.0.2.exe
2018-07-14 15:26 - 2018-07-14 15:26 - 000003256 _____ C:\WINDOWS\System32\Tasks\{57C41B04-8772-406A-9AAB-566CD480666C}
2018-07-14 08:03 - 2018-07-14 08:03 - 000000217 _____ C:\Users\User\Desktop\The Witcher 2 Bonus Content.url
2018-07-13 19:15 - 2018-07-13 19:15 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-07-13 14:23 - 2018-07-13 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-07-12 22:01 - 2018-07-12 22:01 - 000051392 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-07-12 22:01 - 2018-07-12 22:01 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-07-12 22:01 - 2018-07-12 22:01 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-07-12 22:01 - 2018-07-12 22:01 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-07-12 05:45 - 2018-06-28 21:13 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-07-12 05:45 - 2018-06-28 21:13 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 20:10 - 2018-07-06 10:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 20:10 - 2018-07-06 10:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 20:10 - 2018-07-06 10:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 20:10 - 2018-07-06 10:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 20:10 - 2018-07-06 10:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 20:10 - 2018-07-06 10:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 20:10 - 2018-07-06 09:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 20:10 - 2018-07-06 09:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 20:10 - 2018-07-06 09:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 20:10 - 2018-07-06 09:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 20:10 - 2018-07-06 09:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 20:10 - 2018-07-06 09:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-11 20:10 - 2018-07-06 09:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 20:10 - 2018-07-06 09:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 20:10 - 2018-07-06 08:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 20:10 - 2018-07-06 07:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 20:10 - 2018-07-06 07:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 20:10 - 2018-07-06 07:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 20:10 - 2018-07-06 07:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 20:10 - 2018-07-06 07:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 20:10 - 2018-07-06 07:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 20:10 - 2018-07-06 03:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 20:10 - 2018-07-06 03:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 20:10 - 2018-07-06 03:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-11 20:10 - 2018-07-06 03:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-11 20:10 - 2018-07-06 03:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-11 20:10 - 2018-07-06 03:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-11 20:10 - 2018-07-06 03:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-11 20:10 - 2018-07-06 03:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-11 20:10 - 2018-07-06 03:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-11 20:10 - 2018-07-06 03:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-11 20:10 - 2018-07-06 03:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 20:10 - 2018-07-06 03:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 20:10 - 2018-07-06 03:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 20:10 - 2018-07-06 03:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-11 20:10 - 2018-07-06 03:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-11 20:10 - 2018-07-06 03:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 20:10 - 2018-07-06 03:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 20:10 - 2018-07-06 03:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 20:10 - 2018-07-06 03:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 20:10 - 2018-07-06 03:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 20:10 - 2018-07-06 03:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 20:10 - 2018-07-06 03:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 20:10 - 2018-07-06 03:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 20:10 - 2018-07-06 03:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 20:10 - 2018-07-06 03:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 20:10 - 2018-07-06 03:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 20:10 - 2018-07-06 03:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 20:10 - 2018-07-06 03:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 20:10 - 2018-07-06 03:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 20:10 - 2018-07-06 03:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 20:10 - 2018-07-06 03:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 20:10 - 2018-07-06 03:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 20:10 - 2018-07-06 03:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 20:10 - 2018-07-06 03:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 20:10 - 2018-07-06 03:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 20:10 - 2018-07-06 02:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 20:10 - 2018-07-06 02:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 20:10 - 2018-07-06 02:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 20:10 - 2018-07-06 02:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 20:10 - 2018-07-06 02:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 20:10 - 2018-07-06 02:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 20:10 - 2018-07-06 02:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 20:10 - 2018-07-06 02:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 20:10 - 2018-07-06 02:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 20:10 - 2018-07-06 02:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 20:10 - 2018-07-06 02:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 20:10 - 2018-07-06 02:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 20:10 - 2018-07-06 02:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 20:10 - 2018-06-15 13:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-11 20:10 - 2018-06-15 13:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-11 20:10 - 2018-06-15 13:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-11 20:10 - 2018-06-15 13:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-11 20:10 - 2018-06-15 13:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-11 20:10 - 2018-06-15 13:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-11 20:10 - 2018-06-15 13:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-11 20:10 - 2018-06-15 13:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-11 20:10 - 2018-06-15 13:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-11 20:10 - 2018-06-15 13:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-11 20:10 - 2018-06-15 13:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-11 20:10 - 2018-06-15 13:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-11 20:10 - 2018-06-15 13:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-11 20:10 - 2018-06-15 13:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-11 20:10 - 2018-06-15 13:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-11 20:10 - 2018-06-15 11:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-11 20:10 - 2018-06-15 11:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-11 20:10 - 2018-06-15 11:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-11 20:10 - 2018-06-15 11:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-11 20:10 - 2018-06-15 11:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-11 20:10 - 2018-06-15 11:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-11 20:10 - 2018-06-15 11:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-11 20:10 - 2018-06-15 09:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-11 20:10 - 2018-06-15 03:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-11 20:10 - 2018-06-15 01:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-11 20:10 - 2018-06-15 01:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-11 20:10 - 2018-06-15 01:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-11 20:10 - 2018-06-15 01:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-11 20:10 - 2018-06-15 01:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-11 20:10 - 2018-06-15 01:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-11 20:10 - 2018-06-15 01:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-11 20:10 - 2018-06-15 01:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-11 20:10 - 2018-06-15 01:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-11 20:10 - 2018-06-15 01:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-11 20:10 - 2018-06-15 01:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-11 20:10 - 2018-06-15 01:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-11 20:10 - 2018-06-15 01:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-11 20:10 - 2018-06-15 01:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-11 20:10 - 2018-06-15 01:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-11 20:10 - 2018-06-15 01:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-11 20:10 - 2018-06-15 01:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-11 20:10 - 2018-06-15 01:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-11 20:10 - 2018-06-15 01:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-11 20:10 - 2018-06-15 01:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-11 20:10 - 2018-06-15 01:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-11 20:10 - 2018-06-15 01:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-11 20:10 - 2018-06-15 01:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-11 20:10 - 2018-06-15 01:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-11 20:10 - 2018-06-15 01:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-11 20:10 - 2018-06-15 01:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-11 20:10 - 2018-06-15 01:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-11 20:10 - 2018-06-15 01:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-11 20:10 - 2018-06-15 01:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-11 20:10 - 2018-06-15 01:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-11 20:10 - 2018-06-15 01:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-11 20:10 - 2018-06-15 01:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-11 20:10 - 2018-06-15 01:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-11 20:10 - 2018-06-15 01:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-11 20:10 - 2018-06-15 01:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-11 20:10 - 2018-06-15 01:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-11 20:10 - 2018-06-15 01:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-11 20:10 - 2018-06-15 01:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-11 20:10 - 2018-06-15 00:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-11 20:10 - 2018-06-15 00:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-11 20:10 - 2018-06-15 00:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 20:10 - 2018-06-15 00:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-11 20:10 - 2018-06-15 00:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-11 20:10 - 2018-06-15 00:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-11 20:10 - 2018-06-15 00:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-11 20:10 - 2018-06-15 00:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-11 20:10 - 2018-06-15 00:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-11 20:10 - 2018-06-15 00:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-11 20:10 - 2018-06-15 00:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-11 20:10 - 2018-06-15 00:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-11 20:10 - 2018-06-15 00:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-11 20:10 - 2018-06-15 00:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-11 20:10 - 2018-06-15 00:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-11 20:10 - 2018-06-15 00:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-11 20:10 - 2018-06-15 00:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-11 20:10 - 2018-06-15 00:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-11 20:10 - 2018-06-15 00:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-11 20:10 - 2018-06-15 00:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-11 20:10 - 2018-06-15 00:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-11 20:10 - 2018-06-15 00:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-11 20:10 - 2018-06-15 00:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-11 20:10 - 2018-06-15 00:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-11 20:10 - 2018-06-15 00:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-11 20:10 - 2018-06-15 00:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-11 20:10 - 2018-06-15 00:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-11 20:10 - 2018-06-15 00:37 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-11 20:10 - 2018-06-15 00:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-11 20:09 - 2018-07-06 09:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 20:09 - 2018-07-06 09:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 20:09 - 2018-07-06 09:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 20:09 - 2018-07-06 09:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-11 20:09 - 2018-07-06 09:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 20:09 - 2018-07-06 07:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 20:09 - 2018-07-06 07:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-11 20:09 - 2018-07-06 07:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 20:09 - 2018-07-06 07:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 20:09 - 2018-07-06 07:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 20:09 - 2018-07-06 07:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-11 20:09 - 2018-07-06 03:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 20:09 - 2018-07-06 03:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-11 20:09 - 2018-07-06 03:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 20:09 - 2018-07-06 03:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 20:09 - 2018-07-06 03:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 20:09 - 2018-07-06 03:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 20:09 - 2018-07-06 03:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 20:09 - 2018-07-06 03:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 20:09 - 2018-07-06 03:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 20:09 - 2018-07-06 02:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 20:09 - 2018-07-06 02:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 20:09 - 2018-07-06 02:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 20:09 - 2018-07-06 02:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 20:09 - 2018-07-06 02:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 20:09 - 2018-07-06 02:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 20:09 - 2018-07-06 02:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 20:09 - 2018-07-06 02:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 20:09 - 2018-07-06 02:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-11 20:09 - 2018-07-06 02:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 20:09 - 2018-07-06 02:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 20:09 - 2018-07-06 02:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 20:09 - 2018-07-06 02:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 20:09 - 2018-07-06 01:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-11 20:09 - 2018-06-29 00:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-11 20:09 - 2018-06-15 13:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-11 20:09 - 2018-06-15 13:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-11 20:09 - 2018-06-15 13:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-11 20:09 - 2018-06-15 13:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-11 20:09 - 2018-06-15 13:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-11 20:09 - 2018-06-15 13:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-11 20:09 - 2018-06-15 13:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-11 20:09 - 2018-06-15 13:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-11 20:09 - 2018-06-15 13:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-11 20:09 - 2018-06-15 13:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-11 20:09 - 2018-06-15 13:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-11 20:09 - 2018-06-15 13:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-11 20:09 - 2018-06-15 13:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-11 20:09 - 2018-06-15 13:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-11 20:09 - 2018-06-15 13:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-11 20:09 - 2018-06-15 13:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-11 20:09 - 2018-06-15 13:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-11 20:09 - 2018-06-15 11:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-11 20:09 - 2018-06-15 11:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-11 20:09 - 2018-06-15 11:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-11 20:09 - 2018-06-15 11:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-11 20:09 - 2018-06-15 11:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-11 20:09 - 2018-06-15 11:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-11 20:09 - 2018-06-15 03:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-11 20:09 - 2018-06-15 03:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-11 20:09 - 2018-06-15 01:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-11 20:09 - 2018-06-15 01:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-11 20:09 - 2018-06-15 01:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-11 20:09 - 2018-06-15 01:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-11 20:09 - 2018-06-15 01:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-11 20:09 - 2018-06-15 01:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-11 20:09 - 2018-06-15 01:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-11 20:09 - 2018-06-15 01:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-11 20:09 - 2018-06-15 00:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-11 20:09 - 2018-06-15 00:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-11 20:09 - 2018-06-15 00:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-11 20:09 - 2018-06-15 00:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-11 20:09 - 2018-06-15 00:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-11 20:09 - 2018-06-15 00:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-11 20:09 - 2018-06-15 00:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-11 20:09 - 2018-06-15 00:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-11 20:09 - 2018-06-15 00:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-11 20:09 - 2018-06-15 00:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-11 20:09 - 2018-06-15 00:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-11 20:09 - 2018-06-15 00:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-11 20:09 - 2018-06-15 00:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-11 20:09 - 2018-06-15 00:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-11 20:09 - 2018-06-15 00:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-11 20:09 - 2018-06-15 00:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-11 20:09 - 2018-06-15 00:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-11 20:09 - 2018-06-15 00:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-11 20:09 - 2018-06-15 00:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-11 20:09 - 2018-06-15 00:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-11 20:09 - 2018-06-15 00:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-11 20:09 - 2018-06-15 00:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-11 20:09 - 2018-06-15 00:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-11 20:09 - 2018-06-15 00:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-11 20:09 - 2018-06-15 00:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-11 20:09 - 2018-06-15 00:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-11 20:09 - 2018-06-15 00:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-11 20:09 - 2018-06-15 00:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-11 20:09 - 2018-06-15 00:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-11 20:09 - 2018-06-15 00:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-11 20:09 - 2018-06-15 00:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-11 20:09 - 2018-06-15 00:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-11 20:09 - 2018-06-01 01:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-11 20:09 - 2018-05-20 07:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-11 20:09 - 2018-05-20 07:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-10 20:26 - 2018-07-10 20:26 - 000001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-07-10 20:26 - 2018-07-10 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-07-10 20:26 - 2018-07-10 20:26 - 000000000 ____D C:\Program Files\iTunes
2018-07-10 20:26 - 2018-07-10 20:26 - 000000000 ____D C:\Program Files\iPod
2018-07-10 20:24 - 2018-07-18 07:23 - 000000000 ____D C:\ProgramData\Packages
2018-07-10 20:20 - 2018-07-10 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-07-08 17:53 - 2018-07-08 17:53 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JIRA
2018-07-07 20:42 - 2018-07-07 20:42 - 000000000 ____D C:\Users\User\Documents\WB Games
2018-07-07 09:03 - 2018-07-07 09:03 - 000000218 _____ C:\Users\User\Desktop\Middle-earth Shadow of Mordor.url
2018-07-06 07:52 - 2018-07-06 07:52 - 000066081 _____ C:\ProgramData\vpn.1530877921.bdinstall.bin
2018-07-06 07:52 - 2018-07-06 07:52 - 000002215 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2018-07-06 07:52 - 2018-07-06 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2018-07-06 07:52 - 2018-07-06 07:52 - 000000000 ____D C:\ProgramData\Bitdefender VPN
2018-07-06 07:52 - 2017-11-29 08:51 - 000048624 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aftap0901.sys
2018-06-30 17:36 - 2018-06-30 17:36 - 000029710 _____ C:\ProgramData\agent.update.1530394570.bdinstall.bin
2018-06-30 05:49 - 2018-06-30 05:49 - 000000000 _____ C:\Users\User\AppData\LocalLow\rightsCheck_1.txt
2018-06-29 08:18 - 2018-06-29 08:18 - 000002346 _____ C:\Users\a_guest\Desktop\Google Chrome.lnk
2018-06-29 08:17 - 2018-06-29 08:17 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2018-06-29 08:16 - 2018-06-29 08:16 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2018-06-29 08:15 - 2018-06-29 08:17 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Bitdefender
2018-06-29 08:15 - 2018-06-29 08:15 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\WebStorage
2018-06-29 08:12 - 2018-06-29 08:12 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2734777235-2699382002-2112644930-1006
2018-06-29 08:12 - 2018-06-29 08:12 - 000002383 _____ C:\Users\a_guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-29 08:12 - 2018-06-29 08:12 - 000000000 ___RD C:\Users\a_guest\OneDrive
2018-06-29 08:12 - 2018-06-29 08:12 - 000000000 ____D C:\Users\a_guest\AppData\Local\PlaceholderTileLogoFolder
2018-06-29 08:11 - 2018-06-29 08:15 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Greenshot
2018-06-29 08:11 - 2018-06-29 08:12 - 000000000 ____D C:\Users\a_guest\AppData\Local\NVIDIA Corporation
2018-06-29 08:11 - 2018-06-29 08:12 - 000000000 ____D C:\Users\a_guest\AppData\Local\Dropbox
2018-06-29 08:11 - 2018-06-29 08:11 - 000002113 _____ C:\Users\a_guest\Desktop\Customize Fences.lnk
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ___HD C:\Users\a_guest\MicrosoftEdgeBackups
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Stardock
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Canon
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Apple Computer
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\Stardock
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\SS22.0.7
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\MicrosoftEdge
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\Logitech
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\Greenshot
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\CEF
2018-06-29 08:10 - 2018-06-29 08:12 - 000000000 ____D C:\Users\a_guest\AppData\Local\Packages
2018-06-29 08:10 - 2018-06-29 08:12 - 000000000 ____D C:\Users\a_guest
2018-06-29 08:10 - 2018-06-29 08:11 - 000000000 ____D C:\Users\a_guest\AppData\Local\Razer
2018-06-29 08:10 - 2018-06-29 08:10 - 000000166 _____ C:\Users\a_guest\AppData\Roaming\sp_data.sys
2018-06-29 08:10 - 2018-06-29 08:10 - 000000020 ___SH C:\Users\a_guest\ntuser.ini
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ___RD C:\Users\a_guest\3D Objects
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Intel
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Roaming\Adobe
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\VirtualStore
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\Publishers
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\NVIDIA
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\Google
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\ConnectedDevicesPlatform
2018-06-29 08:10 - 2018-06-29 08:10 - 000000000 ____D C:\Users\a_guest\AppData\Local\ASUS
2018-06-29 08:04 - 2018-06-29 08:04 - 000000000 _____ C:\Users\User\AppData\Roaming\Stardockfences_debug_snapshot.dat
2018-06-25 07:12 - 2018-06-25 07:12 - 000001311 _____ C:\Users\User\Desktop\Energy Arts Training Circle f - Shortcut (2).lnk
2018-06-25 07:11 - 2018-06-25 07:12 - 000002403 _____ C:\Users\User\Desktop\EATC_video_index_openings_and_closings_month_6.pdf - Shortcut.lnk
2018-06-25 07:11 - 2018-06-25 07:11 - 000002419 _____ C:\Users\User\Desktop\EATC_video_index_openings_and_closings_month_5_0.pdf - Shortcut.lnk
2018-06-25 05:20 - 2018-06-25 05:20 - 000000000 ____D C:\Users\User\AppData\Local\BattlEye
2018-06-24 20:13 - 2018-06-24 20:13 - 033210752 _____ C:\Users\User\Downloads\EAA_Taichi_London_2017_29.mp4
2018-06-24 20:05 - 2018-06-24 20:05 - 015494814 _____ C:\Users\User\Downloads\TCM_CH_Lesson_29 Circularity In The Body.mp4
2018-06-24 19:59 - 2018-06-24 20:00 - 127329681 _____ C:\Users\User\Downloads\TCM_CH_Lesson_30 Horizontal And Coronal Circling Hands- Guided Practice Sessions.mp4
2018-06-24 15:00 - 2018-06-24 15:00 - 000000000 ____D C:\Users\User\AppData\LocalLow\Dashlane
2018-06-24 14:59 - 2018-06-24 14:59 - 000000000 ____D C:\Program Files (x86)\Dashlane
2018-06-24 14:58 - 2018-07-19 06:38 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2018-06-24 14:58 - 2018-07-19 06:38 - 000000000 ____D C:\Users\User\AppData\Roaming\Dashlane
2018-06-24 14:58 - 2018-06-24 14:58 - 000756416 _____ (Dashlane Inc.) C:\Users\User\Downloads\Dashlane__bchrome_0oK7NZjpxiOz0kInU.exe
2018-06-24 14:03 - 2018-06-24 14:03 - 000001731 _____ C:\Users\User\Desktop\start-jira.bat - Shortcut.lnk
2018-06-24 14:03 - 2018-06-24 14:03 - 000001716 _____ C:\Users\User\Desktop\stop-jira.bat - Shortcut.lnk
2018-06-23 07:59 - 2018-06-23 07:59 - 000000218 _____ C:\Users\User\Desktop\Dishonored 2.url
2018-06-23 06:20 - 2018-06-23 06:20 - 000000137 _____ C:\Users\User\Desktop\Prey.url
2018-06-21 21:21 - 2018-06-22 07:56 - 000000000 ____D C:\Users\User\Desktop\meeting 20180616

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-21 19:36 - 2016-04-25 12:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Everything
2018-07-21 19:27 - 2016-11-19 13:00 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-07-21 19:05 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-21 18:53 - 2018-05-14 19:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-21 17:28 - 2018-05-14 19:16 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6D2C5BCB-4A57-427F-A69F-BC98FD7EED7B}
2018-07-21 14:51 - 2018-05-14 19:16 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-21 14:51 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-21 14:36 - 2016-05-26 14:14 - 000058496 _____ C:\Users\User\IP_Log_Data.js
2018-07-21 13:59 - 2018-04-11 17:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-07-21 12:25 - 2017-07-09 12:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-21 06:43 - 2016-05-16 14:23 - 000000166 _____ C:\Users\User\AppData\Roaming\sp_data.sys
2018-07-21 05:59 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-21 05:59 - 2016-05-28 18:10 - 000000000 ____D C:\Users\User\AppData\Local\AWScfgFiles
2018-07-21 05:59 - 2016-04-26 15:54 - 000000000 ___RD C:\Users\User\iCloudDrive
2018-07-21 05:59 - 2016-04-01 05:48 - 000000000 ___RD C:\Users\User\OneDrive
2018-07-20 21:42 - 2016-05-26 14:29 - 000000028 _____ C:\Users\User\AppData\Roaming\Network Meter_Usage.ini
2018-07-20 20:53 - 2018-05-17 21:48 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-20 20:53 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-20 08:40 - 2018-05-14 19:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-20 08:40 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-19 08:36 - 2018-04-11 17:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-07-19 08:36 - 2016-05-31 21:07 - 000236511 _____ C:\bdlog.txt
2018-07-17 21:40 - 2016-04-24 10:27 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-07-17 18:32 - 2016-04-20 18:15 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-17 06:30 - 2016-05-16 12:55 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2018-07-15 13:54 - 2016-04-25 12:20 - 000000000 ____D C:\Users\User\AppData\Local\Greenshot
2018-07-15 13:53 - 2017-03-25 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-15 13:53 - 2016-04-23 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-15 07:42 - 2016-04-28 19:22 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2018-07-14 17:55 - 2017-11-04 20:06 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2018-07-14 17:55 - 2017-04-22 15:35 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-07-14 17:55 - 2016-05-16 12:55 - 000000000 ____D C:\ProgramData\Skype
2018-07-14 08:03 - 2016-04-25 11:05 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-07-14 05:30 - 2016-04-27 12:25 - 000000000 ____D C:\ProgramData\SystemExplorer
2018-07-13 19:15 - 2018-06-07 18:35 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-13 14:23 - 2016-04-25 07:53 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-07-12 05:46 - 2017-11-04 20:16 - 000000000 ___RD C:\Users\User\3D Objects
2018-07-12 05:46 - 2016-04-01 05:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-12 05:45 - 2018-05-14 19:06 - 000445464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-11 22:20 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-11 22:20 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-11 22:20 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-11 22:20 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-11 22:20 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 22:20 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-11 20:17 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 20:17 - 2016-04-20 18:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 20:14 - 2016-04-20 18:13 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-10 07:24 - 2018-05-14 19:16 - 000004582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-10 07:24 - 2018-05-14 19:16 - 000004546 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-07-10 07:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-10 07:24 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-10 05:12 - 2016-05-28 18:00 - 000000000 ____D C:\Users\User\AppData\Roaming\WebStorage
2018-07-09 18:23 - 2016-06-20 14:58 - 000000000 ____D C:\ProgramData\CanonIJPLM
2018-07-08 22:08 - 2017-06-09 09:02 - 000000000 ____D C:\Users\User\AppData\Local\Everything
2018-07-08 17:51 - 2018-05-13 19:36 - 000000000 ____D C:\Program Files\Atlassian
2018-07-08 10:59 - 2017-01-21 13:27 - 000392480 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2018-07-08 07:44 - 2016-11-19 12:54 - 000000624 _____ C:\Users\User\AppData\Roaming\All CPU MeterV3_Settings.ini
2018-07-07 11:02 - 2016-06-10 15:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-07 10:03 - 2016-04-23 20:52 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-06 07:52 - 2017-02-16 08:32 - 000000000 ____D C:\Program Files\Bitdefender
2018-06-30 17:36 - 2016-05-29 16:19 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-06-29 08:16 - 2018-05-14 19:07 - 000000000 ____D C:\Users\Administrator
2018-06-27 05:40 - 2018-03-02 19:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-26 17:32 - 2016-05-23 18:39 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-24 15:00 - 2016-04-24 10:26 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-22 07:56 - 2016-05-19 20:43 - 000000000 ____D C:\Users\User\dwhelper

==================== Files in the root of some directories =======

2016-05-26 14:14 - 2018-07-21 14:36 - 000058496 _____ () C:\Users\User\IP_Log_Data.js
2016-11-19 12:54 - 2018-07-08 07:44 - 000000624 _____ () C:\Users\User\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-06-23 18:45 - 2017-10-07 18:03 - 000004556 _____ () C:\Users\User\AppData\Roaming\ConEmu.xml
2016-06-19 14:58 - 2018-05-12 08:55 - 000000205 _____ () C:\Users\User\AppData\Roaming\Earthquakes Meter_Settings.ini
2018-05-12 08:58 - 2018-06-04 05:13 - 000000284 _____ () C:\Users\User\AppData\Roaming\GPU MeterV2_Settings.ini
2016-05-26 14:19 - 2018-06-04 05:13 - 000001345 _____ () C:\Users\User\AppData\Roaming\Network Meter_Settings.ini
2016-05-26 14:29 - 2018-07-20 21:42 - 000000028 _____ () C:\Users\User\AppData\Roaming\Network Meter_Usage.ini
2016-05-26 14:21 - 2017-05-07 10:10 - 000000900 _____ () C:\Users\User\AppData\Roaming\Network Monitor II_#0_Settings.ini
2016-05-16 14:23 - 2018-07-21 06:43 - 000000166 _____ () C:\Users\User\AppData\Roaming\sp_data.sys
2018-06-29 08:04 - 2018-06-29 08:04 - 000000000 _____ () C:\Users\User\AppData\Roaming\Stardockfences_debug_snapshot.dat
2018-06-16 06:10 - 2018-06-16 06:10 - 000003586 _____ () C:\Users\User\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2018-06-16 06:11 - 2018-06-16 06:11 - 000000114 _____ () C:\Users\User\AppData\Roaming\System Monitor II_UptimeRecord.ini
2018-05-12 08:58 - 2018-05-12 08:58 - 000000358 _____ () C:\Users\User\AppData\Roaming\Top Process Monitor_Settings.ini
2016-04-24 10:17 - 2016-04-24 10:17 - 000000046 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2016-05-26 14:34 - 2016-05-26 14:35 - 000000367 _____ () C:\Users\User\AppData\Roaming\Weather Meter_Settings.ini
2016-06-02 13:49 - 2016-06-02 13:49 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-07-14 14:43 - 2018-07-14 14:44 - 057812744 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-14 19:06

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by User (21-07-2018 19:41:59)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1803 17134.165 (X64) (2018-05-14 23:17:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2734777235-2699382002-2112644930-500 - Administrator - Enabled) => C:\Users\Administrator
Aran (S-1-5-21-2734777235-2699382002-2112644930-1002 - Administrator - Enabled) => C:\Users\Aran
a_guest (S-1-5-21-2734777235-2699382002-2112644930-1006 - Limited - Enabled) => C:\Users\a_guest
DefaultAccount (S-1-5-21-2734777235-2699382002-2112644930-503 - Limited - Disabled)
faust (S-1-5-21-2734777235-2699382002-2112644930-1003 - Limited - Disabled)
Guest (S-1-5-21-2734777235-2699382002-2112644930-501 - Limited - Disabled)
Sara (S-1-5-21-2734777235-2699382002-2112644930-1004 - Administrator - Enabled) => C:\Users\Sara
User (S-1-5-21-2734777235-2699382002-2112644930-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2734777235-2699382002-2112644930-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{A6ED7695-0EDF-47C6-BD79-669FA92C6E78}) (Version: 26.0.0 - 8GadgetPack.net)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
Asus Sonic Suite Plugins (HKLM-x32\...\{538766d1-8795-4e62-b3d3-cf65517bae51}) (Version: 2.0.7 - ASUSTeKcomputer.Inc)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.23.1101 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 22.0.7.565 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Championify version 1.3.7 (HKLM-x32\...\{1AE5DA33-DB00-453C-9190-FB14C0BBDBE7}_is1) (Version: 1.3.7 - Dustin Blackman)
CheckDevicesConfigurator (HKLM\...\{C3B3D79A-7BFB-48AF-9C41-B0FE3D5D071C}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden
ConEmu 160619.x64 (HKLM\...\{943D796B-1550-47E2-901E-524D88CBEE9E}) (Version: 11.160.6190 - ConEmu-Maximus5)
Contents64 (HKLM\...\{6E4E6A71-CE25-4DCE-8C81-E0934234B035}) (Version: 21.2.0.113 - Corel Corporation) Hidden
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Corel Update Manager (HKLM\...\{2C033F91-236B-4C29-854D-5CC0F67FE7DA}) (Version: 2.7.355 - Corel corporation) Hidden
Corel VdieoStudio Trial 2018 (HKLM-x32\...\_{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.2.0.113 - Corel Corporation)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version:  3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane (HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Dashlane) (Version: 5.17.0.23881 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 53.4.67 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{2DE76AAC-8061-4D9B-B7BA-A7CFBE0F8048}) (Version: 1.1.86.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evaer Video Recorder for Skype 1.8.5.16 (HKLM-x32\...\Evaer Video Recorder for Skype) (Version: 1.8.5.16 - Evaer Technology)
Evernote v. 6.10.3 (HKLM-x32\...\{39D7F408-27C7-11E8-B4AA-005056951CAD}) (Version: 6.10.3.6921 - Evernote Corp.)
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free Screen Video Recorder (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.45.1027 - Digital Wave Ltd)
GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Greenshot 1.2.9.112 (HKLM\...\Greenshot_is1) (Version: 1.2.9.112 - Greenshot)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
ICA (HKLM-x32\...\{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.2.0.113 - Corel Corporation) Hidden
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{588DA478-D4FF-48E3-8290-49F8C4B21283}) (Version: 18.1.1527.1551 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IPM_VS_Pro64 (HKLM\...\{BB43C25C-CC43-447B-B258-9DAA3E9A1002}) (Version: 21.0 - Corel Corporation) Hidden
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
JIRA Core 7.10.0 (HKLM\...\3069-1244-9928-3021) (Version: 7.10.0 - Atlassian)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeePass Password Safe 2.32 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup (HKLM\...\{FAF92126-24C9-4241-A922-FA6F2C896B4A}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
LibreOffice 5.1 Help Pack (English (United States)) (HKLM-x32\...\{F2747B50-9C8D-4917-B2C4-8C5E0789043E}) (Version: 5.1.2.2 - The Document Foundation)
LibreOffice 6.0.3.2 (HKLM\...\{9739EFFE-C402-4A4B-AE2E-092682D1D07B}) (Version: 6.0.3.2 - The Document Foundation)
Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
MAGIX Photo Manager 15 (HKLM\...\{3B1A599F-CBB6-454D-A53E-D53DFAD8FB36}) (Version: 11.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM-x32\...\MX.{3B1A599F-CBB6-454D-A53E-D53DFAD8FB36}) (Version: 11.0.2.36 - MAGIX Software GmbH)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NahimicSettingsConfigurator (HKLM\...\{B1FF19B8-BC5F-49AC-B679-0A5DA36E8A43}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
Nmap 5.51 (HKLM-x32\...\Nmap) (Version:  - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN Connect (HKLM-x32\...\{B22FA658-C41E-4106-ADB2-B70F3C8FCED0}) (Version: 2.0.18.202 - OpenVPN Technologies)
Oracle VM VirtualBox 5.1.4 (HKLM\...\{4EF3FBF6-697D-440A-AADA-7F5D39B73E62}) (Version: 5.1.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{75ab984e-6afb-4ae7-a2b3-ca57dc7af454}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Plane9 v2.5.1.3 (HKLM-x32\...\Plane9) (Version: v2.5.1.3 - Joakim Dahl / Planestate Software)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
ProductDaemonSetup (HKLM\...\{0F5183BD-29DA-48CC-93DB-3924DA7EA212}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden
PuTTY release 0.67 (HKLM-x32\...\PuTTY_is1) (Version: 0.67 - Simon Tatham)
Python 2.7.11 (64-bit) (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD62}) (Version: 2.7.11150 - Python Software Foundation)
Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Quicken 2017 (HKLM-x32\...\{E5AE4F66-CDA1-432A-A69E-C685D454ABDA}) (Version: 26.1.15.13 - Quicken)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.4.17.561 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.116 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7831 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Drive Pro 2.2.2.525 (HKLM-x32\...\Remote Drive Pro) (Version: 2.2.2.525 - ASUS Cloud Corporation)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.8 - ASUS)
ROG MacroKey (HKLM-x32\...\{1101D2B9-7E8C-4361-88D5-AB0A2EB705EC}) (Version: 1.0.4 - ASUS)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Setup (HKLM-x32\...\{73DEC847-B519-427C-BAAA-9034445703B6}) (Version: 21.2.0.113 - Corel Corporation) Hidden
Share64 (HKLM\...\{E233030D-601B-46F5-A797-771DEEDDBEE3}) (Version: 21.2.0.113 - Corel Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SonicRadarSetup (HKLM\...\{490C61FF-D5A6-4335-A51E-0FC7DC65F591}) (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden
SonicStudioSetup (HKLM\...\{34BCBD15-E877-4277-A4E1-A8C1E2DE0FE2}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Thunderbolt™ Software (HKLM-x32\...\{B0E8A8CA-5A40-49C3-BE5E-9076664DB9AA}) (Version: 15.3.39.250 - Intel Corporation)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
VdhCoApp 1.2.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VideoStudio 3D Title Editor (HKLM\...\{74CD5094-4410-4C98-9F7D-EC43F99BACE4}) (Version: 1.0.5.88 - Corel Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VSClassic64 (HKLM\...\{8592E7A8-CA1A-4E55-B2DD-E7A4895807B7}) (Version: 21.2.0.113 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{DAB1A9B0-B93C-4EC2-B626-D57478981107}) (Version: 21.2.0.113 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.12.577 - ASUS Cloud Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\WinDirStat) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
XnView 2.44 (HKLM-x32\...\XnView_is1) (Version: 2.44 - Gougelet Pierre-e)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)
Zoho Assist (HKLM-x32\...\Zoho Assist) (Version: 1.0 - Zoho Corp Pvt Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{71B1723C-1EC2-4b4d-868E-FA58C7F95CD9}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2734777235-2699382002-2112644930-1001_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {808BFD2C-BB31-45E7-8A49-5EFC1D2594E4} => C:\Windows\system32\cbfsMntNtf5.dll [2014-03-06] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {808BFD2C-BB31-45E7-8A49-5EFC1D2594E4} => C:\Windows\system32\cbfsMntNtf5.dll [2014-03-06] (EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Programs f\Notepad++\NppShell_06.dll [2018-03-18] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] ()
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers1-x32: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-11] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-12] (Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-07] (NVIDIA Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2013-02-02] (hxxp://winmerge.org)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2016-09-15] (Stardock)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {118E3E3B-6E35-4AF4-9BDB-2979E47DCFC9} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-jamm127usa@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {140F9B29-30B0-4465-B7E1-23B0F474E5A4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {15BA732D-AADE-4BC7-9758-8A54378C50C3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {255431C7-3826-42B0-B306-0B671A179CE9} - System32\Tasks\{57C41B04-8772-406A-9AAB-566CD480666C} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.40.0.104&LastError=404
Task: {2954A279-D18C-4E89-B071-A211072473FA} - System32\Tasks\VideoStudioUpdater => E:\Programs f\Corel VideoStudio 2018\VSNotification.exe [2018-03-23] ()
Task: {29A7FC79-5260-4E89-B3E9-397E46A4E706} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {30424C3E-5F0A-41F7-A9A5-F9F51F59B292} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {33A148E4-FD91-4D62-A418-FFA6FF738BD2} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe
Task: {34F54590-7B0C-44D4-BCF1-029456456048} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-05-26] (Realtek Semiconductor)
Task: {39F93307-66F3-4BA7-AA67-E50ACFEEF29F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3FB7F5CC-B4B9-40F6-95AA-3E9343D68356} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {47B29B4B-27D8-4BB9-8679-3E1B63BF25D5} - System32\Tasks\{F04A64EC-32D2-4533-8B02-982139A94E79} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/en/abandoninstall?page=tsProgressBar
Task: {49C69F9D-4216-460D-B0BD-F68C2647C555} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {4E7A4FF3-7C5A-46D3-88F8-F9DCF8D7A292} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {4F0125F2-8669-4F4E-BD4A-C657DF18FC4D} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {508573B0-7AF9-4436-988E-7D8AACD33C34} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-12-02] (ASUS)
Task: {5811DC95-D4BE-411E-887B-FDD597CA9B71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {5A89FD5F-AB96-49D6-8FEA-3D2C30FB6484} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {5AE18A15-3943-4210-A3E6-0404DA9BA7FD} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {5B0D6D49-89D8-42DA-A78C-5FCD9853E6E1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {5B341C4B-D7C1-465E-84AD-1B0FE1C6E492} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe [2015-08-14] ()
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {66690289-F33F-45B8-997E-FDA001CA559B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2734777235-2699382002-2112644930-1001 => C:\Users\User\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-24] (Mega Limited)
Task: {7AE2DDAB-2D58-4E76-B46F-4617BDE700FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-23] (Google Inc.)
Task: {7F1B916C-3A77-4C68-9FBD-7AADA27D89C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {82EEF584-70F7-450A-8363-4783B41B5622} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2016-03-14] (ASUSTek Computer Inc.)
Task: {83B65917-7F27-401E-B301-0E109938DE7A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-05-26] (Realtek Semiconductor)
Task: {85740039-07D3-4AEE-BE05-9535FE346A7F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {8FC0E930-D824-4C31-9765-9C769C58C8BD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {92C8998D-C629-48FA-9D42-A46C493DC9BF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {9C62046F-8C84-4A95-B52E-412CB34CE0CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {A2AEE38A-ABD2-4366-A470-E8972CC2A1FF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A556090B-E1CA-4D7A-9E0E-9AE99E1FD8F7} - System32\Tasks\ASUS ROG Macro Key Listener => C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe [2015-10-19] (ASUS)
Task: {A5DC2011-8B0D-4C2E-A1E4-E0C32BCC659E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {A8C267E0-1FFE-4507-A830-27DE1883C387} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {A968EE22-DAAD-4894-85D2-5A8E8D201EAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-23] (Google Inc.)
Task: {AE5F18AB-F1F5-4C3F-AF67-BDE86779F5A5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {B4C2A3CF-02C0-48D7-A1DD-00904A3429A7} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2018-05-16] (Bitdefender)
Task: {BA2BC3EC-0BE7-44C2-9053-BA572647B811} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [2015-08-14] ()
Task: {BE7E3E5A-67FC-402E-BEB7-C34979C29B63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {CA0D813C-56F1-45D5-A90A-470105D09713} - System32\Tasks\CorelUpdateHelperTask-D3831136B60204497E15AD263788DB91 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation)
Task: {CB19B151-3A25-4574-B165-A91A6D8B309E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {D5250A66-C1F6-40FD-9607-F1E2A583AF29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {DF55E5A2-A897-4468-8513-61237482D3EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {E6D818BB-2263-4BFC-90CC-2E9C6312E82B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {EF281709-BC9F-44B4-861E-22671ADD9C69} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {EF525163-4531-497F-9049-E704B6DE60A7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {F89A4ACC-87F9-43EB-AB34-21E2A21927A5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation)
Task: {FF9260CC-A732-48B0-A892-4D4290604956} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {FF9DF01B-3C45-4B57-946E-70B0BC10CA23} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe [2015-08-14] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\User\Desktop\start-jira.bat - Shortcut.lnk -> C:\Program Files\Atlassian\JIRA\bin\start-jira.bat ()
Shortcut: C:\Users\User\Desktop\stop-jira.bat - Shortcut.lnk -> C:\Program Files\Atlassian\JIRA\bin\stop-jira.bat ()
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JIRA\Start JIRA Service [8080].lnk -> C:\Program Files\Atlassian\JIRA\start_service.bat ()
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JIRA\Stop JIRA Service [8080].lnk -> C:\Program Files\Atlassian\JIRA\stop_service.bat ()

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\mMinesweeper.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=lcflfaeifjpflolgopilpfijmlmpjkdi
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Spelunky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ogggnbbinagpdjpnmfihhgdlogfdmdko

==================== Loaded Modules (Whitelisted) ==============

2018-07-18 06:50 - 2018-07-18 06:50 - 000993728 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpbr.mdl
2018-07-18 06:50 - 2018-07-18 06:50 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpdsp.mdl
2018-07-18 06:50 - 2018-07-18 06:50 - 003232216 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpph.mdl
2018-07-18 06:50 - 2018-07-18 06:50 - 001528320 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttprbl.mdl
2016-04-25 12:24 - 2016-01-22 17:57 - 000089008 _____ () C:\WINDOWS\System32\cpwmon64.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-20 14:59 - 2012-03-28 08:49 - 000140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-04-25 12:19 - 2017-06-06 21:42 - 002197608 _____ () C:\Program Files\Everything\Everything.exe
2017-05-07 09:58 - 2017-05-03 16:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-07-30 15:38 - 2015-07-30 15:38 - 000024064 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
2016-09-24 18:20 - 2016-09-24 18:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-06-07 18:36 - 2018-07-13 19:15 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-07 18:35 - 2018-07-13 19:15 - 002535120 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-09 12:46 - 2017-06-07 19:55 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-11-18 15:58 - 2017-11-18 15:58 - 000598528 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-08-14 09:15 - 2015-08-14 09:15 - 000341472 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll
2015-08-14 09:15 - 2015-08-14 09:15 - 000242144 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll
2016-04-25 12:21 - 2012-01-29 17:55 - 000657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2018-07-11 20:10 - 2018-07-06 02:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-01-23 18:19 - 2017-01-23 18:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 20:07 - 2015-03-06 20:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-01-23 18:19 - 2017-01-23 18:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 000970720 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
2015-08-14 09:13 - 2015-08-14 09:13 - 002608128 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
2015-08-14 09:16 - 2015-08-14 09:16 - 000301056 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
2018-07-06 02:00 - 2018-07-06 02:00 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2015-08-26 22:55 - 2015-08-26 22:55 - 000947496 _____ () C:\Program Files (x86)\ASUS\Remote Drive Pro\RDP_Manager.exe
2015-07-30 15:38 - 2015-07-30 15:38 - 000055296 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe
2015-08-26 22:55 - 2015-08-26 22:55 - 002652456 _____ () C:\Program Files (x86)\ASUS\Remote Drive Pro\RemoteDrive_RDP.exe
2018-06-16 05:59 - 2013-06-06 14:16 - 000012520 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2018-06-16 05:59 - 2013-06-06 14:16 - 000015080 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2018-06-16 05:59 - 2013-06-06 14:16 - 000014056 _____ () C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2018-03-23 05:04 - 2018-03-23 05:04 - 000866136 _____ () E:\Programs f\Corel VideoStudio 2018\VSNotification.exe
2016-12-11 04:48 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-11 04:48 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-12-11 04:48 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-11 04:48 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2011-02-26 11:33 - 2011-02-26 11:33 - 000027648 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd
2011-02-27 10:12 - 2011-02-27 10:12 - 000110080 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll
2011-02-26 11:32 - 2011-02-26 11:32 - 000040960 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd
2011-02-26 11:33 - 2011-02-26 11:33 - 000096768 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd
2011-02-26 11:32 - 2011-02-26 11:32 - 000017408 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32profile.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000153088 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd
2010-08-24 18:47 - 2010-08-24 18:47 - 000040448 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000720896 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd
2011-02-26 11:32 - 2011-02-26 11:32 - 000110080 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd
2011-02-26 11:34 - 2011-02-26 11:34 - 000354304 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pythoncom26.dll
2011-02-26 11:38 - 2011-02-26 11:38 - 000265728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32com.shell.shell.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000019968 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000286208 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000073728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000011776 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\select.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000010240 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000061440 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000039936 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd
2011-02-26 11:32 - 2011-02-26 11:32 - 000035840 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000007680 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd
2015-07-30 15:38 - 2015-07-30 15:38 - 000007168 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd
2011-02-26 11:31 - 2011-02-26 11:31 - 000112128 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd
2011-02-26 11:31 - 2011-02-26 11:31 - 000017408 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd
2011-02-26 11:32 - 2011-02-26 11:32 - 000023552 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd
2010-08-24 18:48 - 2010-08-24 18:48 - 000585728 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\unicodedata.pyd
2011-02-26 11:33 - 2011-02-26 11:33 - 000022528 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32ts.pyd
2015-09-04 20:34 - 2015-09-04 20:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 000210912 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2DevProps.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 000302048 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
2017-01-02 08:55 - 2017-05-03 16:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 000027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 000124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 000120320 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-07-13 14:23 - 2018-07-12 22:01 - 001107648 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-07-13 14:23 - 2018-07-12 22:01 - 002079424 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-07-13 14:23 - 2018-07-12 22:05 - 000021704 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000135656 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 001881816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000111576 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-07-13 14:23 - 2018-07-12 22:01 - 000103392 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000069320 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000080064 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000399832 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-07-13 14:23 - 2018-07-12 22:01 - 000024544 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000043496 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000021472 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000124896 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000114664 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000392392 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000028896 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000024552 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000175584 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000024544 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000026080 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000024272 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000048616 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000057824 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 000022728 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 000025296 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000070360 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000026336 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 003866304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000089272 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 001800896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 001960640 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000155856 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000521920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000051400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000043720 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000131264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000220872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000205512 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000060896 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000056536 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000024040 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000024792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:02 - 000028392 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000348128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000102088 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000024800 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000026840 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-07-13 14:23 - 2018-07-12 22:03 - 000034528 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:01 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-07-13 14:23 - 2018-07-12 22:05 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000181432 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-07-13 14:23 - 2018-07-12 22:05 - 000031952 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000024752 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-07-13 14:23 - 2018-07-12 22:03 - 001638576 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-07-13 14:23 - 2018-07-12 22:05 - 000090840 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000027352 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000547008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000360128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:03 - 000038600 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-07-13 14:23 - 2018-07-12 22:05 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2011-02-26 11:33 - 2011-02-26 11:33 - 000167424 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\win32gui.pyd
2014-10-12 17:41 - 2014-10-12 17:41 - 000005120 _____ () C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\ovpntray.dll
2018-03-14 14:58 - 2018-03-14 14:58 - 000668384 _____ () C:\Program Files (x86)\Evernote\Evernote\tidy.dll
2017-11-18 15:57 - 2017-11-18 15:57 - 000798208 _____ () C:\Users\User\AppData\Local\MEGAsync\libsodium.dll
2016-11-18 06:41 - 2016-11-18 06:41 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\EasyAntiCheat.exe:BDU [1]
AlternateDataStreams: C:\Users\Aran\Downloads\Championify.Windows_Setup.1-3-7.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\DiscordSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\ezvid1.003b04.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\flashplayer23pp_ka_install.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\LeagueofLegends_NA_Installer_2016_05_13 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\LeagueofLegends_NA_Installer_2016_05_13.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\OriginThinSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\osu!install.exe:BDU [0]
AlternateDataStreams: C:\Users\Aran\Downloads\qbittorrent.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\368.39-notebook-win10-64bit-international-whql.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\AcronisTrueImage2014_6688_en-US.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\ConvertHelperSetup-3.2.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Fences_2.13_setup_sd.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\GeForce_Experience_v2.11.3.5.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\GeForce_Experience_v3.3.0.95.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Greenshot-INSTALLER-1.2.9.112-RELEASE.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\install_flash_player_21_plugin.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\LGS_8.91.48_x64_Logitech.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Logitech_ConnectUtility2.00.3.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\ObjectDock_v2.20_setup_sd.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Plane9-2.5.1.3.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\RazerGameBoosterSetup_4.1.59.0_1.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Thunderbird Setup 45.7.1.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\WebStorageSyncAgent2.2.11.570.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\WebStorageSyncAgent2.2.12.577.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\WebStorageSyncAgent2.2.15.587.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Windows10Upgrade9252.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\winrar-x64-521.exe:BDU [0]
AlternateDataStreams: C:\Users\User\Downloads\Wireless Gaming Mouse G700 - Logitech Support.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2018-07-21 18:58 - 000000482 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.94.0.1    client.openvpn.net
127.94.0.3    openvpn-client.au1.celo.net
127.94.0.4    openvpn-client.ch1.celo.net
127.94.0.5    openvpn-client.de1.celo.net
127.94.0.7    openvpn-client.nl1.celo.net
127.94.0.8    openvpn-client.ru1.celo.net
127.94.0.9    openvpn-client.sw1.celo.net
127.94.0.10    openvpn-client.uk1.celo.net
127.94.0.2    openvpn-client.us1.celo.net
127.94.0.6    openvpn-client.us2.celo.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2734777235-2699382002-2112644930-1001\...\StartupApproved\Run: => "BingSvc"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0D021F8C-8691-4767-9425-6FAEC371A669}] => (Allow) E:\Entertainment f\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{3FCA2372-FA22-4659-B574-D9F1BAF2DEC4}] => (Allow) E:\Entertainment f\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{4A30AF57-DCEA-4B41-B724-7A4F99B604E5}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{95F6AEAC-974D-40D4-B1A8-E6225C687D3F}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{BCA5FBE7-ABC7-4CBF-ADE3-CF82A8732B32}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{B8D4E760-B7D1-4AE7-B3CE-9E818A3A91DC}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [UDP Query User{CC8CA59B-D51E-4AA3-8108-C620E5C15925}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D5F7DFDE-C71F-4D2D-9BC4-5F2E0E09B73B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FFA63A4C-7DF8-4D4F-AC55-B2519A561B18}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{84575E70-DC0D-4FED-AFD3-D83CD1B98E63}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{313B969F-6EF8-496B-95BC-F21530778669}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{C0AEC48F-4CC2-4C6C-85C8-A168535D9F4E}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{6EF429D8-E7A6-4D1F-AD83-B794CADF4615}] => (Allow) E:\Entertainment f\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{E98A9353-D486-4492-8375-D0F940B87C69}] => (Allow) E:\Entertainment f\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{E87A3926-E841-44EB-811A-4EE698B523C2}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{6268BE3C-D50E-468D-967E-7E0AA9FA0223}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{A2FF7800-0369-4308-A5F7-365A8B6BC6DC}] => (Allow) E:\Entertainment f\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{722B2010-2833-4D15-80C9-048B192763C1}] => (Allow) E:\Entertainment f\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{7C3C081E-9FAD-4BD3-B345-3EBAD82138E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{01E6EBE4-3281-4ADC-A594-868730A9E235}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2D148DEB-6AAB-4A7A-A4F2-DB04CE172C0D}] => (Allow) E:\Entertainment f\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4EEDBEDD-A5C6-4347-9628-922C6CB5DBA1}] => (Allow) E:\Entertainment f\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{789913E5-A0B1-4370-81DD-82201F427ED7}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{BDF84F58-C714-48E4-9D41-6DC54CA99E6C}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{0751F114-9B9B-4F58-87AD-7CA9EAABCDC7}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D2A4FB96-AFF1-4B53-BA93-D99955B33E90}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{74005856-BB83-460D-8BF8-C5D8B3DEA157}] => (Allow) E:\Entertainment f\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{17D0F2A9-232C-4273-AB9B-3DB2FCA01B01}] => (Allow) E:\Entertainment f\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{592183FF-A672-4ACC-9244-76B6B9CC7B25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C76D2D7E-C092-4FC9-BB00-38842A0C5361}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{55F92D15-F7B9-4C6A-AA09-67E299CDFD34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F3F0417A-66DF-47BF-BE27-6B874DE6FC4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BD047301-C557-4849-8D5C-054C204A8825}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B3336868-BFA6-478D-8744-557F9E287D3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7EBD6290-0325-4D17-8550-5511C16A17D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{10BDA7D0-AEF5-43B0-A61B-AF4987CB5410}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{F9CC93AA-5ED4-49DB-8926-1BAEC35AB953}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{9E9B2029-2F5C-4252-8F12-79054836CCA0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B07B9101-8D7C-49D2-BF70-2A135BA57ACA}] => (Allow) LPort=2869
FirewallRules: [{38B435CF-02F5-423C-9155-DA6F14FC266D}] => (Allow) LPort=1900
FirewallRules: [{0571AECE-EBDC-4EB8-9EA3-2315578BA47C}] => (Allow) D:\Entertainment f\Steam\Steam.exe
FirewallRules: [{08D77AB8-F43B-48C1-9B7B-510409A2FBE0}] => (Allow) D:\Entertainment f\Steam\Steam.exe
FirewallRules: [{761B939B-CA2A-4F5D-9CBB-767C6208B50B}] => (Allow) D:\Entertainment f\Steam\bin\steamwebhelper.exe
FirewallRules: [{79C439E6-17AB-492C-9793-A84399D4D2D7}] => (Allow) D:\Entertainment f\Steam\bin\steamwebhelper.exe
FirewallRules: [{B4836852-425D-4837-A855-FC38A0881EF9}] => (Allow) D:\Entertainment f\Steam\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{9D4B7EC5-3107-4185-8AE3-A9B5DF23495F}] => (Allow) D:\Entertainment f\Steam\steamapps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{37C6A5B1-1A7A-4551-A7C7-D94A4EBB4A03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{13FB4551-4DA9-4D6E-A2AC-F4392D8CD042}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F94F68A-47CD-4A38-8760-B4280CACEAB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D910D71C-153B-4104-AE91-CEC795CEF53C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0B98364-FA4D-48EA-8E26-F671AADF5205}] => (Allow) D:\Entertainment f\Steam\steamapps\common\Wing IDE 5\bin\wing.exe
FirewallRules: [{2B9E1B67-379F-4E77-BC08-C56D51FE1D9F}] => (Allow) D:\Entertainment f\Steam\steamapps\common\Wing IDE 5\bin\wing.exe
FirewallRules: [{DDB1F706-5674-4F31-8EC2-973FE094B294}] => (Allow) D:\Entertainment f\Steam\steamapps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{7CCB1495-2E4C-4074-98F7-CD89EA533C04}] => (Allow) D:\Entertainment f\Steam\steamapps\common\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{0156EE3C-92A1-4961-B777-6ED7BD62A7F5}D:\entertainment f\eve\launcher\loglite.exe] => (Allow) D:\entertainment f\eve\launcher\loglite.exe
FirewallRules: [UDP Query User{63DCFBB0-8C8C-4921-8382-F105DC5A85D1}D:\entertainment f\eve\launcher\loglite.exe] => (Allow) D:\entertainment f\eve\launcher\loglite.exe
FirewallRules: [TCP Query User{C600C21B-B223-4022-B875-550A448A5569}D:\entertainment f\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{79E65A9D-AAF8-4F59-867E-559D6B4B9DCF}D:\entertainment f\eve\sharedcache\tq\bin\exefile.exe] => (Allow) D:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{AB08AF6A-3298-4358-BE75-417C8BF4A3B1}] => (Allow) E:\Entertainment f\Steam\Steam.exe
FirewallRules: [{FED7AE22-2FC0-4C3D-8012-D44179B59BC6}] => (Allow) E:\Entertainment f\Steam\Steam.exe
FirewallRules: [{1E0FFBDD-BEC7-4729-880D-466423361648}] => (Allow) E:\Entertainment f\Steam\bin\steamwebhelper.exe
FirewallRules: [{B729450D-139E-4793-859D-8FD708A510B0}] => (Allow) E:\Entertainment f\Steam\bin\steamwebhelper.exe
FirewallRules: [{53D33921-A0FF-4FED-BBDE-5B186BEB6C4A}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{A043A91E-CA1C-4F81-8434-2CE50402CD15}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{A39D269A-AFD4-4A8D-93DD-4A6FBC76DB8E}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{A6BDBEE9-D7F0-49D3-8DDC-A2D5ADBAB962}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{BFE92DBF-E22F-4247-B80B-9C9CFA747710}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [{5D7B0ED3-0858-4A12-841F-C63180F3D6D5}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe
FirewallRules: [TCP Query User{1CF17AF6-4264-4DB1-911C-3B2CD5AC81EC}E:\entertainment f\eve\launcher\loglite.exe] => (Allow) E:\entertainment f\eve\launcher\loglite.exe
FirewallRules: [UDP Query User{AE95073E-8848-4072-8D5A-3CDABCA895BD}E:\entertainment f\eve\launcher\loglite.exe] => (Allow) E:\entertainment f\eve\launcher\loglite.exe
FirewallRules: [TCP Query User{1FDAB3C6-5891-4833-A78A-DB025AFC2074}E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{9D1454CA-5F69-4CF4-86BA-FE400ACC04D4}E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{5E391CEA-66F2-4272-90A3-587DB490F029}] => (Block) E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [{178AEA55-62CC-41EF-8F98-432839B98DBA}] => (Block) E:\entertainment f\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{5774B2F3-2124-42FD-8C96-652B52EA8290}E:\entertainment f\blizzard\overwatch\overwatch.exe] => (Allow) E:\entertainment f\blizzard\overwatch\overwatch.exe
FirewallRules: [UDP Query User{8451EAC6-3F67-4033-A21C-BB0525B1DF15}E:\entertainment f\blizzard\overwatch\overwatch.exe] => (Allow) E:\entertainment f\blizzard\overwatch\overwatch.exe
FirewallRules: [{D9FF4ABA-6358-478D-A45A-0870DCB15ABC}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{0EAC20B6-6DE6-4E10-8022-13F2F5D87000}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Wing IDE 5\bin\wing.exe
FirewallRules: [{D99FE428-06E1-48E5-A156-9E91799B62C9}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Wing IDE 5\bin\wing.exe
FirewallRules: [{1AE6816F-1016-4CD1-8631-9377EC749A74}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{F5B3AA01-4237-4359-819C-9211A93254AC}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{4367DAA9-D060-4767-8EB0-A809CD415525}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{09947848-C83D-4B47-A89F-40EF0ADCA6FD}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{D07F155B-A2FF-4AFE-B847-7F5802433525}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{E72B3282-A7B5-46BB-8491-0A44F0E22292}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F64324F2-6D82-492A-9CB7-47035E245B49}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DF175D52-748C-4109-A902-9206636349B5}] => (Allow) E:\Entertainment f\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{2FF10D22-65AE-498D-AD18-AE435E6329E6}] => (Allow) E:\Entertainment f\Steam\steamapps\common\The Forest\TheForestVR.exe
FirewallRules: [{EBD72A17-0277-4E9F-A7C8-537B5C137B71}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DARK SOULS REMASTERED\DarkSoulsRemastered.exe
FirewallRules: [{EF31DC57-9757-423D-914C-240440BFA7EC}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DARK SOULS REMASTERED\DarkSoulsRemastered.exe
FirewallRules: [{21C304C4-5B5B-4CCB-8222-B7BCF3D55FCD}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{CF059BD8-F051-4CE3-928B-C8D08E5B3628}] => (Allow) E:\Entertainment f\Steam\steamapps\common\DDDA\DDDA.exe
FirewallRules: [{C42CCFC8-851B-4520-B868-8047B5EA5929}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{C55426AB-9ED7-4BA9-9282-3313061525C2}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{2D1D455D-6FD3-425A-B3CB-F4F3E3FC0774}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{EF315944-EEB4-4BB9-8529-FA602EF9ECA9}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{961B9EFF-7FEB-40FB-835C-9CA19C5B875F}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D6FB5AC5-3AD4-4E40-9950-0D187E089D52}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{6E50F69F-2452-4B38-9ADB-3AAB826A66EA}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{B07F992D-62D4-47B4-9EE1-232B1A0DEB2C}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{DDD78FC2-E2D9-4EE5-95B3-33D2EEEF55D2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{0E91C901-2964-4B61-B024-53F5F3282B9A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7DF2CACE-D731-4544-B65F-195ED8598A42}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FBBE3E86-0ACC-473C-BD0D-CCB935023E56}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{631E2BBA-F0F8-413E-A22F-B65021F10B2F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{223D4270-F41B-4E16-A1B7-69AD1544D3CC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{A22D20E0-28C5-4C92-A20D-133656834C33}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{78EC36F6-028E-45D8-96A4-435B6655513D}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe
FirewallRules: [{CBFACC51-FB48-4891-8029-8DC541755F64}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{B2A074BC-8CD3-492A-B902-26C6F113C0C3}] => (Allow) E:\Entertainment f\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{6AB72558-A9DD-47F9-A048-56932DBAA831}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2B7A276C-7D5D-4F25-853D-BAFA2FBD6A0E}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{A506EA04-BBA0-40B2-A166-D889394B256D}] => (Allow) E:\Entertainment f\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{695DA4B6-1982-407A-A78E-9587D1FBAAC5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2258025F-8112-44B2-9EEA-DDDAB6761C4D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B088839C-D449-44D1-91B0-2BE3C0918509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

11-07-2018 20:09:28 Windows Update
20-07-2018 20:47:33 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2018 07:23:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program soffice.bin version 6.0.3.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 6694

Start Time: 01d421489906984b

Termination Time: 8

Application Path: C:\Program Files\LibreOffice\program\soffice.bin

Report Id: f215e3f1-e183-4290-befc-1641c479090d

Faulting package full name:

Faulting package-relative application ID:

Error: (07/21/2018 09:09:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DarkSoulsIII.exe version 1.15.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2f10

Start Time: 01d420f4035f54cd

Termination Time: 3

Application Path: E:\Entertainment f\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe

Report Id: f02a719e-2f40-4da5-b6aa-2a446a8259b7

Faulting package full name:

Faulting package-relative application ID:

Error: (07/20/2018 09:42:42 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: The COM+ Event System could not marshal the subscriber for subscription {B5F7797E-3FA5-4C3F-9CBE-2EDADB31B191}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.  The HRESULT was 8007071a.

Error: (07/18/2018 10:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1812

Error: (07/18/2018 10:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1812

Error: (07/18/2018 10:03:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2018 08:33:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DarkSoulsIII.exe version 1.15.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 45f4

Start Time: 01d41ef80e9c1a25

Termination Time: 8

Application Path: E:\Entertainment f\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe

Report Id: 8250df94-a8d8-4b3b-a3df-6b2565383e05

Faulting package full name:

Faulting package-relative application ID:

Error: (07/18/2018 08:53:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1782


System errors:
=============
Error: (07/21/2018 07:27:18 PM) (Source: DCOM) (EventID: 10010) (User: J-ASUS-LAPTOP)
Description: The server {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} did not register with DCOM within the required timeout.

Error: (07/21/2018 04:59:14 PM) (Source: DCOM) (EventID: 10016) (User: J-ASUS-LAPTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user J-ASUS-LAPTOP\User SID (S-1-5-21-2734777235-2699382002-2112644930-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/21/2018 02:51:04 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel® Dual Band Wireless-AC 7265 : Has encountered an internal error and has failed.
5005 - Driver internal error

Error: (07/21/2018 02:51:04 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel® Dual Band Wireless-AC 7265 : Has encountered an internal error and has failed.
5005 - Driver internal error

Error: (07/21/2018 02:51:04 PM) (Source: Netwtw04) (EventID: 5035) (User: )
Description: 5035 - Driver OSC Pending OID watchdog

Error: (07/21/2018 02:49:23 PM) (Source: DCOM) (EventID: 10016) (User: J-ASUS-LAPTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user J-ASUS-LAPTOP\User SID (S-1-5-21-2734777235-2699382002-2112644930-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/21/2018 01:41:54 PM) (Source: DCOM) (EventID: 10016) (User: J-ASUS-LAPTOP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user J-ASUS-LAPTOP\User SID (S-1-5-21-2734777235-2699382002-2112644930-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/21/2018 12:48:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-07-20 21:42:44.682
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B7607822-4ACD-4A67-A966-D260DE986765}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-20 20:53:34.832
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AAC9C69C-1381-4787-AC2C-5680B8621281}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-19 18:48:58.080
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EE059AFE-5436-48ED-A839-B5441FE5EEE3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-15 08:41:05.940
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {105C4812-2F64-4BB8-ACE8-028D97A4D191}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-15 08:35:54.968
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6197D847-0F07-4CD6-8968-A87F8B633EF7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-05 06:04:02.572
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.615.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2018-07-21 19:10:38.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.449
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.433
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.429
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-21 19:10:38.396
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 31%
Total physical RAM: 32706.57 MB
Available physical RAM: 22529 MB
Total Virtual: 37570.57 MB
Available Virtual: 26641.58 MB

==================== Drives ================================

Drive c: (SSD 250 GB) (Fixed) (Total:237.09 GB) (Free:56.91 GB) NTFS
Drive e: (HD Int 2 TB) (Fixed) (Total:1863.02 GB) (Free:1204.11 GB) NTFS
Drive f: (J64_TRAVEL) (Removable) (Total:59.61 GB) (Free:43.23 GB) FAT32

\\?\Volume{0721b1e6-d64f-445a-904e-261c79e22511}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{b67684c0-abc7-456b-a987-546b741d6be3}\ () (Fixed) (Total:0.83 GB) (Free:0.33 GB) NTFS
\\?\Volume{59da37a8-366d-4fe1-b1bf-139b55a09833}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{440985a3-242b-11e6-a6ed-185e0fe9e994}\ (Remote-Drive1) (Removable) (Total:5.5 GB) (Free:2.63 GB) FAT32
\\?\Volume{440985a4-242b-11e6-a6ed-185e0fe9e994}\ (Remote-Drive) (Removable) (Total:5.5 GB) (Free:2.63 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 1C80C393)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 59.6 GB) (Disk ID: D1B6CBF5)
Partition 1: (Not Active) - (Size=59.6 GB) - (Type=0C)

==================== End of Addition.txt ============================



#5 jammalg

jammalg
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 21 July 2018 - 06:47 PM

NOTE: Drive F - I should have removed that prior to running the scans but didn't see it. If you'd like me to re-run them  just let me know.



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,695 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:27 AM

Posted 22 July 2018 - 08:45 AM

Hi Jim.

I am happy to report your computer is clean. As it pertains to the current state of your computer, I see no reason why the suspicious activity woud be related to your system.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 jammalg

jammalg
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 23 July 2018 - 05:09 AM

ok then. Thanks Gary.

 

Do you have any suggestions about what might be going on then?

Someone asked Amazon for a key to get into my account via my email.

They got in and changed my password and started issuing reviews.

 

Thanks Again.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,695 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:27 AM

Posted 23 July 2018 - 06:52 AM

Unfortunately I don't have an answer for you. One of the ways to gain access to your personal information (passwords) is by means of a Backdoor Trojan but I do not see any evidence of that.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 jammalg

jammalg
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 24 July 2018 - 06:05 AM

OK - Thanks again for your help

Please consider this closed.
 
Jim
 
 

Edited by jammalg, 24 July 2018 - 06:05 AM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,695 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:27 AM

Posted 24 July 2018 - 08:19 AM

:thumbsup2:
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,695 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:27 AM

Posted 24 July 2018 - 08:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users