Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Farbar scan for safety4browser virus (killed malwarebytes)


  • This topic is locked This topic is locked
5 replies to this topic

#1 Philip_B

Philip_B

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 03 August 2018 - 04:42 PM

Hi I sure hope you can help me

 

I think it is called cse.google safety4browser.com it has rendered malwarebytes inoperable

 

edgedeflector

 

 

any help would be most appreciated.

 

thank you

Philip


Edited by Philip_B, 03 August 2018 - 04:43 PM.


BC AdBot (Login to Remove)

 


#2 Philip_B

Philip_B
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 03 August 2018 - 05:01 PM

Hi I got this virus called safety4browser it killed Malwarebyte

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Philip (administrator) on PHILIP-PC (03-08-2018 14:48:13)
Running from G:\
Loaded Profiles: Philip (Available Profiles: Philip)
Platform: Windows 10 Home Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Windows\Mobile_Series_Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avision) C:\Program Files (x86)\Brother\Button Manager\moon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\dmiface.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\odscanui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-25] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [QBWinClient] => C:\ProgramData\SquirrelMachineInstalls\QBWinClient.exe [40940296 2016-06-20] (Intuit Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Button Manager moon] => C:\Program Files (x86)\Brother\Button Manager\moon.exe [1819648 2015-11-02] (Avision)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe [1231240 2016-11-13] (Ruiware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-11-18]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-04-16]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-04-16]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-04-16]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81a32bc7-6cd1-46b4-847a-f08657a1498d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f7ad7f5c-39f4-4982-a0a1-957ea88d000c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1862036936-1806997627-3412976369-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1862036936-1806997627-3412976369-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-05-24] (Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2018-04-27] (Intuit, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\System32\mscoree.dll [2018-04-11] (Microsoft Corporation)

Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [2018-04-11]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [2018-04-11]

FireFox:
========
FF DefaultProfile: kzv36byk.default
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default [2018-08-03]
FF Homepage: Mozilla\Firefox\Profiles\kzv36byk.default -> file:///D:/Documents/PhilipBaldwinHomePage.html
FF Session Restore: Mozilla\Firefox\Profiles\kzv36byk.default -> is enabled.
FF Extension: (Bing-Google) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\@Bing-Google.xpi [2018-07-31] [Legacy]
FF Extension: (Flash Video Downloader) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-07-31]
FF Extension: (Cookie AutoDelete) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-07-31]
FF Extension: (Disable HTML5 Autoplay) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\disable-html5-autoplay@afnankhan.xpi [2018-07-31]
FF Extension: (Firebug) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\firebug@software.joehewitt.com.xpi [2018-07-31] [Legacy]
FF Extension: (HTML Content Blocker) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\jid1-p8wT8wUxc4KaJo@jetpack.xpi [2018-07-31]
FF Extension: (Nimbus Screen Capture: Screenshots, Annotate) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2018-07-31]
FF Extension: (Google Translator for Firefox) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\translator@zoli.bod.xpi [2018-07-31]
FF Extension: (Download with Free Download Manager (FDM)) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\{1fb1ffdc-b95d-451e-be52-7303adf9a0d3}.xpi [2018-07-31]
FF Extension: (openwpdf) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\{2582ab30-4fca-475f-88d0-c1a9b9ed978f}.xpi [2018-07-31]
FF Extension: (Native HLS Playback) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\{478a6f63-10b3-41e4-8216-ec5e7b3486fc}.xpi [2018-07-31]
FF Extension: (Password Exporter) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-07-31] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\kzv36byk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-31]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-11-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF Extension: (No Name) - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff [2017-09-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2018-07-06] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-20] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1862036936-1806997627-3412976369-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Philip\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-18] (Citrix Online)

Chrome:
=======
CHR HomePage: Default -> file:///D:/Documents/PhilipBaldwinHomePage.html
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2018-08-03]
CHR Extension: (Slides) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Free Download Manager) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2018-08-02]
CHR Extension: (Flash Video Downloader) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-24]
CHR Extension: (Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-18]
CHR Extension: (DuckDuckGo) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2018-07-31]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-18]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-21]
CHR Extension: (Mailto: for Gmail™) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2017-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-11]
CHR Extension: (Disable HTML5 Autoplay) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efdhoaajjjgckpbkoglidkeendpkolai [2017-11-05]
CHR Extension: (MailChimp) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe [2017-10-27]
CHR Extension: (Google Calendar) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-10-27]
CHR Extension: (Native HLS Playback) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnphkkblegpebimobpbekeedfgemhof [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Bitdefender Wallet) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-18]
CHR Extension: (AdBlock) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-31]
CHR Extension: (Skip Redirect) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafjdoijdconemdmodhbfpianehlon [2018-05-24]
CHR Extension: (Video Autoplay Blocker by Robert Sulkowski) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhablkjeghmeinlfgecddpgcopnljpm [2018-01-21]
CHR Extension: (Google Maps) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-10-27]
CHR Extension: (Save to Pocket) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-07-02]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2017-10-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Adobe HDS / HLS Video Saver) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pibndofbpkoaipoidbkephfhhnapkccn [2018-04-02]
CHR Extension: (Gmail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Agent; C:\WINDOWS\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed]
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [105936 2018-05-08] (Bitdefender)
R2 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe [3173568 2018-06-07] (Condusiv Technologies)
U3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 Mobile_Series; C:\Windows\Mobile_Series_Service.exe [32768 2015-02-12] () [File not signed]
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [26624 2015-07-14] (The Neat Company) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2018-02-15] (Intuit Inc.) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [112712 2018-05-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1001072 2018-05-24] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [522624 2018-05-24] (Bitdefender)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1177008 2018-05-24] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-24] (BitDefender)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54048 2015-09-09] (Broadcom Corporation.)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-24] (Bitdefender)
R1 BdfNdisf; C:\Windows\System32\DriverStore\FileRepository\netlwf.inf_amd64_80a1c8a8a302ae1c\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [130840 2018-05-24] (BitDefender LLC)
R2 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45104 2018-05-24] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-24] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 DKDFM; C:\WINDOWS\System32\drivers\DKDFM.sys [57512 2018-01-18] (Condusiv Technologies)
R3 DKRtWrt; C:\WINDOWS\system32\drivers\DKRtWrt.sys [48792 2016-01-28] (Condusiv Technologies)
R0 DKTLFSMF; C:\WINDOWS\System32\drivers\DKTLFSMF.sys [135872 2017-11-02] (Condusiv Technologies)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-11-26] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-11-26] (Windows ® Win 7 DDK provider)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-07-31] (Malwarebytes)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [189544 2018-05-24] (BitDefender LLC)
R0 ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-24] (Bitdefender)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-07-31] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-07-31] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-07-31] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-31] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-08-02] (Malwarebytes)
R2 NEWDRIVER; C:\WINDOWS\SysWow64\WinVDEdrv6.sys [197648 2016-12-31] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RTL8023x64; C:\WINDOWS\System32\drivers\Rtnic64.sys [51712 2018-04-11] (Realtek Semiconductor Corporation )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5707264 2018-04-11] (Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 tcefs; C:\WINDOWS\system32\drivers\tcefs.sys [26776 2015-08-18] (Condusiv Technologies Corporation)
R0 tcesd; C:\WINDOWS\System32\drivers\tcesd.sys [238280 2017-09-29] (Condusiv Technologies Corporation)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-03 13:53 - 2018-08-03 13:53 - 005659639 _____ (Swearware) C:\Users\Philip\Downloads\ComboFix.exe
2018-08-02 17:53 - 2018-08-02 17:53 - 000002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-08-02 17:53 - 2018-08-02 17:53 - 000002278 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-02 17:53 - 2018-08-02 17:53 - 000000000 ____D C:\Program Files\Google
2018-08-02 12:51 - 2018-08-02 12:51 - 012771778 _____ C:\Users\Philip\Downloads\NCH-Newsletter-Spring-2018.pdf
2018-07-31 20:55 - 2018-07-31 20:55 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-07-31 19:50 - 2018-08-02 07:18 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-07-31 19:50 - 2018-07-31 20:55 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-07-31 19:50 - 2018-07-31 20:53 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-07-31 19:49 - 2018-07-31 20:53 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-31 19:49 - 2018-07-31 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-31 18:05 - 2018-07-31 18:05 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-31 18:05 - 2018-07-31 18:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-31 18:05 - 2018-07-31 18:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-27 13:52 - 2018-07-27 13:52 - 000044620 _____ C:\Users\Philip\Downloads\viewer.shtml
2018-07-26 15:50 - 2018-07-26 15:50 - 000002890 _____ C:\WINDOWS\System32\Tasks\FreeDownloadManagerNetworkMonitor
2018-07-21 14:09 - 2018-07-21 14:09 - 000089589 _____ C:\Users\Philip\Desktop\invoice 93.pdf
2018-07-20 08:56 - 2018-07-20 08:56 - 000000039 _____ C:\Users\Philip\Desktop\Rachel@msnbc.com.txt
2018-07-20 08:32 - 2018-07-20 08:32 - 000004568 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-19 13:03 - 2018-07-19 13:03 - 000000000 ____D C:\Users\Philip\AppData\Local\com.mybrowseraddon.node
2018-07-18 22:09 - 2018-07-18 22:09 - 000000000 ____D C:\Users\Philip\AppData\Roaming\Condusiv_Technologies
2018-07-18 22:09 - 2018-07-18 22:09 - 000000000 ____D C:\Users\Philip\AppData\Local\Condusiv_Technologies
2018-07-18 14:12 - 2018-07-18 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Condusiv Technologies
2018-07-18 14:12 - 2018-07-18 14:12 - 000000000 ____D C:\Program Files\Common Files\Diskeeper Corporation
2018-07-17 11:45 - 2018-07-17 11:45 - 000009812 _____ C:\Users\Philip\Desktop\NVS Check questions June 18.xlsx
2018-07-17 08:50 - 2018-07-17 11:44 - 000000335 _____ C:\Users\Philip\Desktop\NVS Check questions June 18.txt
2018-07-16 08:51 - 2018-07-16 08:51 - 000068012 _____ C:\Users\Philip\Downloads\doc_20180702144928.pdf
2018-07-16 08:44 - 2018-07-16 08:44 - 000440637 _____ C:\Users\Philip\Downloads\nvslrentchecks.zip
2018-07-15 17:21 - 2018-07-15 17:21 - 000088390 _____ C:\Users\Philip\Desktop\Canna Salve.pdf
2018-07-12 18:23 - 2018-07-12 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate File Finder
2018-07-12 18:23 - 2018-07-12 18:23 - 000000000 ____D C:\Program Files (x86)\Duplicate File Finder
2018-07-12 08:09 - 2018-07-12 08:09 - 000000969 _____ C:\Users\Philip\Desktop\Documents - Shortcut.lnk
2018-07-12 08:08 - 2018-07-12 08:08 - 000001236 _____ C:\Users\Philip\Desktop\NVS - Shortcut.lnk
2018-07-12 08:02 - 2018-07-12 08:05 - 000001904 _____ C:\Users\Philip\Desktop\NVQB - Shortcut.lnk
2018-07-11 17:06 - 2018-07-30 21:11 - 000000914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-07-11 09:48 - 2018-07-06 06:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 09:48 - 2018-07-06 06:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 09:48 - 2018-07-06 04:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-11 09:48 - 2018-07-06 04:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 09:48 - 2018-07-06 00:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-11 09:48 - 2018-07-06 00:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-11 09:48 - 2018-07-06 00:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-11 09:48 - 2018-07-06 00:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 09:48 - 2018-07-06 00:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 09:48 - 2018-07-06 00:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 09:48 - 2018-07-06 00:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 09:48 - 2018-07-06 00:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 09:48 - 2018-07-06 00:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 09:48 - 2018-07-06 00:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 09:48 - 2018-07-05 23:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 09:48 - 2018-07-05 23:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-11 09:48 - 2018-07-05 23:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-11 09:48 - 2018-07-05 23:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 09:48 - 2018-07-05 23:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 09:48 - 2018-07-05 23:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 09:48 - 2018-07-05 23:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 09:48 - 2018-07-05 23:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 09:48 - 2018-07-05 23:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 09:48 - 2018-06-15 10:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-11 09:48 - 2018-06-15 10:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-11 09:48 - 2018-06-15 10:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-11 09:48 - 2018-06-15 10:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-11 09:48 - 2018-06-15 10:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-11 09:48 - 2018-06-15 10:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-11 09:48 - 2018-06-15 08:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-11 09:48 - 2018-06-15 08:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-11 09:48 - 2018-06-15 08:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-11 09:48 - 2018-06-15 08:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-11 09:48 - 2018-06-15 08:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-11 09:48 - 2018-06-14 22:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-11 09:48 - 2018-06-14 22:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-11 09:48 - 2018-06-14 22:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-11 09:48 - 2018-06-14 22:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-11 09:48 - 2018-06-14 22:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-11 09:48 - 2018-06-14 22:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-11 09:48 - 2018-06-14 22:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-11 09:48 - 2018-06-14 22:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-11 09:48 - 2018-06-14 22:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-11 09:48 - 2018-06-14 22:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-11 09:48 - 2018-06-14 22:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-11 09:48 - 2018-06-14 21:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-11 09:48 - 2018-06-14 21:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-11 09:48 - 2018-06-14 21:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-11 09:48 - 2018-06-14 21:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-11 09:48 - 2018-06-14 21:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-11 09:48 - 2018-06-14 21:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-11 09:48 - 2018-06-14 21:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-11 09:48 - 2018-06-14 21:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-11 09:48 - 2018-06-14 21:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-11 09:48 - 2018-05-20 04:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-11 09:48 - 2018-05-20 04:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-11 09:47 - 2018-07-06 07:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 09:47 - 2018-07-06 07:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 09:47 - 2018-07-06 07:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 09:47 - 2018-07-06 07:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 09:47 - 2018-07-06 07:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 09:47 - 2018-07-06 07:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 09:47 - 2018-07-06 06:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 09:47 - 2018-07-06 06:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 09:47 - 2018-07-06 06:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 09:47 - 2018-07-06 06:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 09:47 - 2018-07-06 06:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 09:47 - 2018-07-06 06:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 09:47 - 2018-07-06 06:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-11 09:47 - 2018-07-06 06:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 09:47 - 2018-07-06 06:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-11 09:47 - 2018-07-06 06:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 09:47 - 2018-07-06 06:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 09:47 - 2018-07-06 05:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 09:47 - 2018-07-06 04:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 09:47 - 2018-07-06 04:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 09:47 - 2018-07-06 04:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 09:47 - 2018-07-06 04:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 09:47 - 2018-07-06 04:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 09:47 - 2018-07-06 04:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 09:47 - 2018-07-06 04:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 09:47 - 2018-07-06 04:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 09:47 - 2018-07-06 04:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 09:47 - 2018-07-06 04:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-11 09:47 - 2018-07-06 00:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 09:47 - 2018-07-06 00:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 09:47 - 2018-07-06 00:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 09:47 - 2018-07-06 00:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-11 09:47 - 2018-07-06 00:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-11 09:47 - 2018-07-06 00:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-11 09:47 - 2018-07-06 00:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-11 09:47 - 2018-07-06 00:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-11 09:47 - 2018-07-06 00:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-11 09:47 - 2018-07-06 00:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 09:47 - 2018-07-06 00:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-11 09:47 - 2018-07-06 00:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 09:47 - 2018-07-06 00:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 09:47 - 2018-07-06 00:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-11 09:47 - 2018-07-06 00:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 09:47 - 2018-07-06 00:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 09:47 - 2018-07-06 00:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 09:47 - 2018-07-06 00:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 09:47 - 2018-07-06 00:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 09:47 - 2018-07-06 00:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 09:47 - 2018-07-06 00:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 09:47 - 2018-07-06 00:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 09:47 - 2018-07-06 00:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 09:47 - 2018-07-06 00:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 09:47 - 2018-07-06 00:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 09:47 - 2018-07-06 00:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 09:47 - 2018-07-06 00:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 09:47 - 2018-07-06 00:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 09:47 - 2018-07-06 00:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 09:47 - 2018-07-06 00:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 09:47 - 2018-07-06 00:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 09:47 - 2018-07-06 00:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 09:47 - 2018-07-05 23:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 09:47 - 2018-07-05 23:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 09:47 - 2018-07-05 23:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 09:47 - 2018-07-05 23:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-11 09:47 - 2018-07-05 23:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 09:47 - 2018-07-05 23:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 09:47 - 2018-07-05 23:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 09:47 - 2018-07-05 23:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 09:47 - 2018-07-05 23:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 09:47 - 2018-07-05 23:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 09:47 - 2018-07-05 23:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 09:47 - 2018-07-05 22:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-11 09:47 - 2018-06-28 21:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-11 09:47 - 2018-06-15 10:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-11 09:47 - 2018-06-15 10:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-11 09:47 - 2018-06-15 10:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-11 09:47 - 2018-06-15 10:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-11 09:47 - 2018-06-15 10:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-11 09:47 - 2018-06-15 10:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-11 09:47 - 2018-06-15 10:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-11 09:47 - 2018-06-15 10:35 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PJLMON.DLL
2018-07-11 09:47 - 2018-06-15 10:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-11 09:47 - 2018-06-15 10:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-11 09:47 - 2018-06-15 10:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-11 09:47 - 2018-06-15 10:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-11 09:47 - 2018-06-15 10:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-11 09:47 - 2018-06-15 10:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-11 09:47 - 2018-06-15 10:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-11 09:47 - 2018-06-15 10:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-11 09:47 - 2018-06-15 10:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-11 09:47 - 2018-06-15 10:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-11 09:47 - 2018-06-15 10:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-11 09:47 - 2018-06-15 10:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-11 09:47 - 2018-06-15 10:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-11 09:47 - 2018-06-15 10:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-11 09:47 - 2018-06-15 10:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-11 09:47 - 2018-06-15 10:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-11 09:47 - 2018-06-15 10:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-11 09:47 - 2018-06-15 10:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-11 09:47 - 2018-06-15 10:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-11 09:47 - 2018-06-15 08:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-11 09:47 - 2018-06-15 08:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-11 09:47 - 2018-06-15 08:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-11 09:47 - 2018-06-15 08:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-11 09:47 - 2018-06-15 08:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-11 09:47 - 2018-06-15 08:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-11 09:47 - 2018-06-15 08:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-11 09:47 - 2018-06-15 08:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-11 09:47 - 2018-06-15 06:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-11 09:47 - 2018-06-15 00:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-11 09:47 - 2018-06-15 00:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-11 09:47 - 2018-06-15 00:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-11 09:47 - 2018-06-14 22:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-11 09:47 - 2018-06-14 22:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-11 09:47 - 2018-06-14 22:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-11 09:47 - 2018-06-14 22:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-11 09:47 - 2018-06-14 22:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-11 09:47 - 2018-06-14 22:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-11 09:47 - 2018-06-14 22:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-11 09:47 - 2018-06-14 22:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-11 09:47 - 2018-06-14 22:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-11 09:47 - 2018-06-14 22:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-11 09:47 - 2018-06-14 22:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-11 09:47 - 2018-06-14 22:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-11 09:47 - 2018-06-14 22:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-11 09:47 - 2018-06-14 22:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-11 09:47 - 2018-06-14 22:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-11 09:47 - 2018-06-14 22:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-11 09:47 - 2018-06-14 22:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-11 09:47 - 2018-06-14 22:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-11 09:47 - 2018-06-14 22:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-11 09:47 - 2018-06-14 22:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-11 09:47 - 2018-06-14 22:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-11 09:47 - 2018-06-14 22:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-11 09:47 - 2018-06-14 22:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-11 09:47 - 2018-06-14 22:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-11 09:47 - 2018-06-14 22:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-11 09:47 - 2018-06-14 22:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-11 09:47 - 2018-06-14 22:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-11 09:47 - 2018-06-14 22:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-11 09:47 - 2018-06-14 22:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-11 09:47 - 2018-06-14 22:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-11 09:47 - 2018-06-14 22:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-11 09:47 - 2018-06-14 22:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-11 09:47 - 2018-06-14 22:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-11 09:47 - 2018-06-14 22:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-11 09:47 - 2018-06-14 22:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-11 09:47 - 2018-06-14 22:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-11 09:47 - 2018-06-14 22:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-11 09:47 - 2018-06-14 22:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-11 09:47 - 2018-06-14 22:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-11 09:47 - 2018-06-14 21:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-11 09:47 - 2018-06-14 21:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-11 09:47 - 2018-06-14 21:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-11 09:47 - 2018-06-14 21:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-11 09:47 - 2018-06-14 21:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-11 09:47 - 2018-06-14 21:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-11 09:47 - 2018-06-14 21:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-11 09:47 - 2018-06-14 21:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-11 09:47 - 2018-06-14 21:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-11 09:47 - 2018-06-14 21:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-11 09:47 - 2018-06-14 21:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-11 09:47 - 2018-06-14 21:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-11 09:47 - 2018-06-14 21:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-11 09:47 - 2018-06-14 21:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-11 09:47 - 2018-06-14 21:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-11 09:47 - 2018-06-14 21:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-11 09:47 - 2018-06-14 21:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-11 09:47 - 2018-06-14 21:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-11 09:47 - 2018-06-14 21:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-11 09:47 - 2018-06-14 21:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-11 09:47 - 2018-06-14 21:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-11 09:47 - 2018-06-14 21:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-11 09:47 - 2018-06-14 21:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-11 09:47 - 2018-06-14 21:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-11 09:47 - 2018-06-14 21:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-11 09:47 - 2018-06-14 21:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-11 09:47 - 2018-06-14 21:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-11 09:47 - 2018-06-14 21:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-11 09:47 - 2018-06-14 21:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-11 09:47 - 2018-06-14 21:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-11 09:47 - 2018-06-14 21:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-11 09:47 - 2018-06-14 21:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-11 09:47 - 2018-05-31 22:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-10 12:24 - 2018-07-10 12:24 - 000056339 _____ C:\Users\Philip\Desktop\2q-invoice-2018.pdf
2018-07-08 23:03 - 2018-07-08 23:03 - 010375087 _____ C:\Users\Philip\Downloads\Book-of-Inspiration.pdf
2018-07-08 12:01 - 2018-07-08 12:01 - 000054921 _____ C:\Users\Philip\Downloads\mazatlantoday_net_history_of_mazatlan_sinaloa_mexico_html.pdf
2018-07-08 09:50 - 2018-07-08 09:51 - 010379146 _____ C:\Users\Philip\Downloads\the-book-of-inspiration3.pdf
2018-07-06 09:55 - 2018-07-06 09:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2018-07-06 09:55 - 2018-07-06 09:55 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2018-07-06 09:55 - 2018-07-06 09:55 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2018-07-04 14:33 - 2018-07-04 14:33 - 000209839 _____ C:\Users\Philip\Downloads\greatist_com_health_surprising_high_fiber_foods.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-03 14:48 - 2016-11-05 07:30 - 000000000 ____D C:\FRST
2018-08-03 14:47 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-03 14:47 - 2016-11-18 12:43 - 000000000 ____D C:\Users\Philip\AppData\LocalLow\Mozilla
2018-08-03 14:23 - 2018-02-17 21:06 - 000000000 ____D C:\Program Files (x86)\EdgeDeflector
2018-08-03 13:49 - 2017-09-30 23:08 - 000000000 ____D C:\Users\Philip\AppData\Roaming\qBittorrent
2018-08-03 13:49 - 2016-11-28 08:30 - 000000000 ____D C:\Users\Philip\AppData\Roaming\uTorrent
2018-08-03 13:49 - 2016-11-27 08:26 - 000000000 ____D C:\Users\Philip\AppData\Local\Free Download Manager
2018-08-03 12:37 - 2017-01-17 10:28 - 000000000 ____D C:\Users\Philip\Desktop\pod
2018-08-03 12:25 - 2018-05-25 11:23 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-03 12:25 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-03 10:10 - 2018-04-11 14:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-08-03 08:06 - 2018-05-25 11:28 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{757F819D-6EF9-43C0-BF61-401C32905690}
2018-08-02 17:04 - 2017-06-28 09:55 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2018-08-02 17:03 - 2018-05-25 11:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-02 17:03 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-02 17:03 - 2018-04-11 14:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-02 17:03 - 2014-04-05 10:19 - 001281376 _____ C:\bdlog.txt
2018-08-02 15:42 - 2018-05-25 11:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-02 14:16 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-02 11:16 - 2018-02-09 08:12 - 000000000 ____D C:\Users\Philip\AppData\Roaming\Psiphon3
2018-08-02 07:22 - 2016-11-18 14:48 - 000609576 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2018-08-01 13:03 - 2018-06-19 11:02 - 000000000 ____D C:\ProgramData\Packages
2018-07-31 20:57 - 2014-04-05 11:24 - 000000000 ____D C:\Users\Philip\Desktop\Shortcuts
2018-07-31 20:53 - 2017-11-27 14:46 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-31 18:05 - 2016-11-18 12:43 - 000000000 ____D C:\Users\Philip\AppData\Roaming\Mozilla
2018-07-31 18:05 - 2016-11-18 12:43 - 000000000 ____D C:\Users\Philip\AppData\Local\Mozilla
2018-07-30 11:28 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-26 18:30 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-26 15:49 - 2016-11-27 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2018-07-24 18:18 - 2017-01-01 14:15 - 000000000 ____D C:\Users\Philip\AppData\Local\CrashDumps
2018-07-22 22:57 - 2018-06-27 10:48 - 000000481 _____ C:\Users\Philip\Desktop\Rebuild parts list.txt
2018-07-21 14:31 - 2016-11-28 19:13 - 000000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2018-07-20 08:32 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-20 08:32 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-20 08:32 - 2016-11-18 16:34 - 000000000 ____D C:\Users\Philip\AppData\Local\Adobe
2018-07-20 06:27 - 2018-05-25 11:28 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1862036936-1806997627-3412976369-1001
2018-07-20 06:27 - 2018-05-25 11:20 - 000002409 _____ C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-20 06:27 - 2015-11-21 13:49 - 000000000 ___RD C:\Users\Philip\OneDrive
2018-07-19 12:52 - 2014-04-06 15:40 - 000000000 ____D C:\Users\Philip\Downloads\Software
2018-07-19 09:39 - 2017-01-12 20:34 - 000000000 ____D C:\Users\Philip\AppData\Local\ElevatedDiagnostics
2018-07-18 14:12 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\Help
2018-07-18 14:12 - 2016-12-28 23:25 - 000000000 ____D C:\ProgramData\Condusiv Technologies
2018-07-18 14:12 - 2016-12-28 23:25 - 000000000 ____D C:\Program Files\Condusiv Technologies
2018-07-16 08:33 - 2018-03-22 20:33 - 000000000 ____D C:\Users\Philip\Desktop\NVS_Statements_invioces
2018-07-14 10:25 - 2018-05-25 11:28 - 000004590 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-07-12 18:23 - 2017-07-19 18:30 - 000000000 ____D C:\Users\Philip\AppData\Roaming\Ashisoft
2018-07-12 08:05 - 2016-11-18 21:30 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-07-12 08:05 - 2016-03-18 12:36 - 000000010 _____ C:\Users\Philip\versionId.txt
2018-07-12 08:04 - 2016-03-18 12:36 - 000000000 ____D C:\Users\Philip\Neat-Logs
2018-07-12 07:50 - 2017-07-25 18:58 - 000000000 ____D C:\Users\Philip\Downloads\Torrents
2018-07-12 07:50 - 2014-04-05 11:08 - 000000623 _____ C:\Users\Philip\Desktop\D-Storage.lnk
2018-07-11 22:46 - 2018-06-13 17:31 - 000000000 ____D C:\Users\Philip\AppData\Roaming\JAM Software
2018-07-11 13:37 - 2016-11-18 10:28 - 000000000 ____D C:\Users\Philip\AppData\Roaming\Adobe
2018-07-11 13:35 - 2016-11-19 15:40 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-11 12:01 - 2018-05-25 11:19 - 005083624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-11 12:01 - 2017-01-21 17:17 - 000000000 ___RD C:\Users\Philip\3D Objects
2018-07-11 12:01 - 2015-09-09 22:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-11 12:00 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-11 12:00 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-11 12:00 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-11 12:00 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-11 12:00 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 12:00 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-11 10:36 - 2016-11-18 16:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-07-11 10:36 - 2016-11-18 10:17 - 000000167 _____ C:\WINDOWS\win.ini
2018-07-11 09:56 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 09:56 - 2016-11-18 14:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 09:53 - 2016-11-18 14:23 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 09:51 - 2018-04-11 16:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-09 11:44 - 2018-01-21 16:20 - 000000000 ____D C:\Users\Philip\Desktop\Bank Of America Statements
2018-07-06 09:55 - 2016-11-18 16:33 - 000000000 ___HD C:\ProgramData\Adobe
2018-07-05 13:43 - 2016-03-18 12:39 - 000000000 ____D C:\Users\Philip\My Scans
2018-07-05 13:18 - 2016-03-18 12:39 - 000000000 ____D C:\Users\Philip\Neat-Helium-Metrics-Logs

==================== Files in the root of some directories =======

2018-02-10 18:22 - 2018-02-10 18:22 - 000002276 _____ () C:\Program Files (x86)\ContextEdit.lnk
2017-01-20 11:08 - 2017-01-27 17:41 - 000073856 _____ () C:\Program Files (x86)\LaserLink for 2016 Setup Log.txt
2018-02-09 08:07 - 2018-02-09 08:08 - 006714480 _____ () C:\Program Files (x86)\psiphon3.exe
2016-12-26 23:55 - 2016-12-26 23:55 - 000005120 _____ () C:\Program Files (x86)\SearchWithMyBrowser.exe
2016-12-29 00:16 - 2017-12-21 17:03 - 000007598 _____ () C:\Users\Philip\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-07-30 21:10 - 2018-07-30 21:10 - 004636416 _____ (Don HO don.h@free.fr) C:\Users\Philip\AppData\Local\Temp\npp.7.5.8.Installer.x64.exe
2018-07-26 15:17 - 2018-08-02 11:15 - 015940712 _____ () C:\Users\Philip\AppData\Local\Temp\psiphon-tunnel-core.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-25 11:19

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Philip (03-08-2018 14:49:19)
Running from G:\
Windows 10 Home Version 1803 17134.165 (X64) (2018-05-25 18:28:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1862036936-1806997627-3412976369-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1862036936-1806997627-3412976369-503 - Limited - Disabled)
Guest (S-1-5-21-1862036936-1806997627-3412976369-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1862036936-1806997627-3412976369-1028 - Limited - Enabled)
phanb (S-1-5-21-1862036936-1806997627-3412976369-1011 - Administrator - Enabled)
Philip (S-1-5-21-1862036936-1806997627-3412976369-1001 - Administrator - Enabled) => C:\Users\Philip
WDAGUtilityAccount (S-1-5-21-1862036936-1806997627-3412976369-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.22.1011 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
Button Manager V2 (HKLM-x32\...\{B898297A-AFF5-4F43-88E6-2C8247D8AA12}) (Version: 2.0.6 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{91FB7F70-259A-42F4-A576-E8E8E8E665AC}) (Version: 3.15.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{585A6A74-1DED-8DA0-32F1-F5EFA485DFB1}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A0649E20-C57C-DCFA-AE1B-1CE1CB9D98A8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{35F79A5D-00E2-8C19-D929-2E85DEA4252D}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{2CEBB6AA-EC39-DFF2-1F5B-9A98301C4DAB}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F05F0B6E-9999-55D0-C323-D06DF0E2B59F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CBABB5FD-BD69-8969-729A-5659E11D9518}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{98527BF3-A8E0-B8CF-7297-436B714FC576}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{D6CD1B25-53E6-C2F8-FA99-F89138A9C86F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{487C3865-3005-F04A-FBA4-F4239E02A847}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{D80AD200-548C-B62B-32AE-BF3CD7AA7EA2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D21BFF5C-51AA-4C15-1C91-6A1087FDC373}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{47F2FFDC-3D6A-CED6-0B54-6E7082D5B29B}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5608D1B6-6483-9FA3-7297-C2CFC3FCE747}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1FCA484A-5A9E-9C91-F050-257D1F311A0C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D8FB03AE-A326-0C12-AC47-B898FE73FA94}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F7876D2E-CDCD-CE53-0E88-995B57A94B58}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{746E086C-023A-A79C-DBE1-062E773FF6C8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{1C44BB26-1941-DB44-D5E8-C455F89EE6E6}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE7F26CB-6E91-7673-7130-80C36FBF13DE}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Digital Video Repair 3.4.0.0 (HKLM-x32\...\Digital VideoRepair_is1) (Version: 3.4.0.0 - Rising Research)
Diskeeper 18 (HKLM\...\{12DA5C22-06B1-4935-BAC6-E54386B00DE5}) (Version: 20.0.1286.64 - Condusiv Technologies)
DS-620 (HKLM-x32\...\{50126EED-D623-40AE-AD0D-B98FB36E4DA9}) (Version: 6.12.15310 - Brother Industries, Ltd.)
Duplicate File Finder (HKLM-x32\...\{E0EA718E-AAF4-4C78-AFB3-8A9C4D5ECECF}}_is1) (Version: 7.2.0.0 - Ashisoft)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.9.704 - Epubor Inc.)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.37.7258 - FreeDownloadManager.ORG)
FVD Downloader Module (HKLM-x32\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kobo (HKLM-x32\...\Kobo) (Version: 4.6.8458 - Rakuten Kobo Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
Neat (HKLM-x32\...\Neat) (Version: 5.7.1.474 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.5 - The Neat Company)
Neat Core Files (HKLM-x32\...\{99432E4C-1189-4887-9D75-DAA796015FFD}) (Version: 5.7.1.474 - The Neat Company) Hidden
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Neat Smart Organization System (HKLM-x32\...\Neat Smart Organization System) (Version: 1.5.2.11 - The Neat Company)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OverDrive for Windows (HKLM-x32\...\{FF27E73D-C30A-4F32-B2D7-22069F01DDB9}) (Version: 3.6.0 - OverDrive, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 3.0.26 - Portforward, LLC)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13622 - Kakao Corp.)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4006.2806 - Intuit Inc.) Hidden
QuickBooks Premier Edition 2018 (HKLM-x32\...\{7A626F39-A185-4566-9982-9995287CED26}) (Version: 28.0.4005.2806 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{BB4E642E-4F07-4C2A-B146-AB4CB1C3CEA2}) (Version: 13.0.20.2399 - SAP)
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
TeamViewer 4 (HKLM-x32\...\TeamViewer 4) (Version: 4.1.9108  - TeamViewer GmbH)
TFP for 2017 (HKLM-x32\...\{40486C9F-4FF8-4B22-9193-4AE5B16B0183}) (Version: 1.0.0.0 - ComplyRight) Hidden
TFP for 2017 (HKLM-x32\...\{646ce7c7-6cc8-414d-a8c8-6ea846ce6ce3}) (Version: 1.0.0.0 - ComplyRight, Inc.)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.)
VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.)
Video Win Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\...\WinDirStat) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 34.11.2016.27 - Ruiware)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1862036936-1806997627-3412976369-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-22] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-06-02] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11ACBC0D-BA70-494F-8F0F-DCAF56426D99} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [2018-04-27] (Intuit Inc.)
Task: {29BDF61D-71DD-4776-88FA-FB90140F99CC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-20] (Adobe Systems Incorporated)
Task: {31CDCBD7-FC01-4FA3-8E4D-4328EA2D4ED5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {36EF0F0B-F7CC-4B0D-AFDB-50B944F160B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {668B5F82-CE79-4C79-8ACD-23F6C579A7CC} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {6D33BA47-7B3E-4DB9-985A-3C7C5878E714} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {99650127-25BD-4FF9-A591-CCCF111FA58A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-14] (Adobe Systems Incorporated)
Task: {A8DD5F23-B59E-421E-B3F3-353E7E089EB7} - System32\Tasks\Microsoft\Windows\TaskScheduler\Qbittorrent => C:\Program Files\qBittorrent\qbittorrent.exe [2018-05-27] ()
Task: {B6F3CEE4-E0A9-45DD-9C08-5E08D55A9EA4} - System32\Tasks\Qbittorrent scheduler => C:\Program Files\qBittorrent\qbittorrent.exe [2018-05-27] ()
Task: {C8563665-7061-4FF1-93D0-6EFEF46C5FA9} - System32\Tasks\AdobeGCInvoker-1.0-Philip-PC-Philip => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {D2428081-07E9-4716-83B1-A14600EC5ED3} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {D7644F9A-DD2A-42B0-B0F8-E7DEDFE66D19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD68B943-A5F7-45FD-81B2-EA0C8052EED3} - System32\Tasks\shut down => shutdown [Argument = /s /f /t 0]
Task: {E64E64E3-40E7-496F-B9DE-7CBEFDAEDD13} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2018-05-24] (Bitdefender)
Task: {E7080F7E-CB14-4E05-9A7E-C0D786CDA024} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EAD87875-B963-41DD-978B-3E7E816F7CDB} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2018-05-28] (FreeDownloadManager.org)
Task: {F17DE3CF-36D7-4C32-83F6-AB8018785637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {F3576B23-2041-45CB-854B-A555EB8BCAE2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Philip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8dd10e5029485678\Neat.lnk -> C:\Program Files (x86)\The Neat Company\Neat Smart Organization System\Helium-shell\HeliumAppShell\Neat.exe (The NWJS Community) -> --user-data-dir="C:\Users\Philip\AppData\Local\Neat\User Data" --profile-directory=Default --app-id=epnmbmienjhgbolbhbdndkfbnekfoomm

==================== Loaded Modules (Whitelisted) ==============

2018-07-18 06:35 - 2018-07-18 06:35 - 000993728 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpbr.mdl
2018-07-18 06:35 - 2018-07-18 06:35 - 000544880 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpdsp.mdl
2018-07-18 06:35 - 2018-07-18 06:35 - 003232216 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttpph.mdl
2018-07-18 06:35 - 2018-07-18 06:35 - 001528320 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02751_004\ashttprbl.mdl
2016-11-27 08:26 - 2018-05-28 18:05 - 000037376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2016-11-18 21:24 - 2014-05-20 12:01 - 000054784 _____ () C:\WINDOWS\System32\sdtnpm.dll
2018-03-22 20:02 - 2015-02-12 11:43 - 000032768 _____ () C:\Windows\Mobile_Series_Service.exe
2018-06-07 15:24 - 2018-06-07 15:24 - 000637952 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_log-vc110-mt-1_54.dll
2018-06-07 15:24 - 2018-06-07 15:24 - 000098304 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_thread-vc110-mt-1_54.dll
2018-06-07 15:24 - 2018-06-07 15:24 - 000050176 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_date_time-vc110-mt-1_54.dll
2018-06-07 15:24 - 2018-06-07 15:24 - 000116224 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_filesystem-vc110-mt-1_54.dll
2018-06-07 15:24 - 2018-06-07 15:24 - 000019456 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_system-vc110-mt-1_54.dll
2018-06-07 15:24 - 2018-06-07 15:24 - 000028672 _____ () C:\Program Files\Condusiv Technologies\Diskeeper\boost_chrono-vc110-mt-1_54.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-23 08:29 - 2017-02-23 08:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-22 17:14 - 2018-07-22 17:14 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-07-16 16:15 - 2018-07-16 16:22 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-16 16:15 - 2018-07-16 16:22 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-16 16:15 - 2018-07-16 16:22 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-16 16:15 - 2018-07-16 16:22 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-16 16:15 - 2018-07-16 16:22 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-07-27 13:03 - 2018-07-27 13:11 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-27 13:03 - 2018-07-27 13:11 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 20:20 - 2017-09-30 21:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-18 11:49 - 2018-07-18 12:04 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-18 11:49 - 2018-07-18 12:04 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-24 20:58 - 2018-05-24 21:17 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-18 11:49 - 2018-07-18 12:04 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-29 14:36 - 2018-03-29 14:44 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-27 13:03 - 2018-07-27 13:11 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-18 11:49 - 2018-07-18 12:04 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-27 13:03 - 2018-07-27 13:11 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-31 08:55 - 2018-05-31 08:58 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-18 11:49 - 2018-07-18 12:04 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-27 13:03 - 2018-07-27 13:11 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 13:03 - 2018-07-27 13:11 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-07-30 13:36 - 2018-07-30 13:37 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-30 13:36 - 2018-07-30 13:37 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-30 13:36 - 2018-07-30 13:37 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-27 13:03 - 2018-07-27 13:06 - 035195392 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-27 13:03 - 2018-07-27 13:06 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-27 13:03 - 2018-07-27 13:06 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 07:15 - 2017-09-26 07:15 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 13:03 - 2018-07-27 13:06 - 008903168 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-11 09:47 - 2018-07-05 23:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-25 09:29 - 2018-07-25 09:29 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-02-23 02:44 - 2018-02-23 02:44 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-07-05 14:14 - 2018-08-03 14:19 - 000002936 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1    lm.licenses.adobe.com
127.0.0.1       ereg.adobe.com
127.0.0.1       na2m-pr.licenses.adobe.com
127.0.0.1       activate.adobe.com
127.0.0.1       wip.adobe.com
127.0.0.1       practivate.adobe.com
127.0.0.1       lmlicenses.wip4.adobe.com
127.0.0.1       practivate.adobe.com
127.0.0.1       192.150.14.69
127.0.0.1       192.150.18.101
127.0.0.1       192.150.18.108
127.0.0.1       192.150.22.40
127.0.0.1       192.150.8.100
127.0.0.1       192.150.8.118
127.0.0.1       209-34-83-73.ood.opsource.net
127.0.0.1       3dns-1.adobe.com
127.0.0.1       3dns-2.adobe.com
127.0.0.1       3dns-3.adobe.com
127.0.0.1       3dns-4.adobe.com
127.0.0.1       3dns.adobe.com
127.0.0.1       3dns.adobe.com
127.0.0.1       activate-sea.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       activate.wip.adobe.com
127.0.0.1       activate.wip1.adobe.com
127.0.0.1       activate.wip2.adobe.com
127.0.0.1       activate.wip3.adobe.com
127.0.0.1       activate.wip4.adobe.com
127.0.0.1       adobe-dns-1.adobe.com
127.0.0.1       adobe-dns-2.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1862036936-1806997627-3412976369-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\Pictures\My Pictures\Hechuan\Dazu-China-Hechuan\IMGP8395.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{64E160AC-835F-4C6A-B76A-B2AE00A68E90}] => (Allow) C:\Program Files (x86)\Brother\Button Manager\ButtonManager.exe
FirewallRules: [{5F6BF504-0195-46DF-AF5B-65214672916A}] => (Allow) C:\Program Files (x86)\Brother\Button Manager\ButtonManager.exe
FirewallRules: [UDP Query User{C085C35E-3EDA-4F43-BCBD-E92F8AD37674}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [TCP Query User{26FFE2BA-0A63-4C85-B756-7213772ECBA7}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [{882CB653-F4BC-4101-8B08-5F0006DA618D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{82C152C0-8B28-47AD-9762-DDCB972165EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8120AC10-72B4-41EE-8207-B7D368684C8B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C99DD593-2425-44BB-88BB-48267E24E2FE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{69E3D4C8-B334-4836-8FFB-7BB3721A8955}] => (Allow) C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
FirewallRules: [{C3024A3F-7199-492F-82CA-38DC7EA69E5D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version4\TeamViewer.exe
FirewallRules: [{ADF41E04-74BF-4E7D-8624-85E32984366A}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{3F4E0B2E-0816-476C-9EF3-D4D6A82BB0DA}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
FirewallRules: [{90776C37-64C8-460B-8C8E-2EBDFEA42CC7}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{12D8B02B-B55A-43E0-9C72-22D87608B6DE}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{355C2FCF-D352-459A-8F6C-9ECD34921BA0}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E8BF54DA-EA85-4AD4-AD7C-AEFCD37DF4D5}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3615B82F-2CB4-417D-8129-8059174F2232}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D00370F0-ED6D-45C3-B084-2566676D4081}] => (Allow) C:\Users\Philip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34C1EFB8-ADD8-4BA2-82FC-6E639DC2EF85}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5EE5DE28-6D99-4DFD-AC95-29607399189B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C84648B7-32FC-4B1E-AECA-5425F577E24C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A932DF59-71EC-45A6-BB82-D92E191950B3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{66D766EA-DE54-4B2C-9186-353CF7019CAC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{36DCA882-3D1E-4EE8-ACFE-1DACB5830C29}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{7A36F9B9-9765-47B2-AA09-942DF4435CFD}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{CFD687B1-AE60-4B32-8441-BD11FE4FF19B}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{F9881406-8041-4EA0-8A56-C430CB3A5018}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{A3A78950-F328-4A18-8B38-901F254D6A3A}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{AF81D16B-6C87-423A-BE69-5275E75F5D9F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{90A41990-9DDB-41F6-BD21-DA7189C8F3D5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{1D4DE913-D0F2-4A05-A7BF-F3953E422050}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{0634E712-2779-4F2B-920B-0398B02BCA6A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{6EFBA2B7-3E32-466B-A311-D086DCD400A6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{DFF6756B-A13A-49AA-9427-051E34ECC90F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{16ACF27D-0AB9-4C42-8A2D-6F80BF14D9CB}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe
FirewallRules: [{33C23158-09B9-4682-9FF5-42B845E81F3F}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe
FirewallRules: [{9F7D7AFF-FEC5-4490-954C-CD5BFA4B816F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{18864894-C0BA-4C5C-ABAD-4F0EFA500ADD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{2FF7A9E0-01B9-4FC7-83A5-F9436F71F1C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EDDF39D4-4306-4CB3-9691-7A28F95608CB}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe
FirewallRules: [{0708D39B-A7C2-4941-B276-FBBDC7D63FFC}] => (Allow) C:\Program Files\Condusiv Technologies\Diskeeper\DKService.exe
FirewallRules: [{55402664-33AD-49E5-A2DF-07EC77981832}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{7D6E7190-ADBD-40B7-956B-17F6329D538F}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{B16AB9A9-773A-4F92-B193-8A5E87F3CC4B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6283C7B-29FD-44DA-9FB4-BB3C2A4AE4B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

02-08-2018 14:02:07 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2018 10:47:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/02/2018 05:03:55 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (08/02/2018 05:03:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/02/2018 05:03:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/02/2018 11:12:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/01/2018 11:21:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/01/2018 03:09:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2.manifest.

Error: (08/01/2018 01:01:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bdfvwiz.exe version 22.0.21.291 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2cec

Start Time: 01d429d25c8c9d31

Termination Time: 14

Application Path: C:\Program Files\Bitdefender\Bitdefender 2017\bdfvwiz.exe

Report Id: 03ce6ddc-fb9a-49d2-88af-85e6d6c2d46c

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (08/03/2018 01:55:56 PM) (Source: DCOM) (EventID: 10016) (User: Philip-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Philip-PC\Philip SID (S-1-5-21-1862036936-1806997627-3412976369-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/02/2018 10:47:44 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Linksys WUSB6300, {81A32BC7-6CD1-46B4-847A-F08657A1498D}, had event 73

Error: (08/02/2018 05:06:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/02/2018 05:03:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/02/2018 05:03:48 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (08/02/2018 07:47:06 AM) (Source: DCOM) (EventID: 10016) (User: Philip-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Philip-PC\Philip SID (S-1-5-21-1862036936-1806997627-3412976369-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/01/2018 11:19:03 PM) (Source: DCOM) (EventID: 10010) (User: Philip-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/01/2018 11:19:02 PM) (Source: DCOM) (EventID: 10010) (User: Philip-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2018-08-02 17:03:56.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-31 20:53:20.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-30 11:19:28.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-20 08:02:21.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-16 21:00:21.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-12 07:31:58.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-12 07:32:17.520
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-07-12 07:32:15.752
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 16345.07 MB
Available physical RAM: 9254.51 MB
Total Virtual: 32729.07 MB
Available Virtual: 26613.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.91 GB) (Free:72.67 GB) NTFS
Drive d: (Storage) (Fixed) (Total:931.5 GB) (Free:583.13 GB) NTFS
Drive f: () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
Drive g: (STORE N GO) (Removable) (Total:14.91 GB) (Free:14.91 GB) FAT32
Drive i: (My Passport) (Fixed) (Total:698.6 GB) (Free:552.86 GB) NTFS
Drive j: (My Passport) (Fixed) (Total:465.73 GB) (Free:44.53 GB) NTFS
Drive k: (My Book) (Fixed) (Total:3725.99 GB) (Free:1051.56 GB) NTFS

\\?\Volume{728c87de-a211-4043-bec3-34da1110a392}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 89B1D8C1)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EC82EC82)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 0002288C)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 00038A56)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:16 PM

Posted 04 August 2018 - 07:16 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
[url=https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/][b]Farbar

Disregard. I have merged your topic.

I will review your FRST logs and reply shortly.

Edited by nasdaq, 04 August 2018 - 07:19 AM.


#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:16 PM

Posted 08 August 2018 - 05:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/681658 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:16 PM

Posted 09 August 2018 - 07:10 AM

Hi,

I'm still here. Follow the HelpBot's instructions. I will review your logs.

#6 Philip_B

Philip_B
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 10 August 2018 - 09:50 PM

Thank you for your time , I believe I have fixed this problem.I have re imaged my hard disk and will be, backing up even more religiously now.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users