First up, I'm not all that young, or malware scan 31 dec 17 No 1.txt 1.23KB 158 downloadstechnically minded.
I've noticed a few strange things happening with my laptop over the past 3 or 4 days, my antivirus (Bitdefender) seems to have decided to either block apps for no apparent reason or change my browser whenever it feels like it.
I've run C Cleaner , Malwarebytes and Microsoft malicious software removal tool. Malwarebytes picked up something on the first run which I didn't record. Otherwise I don't have any idea how to proceed from here. Help please
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
Ran by Des Callaghan (administrator) on LAPTOP-MPCB59VU (31-12-2017 11:30:42)
Running from C:\Users\Des Callaghan\Desktop
Loaded Profiles: Des Callaghan (Available Profiles: Des Callaghan)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cac487d7a695d2e9\igfxCUIService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cac487d7a695d2e9\IntelCpHDCPSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cac487d7a695d2e9\IntelCpHeciSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cac487d7a695d2e9\igfxEM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Firetrust) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Fuji Xerox Co., Ltd.) C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
() C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\190.7.0\ToolbarUpdater.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-30] (Microsoft Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] ()
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-07] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1046024 2013-07-30] (The Eraser Project)
HKLM\...\Run: [Network Configuration] => c:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Launcher205f] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe [2571264 2011-04-12] (Fuji Xerox Co., Ltd.)
HKLM-x32\...\Run: [M205f RUN] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmRun.exe [355840 2012-06-20] ()
HKLM-x32\...\Run: [StatusAutoRunm205f] => C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe [3978752 2012-06-20] ()
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-05-23] (Sony Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694072 2013-10-15] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [1707080 2017-12-30] ()
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-02] (Piriform Ltd)
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2017-06-19]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files (x86)\AVG\Secure VPN\Vpn.exe (AVG Technologies CZ, s.r.o.)
Startup: C:\Users\Des Callaghan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk [2016-09-01]
ShortcutTarget: MailWasherPro.lnk -> C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Firetrust)
Startup: C:\Users\Des Callaghan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-02-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * bddel.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{31a094c8-e663-4c5e-9bd0-2bf332493401}: [DhcpNameServer] 10.111.222.1
Tcpip\..\Interfaces\{38f730b0-09eb-4c64-a03d-6ea9d9133b50}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{398be33d-3a4d-43b2-92a0-ba9e014e3be3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b3652480-bba9-4afa-8731-74ee42bbffd7}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {94BF1D65-7D3E-4A85-8372-09FC420F9FBC} URL =
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={D3989286-9F2B-42FC-9738-7844F919B070}&mid=4b1e0869226047ce8ceb89b2c29c4536-3dd919dfc19ea46c604e200b1d411dbfae53d3a6&lang=en&ds=tt014&coid=avgtbdistt&cmpid=&pr=sa&d=2017-12-29 06:42:34&v=19.6.0.592&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {B59A2DF4-9414-42FA-ACE7-B34BA73D6894} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {F8305D7D-CF69-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> {F8305D7D-CF79-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-12-14] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-12-26] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-12-14] (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-12-14] (Bitdefender)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll [2017-12-30] (AVG Secure Search)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-12-14] (Bitdefender)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll [2017-12-30] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1291720134-1892629821-116790201-1001 -> No Name - {2B171655-A69C-5C18-B693-6CB5DC269D41} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-26] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\190.7.0\ViProtocol.dll [2017-12-30] (AVG Secure Search)
FireFox:
========
FF DefaultProfile: w0rmwscg.default
FF ProfilePath: C:\Users\Des Callaghan\AppData\Roaming\TomTom\HOME\Profiles\qxyvyrlf.default [2017-01-08]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [not found]
FF ProfilePath: C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default [2017-12-31]
FF user.js: detected! => C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\user.js [2017-12-30]
FF Extension: (YouTube MP4 Downloader) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\@youtube-mp4-downloader.xpi [2017-11-21]
FF Extension: (Flash Video Downloader) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\[email protected] [2017-12-29]
FF Extension: (Enhancer for YouTube™) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\[email protected] [2017-12-20]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\[email protected] [2017-07-19]
FF Extension: (uBlock Origin) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\[email protected] [2017-12-29]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-04-23] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Des Callaghan\AppData\Roaming\Mozilla\Firefox\Profiles\w0rmwscg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff [2017-10-14]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-12-13] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\190.7.0\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-19] (NVIDIA Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-05-23] (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-02] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1291720134-1892629821-116790201-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Des Callaghan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-19] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\Des Callaghan\AppData\Local\Google\Chrome\User Data\Default [2017-12-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-06-19] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-06-19] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.)
S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7760552 2017-12-07] (Microsoft Corporation)
S4 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-08] (Lenovo)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [132096 2016-05-12] (Conexant Systems, Inc.) [File not signed]
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-12-04] (Bitdefender)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-04-12] (ELAN Microelectronics Corp.)
R4 FXNADB; C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe [96768 2012-06-20] () [File not signed]
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-02] (WildTangent)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1210352 2016-03-23] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-14] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-04] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-06-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-04] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [431960 2015-09-15] (Conexant Systems, Inc.)
S2 SecureVpn; C:\Program Files (x86)\AVG\Secure VPN\VpnSvc.exe [2154704 2017-04-03] (AVG Technologies CZ, s.r.o.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-12-14] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1129720 2017-12-14] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
R2 vToolbarUpdater190.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\190.7.0\ToolbarUpdater.exe [1277512 2017-12-30] (AVG Secure Search)
R4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-14] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1019880 2017-10-11] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1763744 2017-10-11] (BitDefender)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-06-19] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314128 2017-06-19] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-06-19] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-06-19] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-06-19] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-06-19] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [129776 2017-06-19] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102280 2017-06-19] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-06-19] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-06-19] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [570320 2017-06-19] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [160008 2017-06-19] (AVG Technologies CZ, s.r.o.)
R3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2016-12-09] (The OpenVPN Project)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340824 2017-06-19] (AVG Technologies CZ, s.r.o.)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-07-27] (BitDefender LLC)
R2 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-11-24] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2017-04-12] (ELAN Microelectronic Corp.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-09-13] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253184 2016-12-12] (Intel Corporation)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [362664 2017-10-12] (Bitdefender)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2017-12-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-29] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-12-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-31] (Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_851a79f66682d708\nvlddmkm.sys [14482360 2017-09-29] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-04] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-04] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150344 2016-10-24] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-09-13] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-30] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-31 11:30 - 2017-12-31 11:31 - 000031574 _____ C:\Users\Des Callaghan\Desktop\FRST.txt
2017-12-31 11:30 - 2017-12-31 11:30 - 000000000 ____D C:\FRST
2017-12-31 11:26 - 2017-12-31 11:27 - 002391552 _____ (Farbar) C:\Users\Des Callaghan\Desktop\FRST64.exe
2017-12-31 10:56 - 2017-12-31 10:56 - 000001255 _____ C:\Users\Des Callaghan\Desktop\malware scan 31 dec 17 No 1.txt
2017-12-30 22:08 - 2017-12-30 22:08 - 000027624 _____ C:\WINDOWS\system32\bddel.exe
2017-12-30 22:08 - 2017-12-30 22:08 - 000004624 _____ C:\WINDOWS\system32\bddel.dat
2017-12-30 22:06 - 2017-12-30 22:08 - 000000000 ____D C:\Program Files (x86)\FVDToolbar
2017-12-30 22:06 - 2017-12-30 22:06 - 000000000 ____D C:\ProgramData\FVDToolbar
2017-12-30 14:22 - 2017-12-30 14:22 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-30 14:21 - 2017-12-30 14:21 - 000001273 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2017-12-29 18:48 - 2017-12-29 18:48 - 000002575 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2017-12-29 18:48 - 2017-11-15 08:59 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-12-29 18:25 - 2017-12-29 18:25 - 000000955 _____ C:\Users\Public\Desktop\AVG.lnk
2017-12-29 18:23 - 2017-12-30 19:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-12-29 17:56 - 2017-12-29 17:56 - 003299987 _____ C:\Users\Des Callaghan\Documents\AvgInstallLog.cab
2017-12-29 17:42 - 2017-12-30 07:42 - 000000000 ____D C:\Program Files\AVG Secure Search
2017-12-29 17:42 - 2017-12-30 07:42 - 000000000 ____D C:\Program Files (x86)\AVG Secure Search
2017-12-29 17:42 - 2017-12-29 21:43 - 000000000 ____D C:\Users\Des Callaghan\AppData\Local\AVG Secure Search
2017-12-29 17:42 - 2017-12-29 17:42 - 000000000 ____D C:\Users\Des Callaghan\AppData\LocalLow\AVG Secure Search
2017-12-29 17:42 - 2017-12-29 17:42 - 000000000 ____D C:\ProgramData\AVG Secure Search
2017-12-29 17:42 - 2017-12-29 17:42 - 000000000 ____D C:\Program Files\Common Files\AVG Secure Search
2017-12-29 17:14 - 2017-12-31 10:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-29 17:14 - 2017-12-29 17:27 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-12-29 17:14 - 2017-12-29 17:27 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-29 17:14 - 2017-12-29 17:14 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-29 17:14 - 2017-12-29 17:14 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-12-29 17:14 - 2017-12-29 17:14 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-29 17:14 - 2017-12-29 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-29 17:14 - 2017-12-29 17:14 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-29 17:14 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-29 17:13 - 2017-12-29 17:13 - 000000000 ____D C:\ProgramData\MB2Migration
2017-12-29 17:11 - 2017-12-29 17:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-29 17:11 - 2017-12-29 17:14 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-12-29 10:48 - 2017-12-29 10:48 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-29 10:48 - 2017-12-29 10:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-29 10:39 - 2017-12-29 10:39 - 000311232 _____ (Mozilla) C:\Users\Des Callaghan\Downloads\Firefox Installer.exe
2017-12-28 09:40 - 2017-12-28 09:40 - 000046599 _____ C:\ProgramData\dm.update.1514414318.bdinstall.bin
2017-12-27 14:59 - 2017-12-30 21:53 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Callaghan Family tree info
2017-12-27 13:34 - 2017-12-27 13:34 - 000000000 ____D C:\Users\Des Callaghan\Documents\Legacy Charts
2017-12-27 10:30 - 2017-12-27 13:34 - 000000000 ____D C:\Users\Des Callaghan\Documents\Legacy Family Tree
2017-12-27 10:29 - 2017-12-27 10:29 - 000000734 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 9.0.lnk
2017-12-27 10:29 - 2017-12-27 10:29 - 000000722 _____ C:\Users\Public\Desktop\Legacy 9.0.lnk
2017-12-27 10:29 - 2017-12-27 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 9.0
2017-12-27 10:29 - 2016-10-28 12:05 - 008444416 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatAx-9.5.0-win32.dll
2017-12-27 10:29 - 2015-11-09 18:23 - 000292696 _____ (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) C:\WINDOWS\SysWOW64\XceedFtp.dll
2017-12-27 10:29 - 2015-09-24 21:57 - 001785856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vfpoledb.dll
2017-12-27 10:29 - 2015-09-24 21:56 - 001090048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msado15.dll
2017-12-27 10:29 - 2011-03-02 20:54 - 000886776 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.TaskPanel.v15.0.2.ocx
2017-12-27 10:29 - 2011-03-02 20:53 - 002660344 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.CommandBars.v15.0.2.ocx
2017-12-27 10:29 - 2011-03-02 20:53 - 001882104 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.Controls.v15.0.2.ocx
2017-12-27 10:29 - 2011-03-02 20:53 - 001374200 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.ReportControl.v15.0.2.ocx
2017-12-27 10:29 - 2011-03-02 20:53 - 000825336 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.DockingPane.v15.0.2.ocx
2017-12-27 10:29 - 2011-03-02 20:53 - 000501752 _____ (Codejock Software) C:\WINDOWS\SysWOW64\Codejock.ShortcutBar.v15.0.2.ocx
2017-12-27 10:29 - 2007-11-07 19:03 - 000496384 _____ (Xceed Software Inc (450) 442-2626 [email protected] www.xceedsoft.com) C:\WINDOWS\SysWOW64\XceedZip.dll
2017-12-27 10:29 - 2005-08-09 17:14 - 000458752 _____ (ComponentOne) C:\WINDOWS\SysWOW64\vsprint8.ocx
2017-12-27 10:29 - 2005-08-09 17:14 - 000262144 _____ (ComponentOne ) C:\WINDOWS\SysWOW64\vspdf8.ocx
2017-12-27 10:29 - 2004-11-23 16:59 - 000184320 _____ (CIA, The Company) C:\WINDOWS\SysWOW64\ciaXPButton30.ocx
2017-12-27 10:29 - 2004-11-19 01:45 - 000200704 _____ (CIA, The company) C:\WINDOWS\SysWOW64\ciaSCls20.dll
2017-12-27 10:29 - 2004-03-09 01:00 - 001010720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCHRT20.OCX
2017-12-27 10:29 - 2004-03-09 00:00 - 000152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2017-12-27 10:29 - 2004-03-09 00:00 - 000132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2017-12-27 10:29 - 2003-12-12 16:41 - 000053248 _____ (CIA, The Company) C:\WINDOWS\SysWOW64\ciaXPRegSvr20.dll
2017-12-27 10:29 - 2003-02-19 01:11 - 000065536 _____ (Larcom and Young) C:\WINDOWS\SysWOW64\ReSize32.ocx
2017-12-27 10:29 - 2002-02-12 16:24 - 000169216 _____ (Wintertree Software Inc.) C:\WINDOWS\SysWOW64\WSpell.ocx
2017-12-27 10:29 - 2000-12-06 09:59 - 000832448 _____ (APEX Software Corporation) C:\WINDOWS\SysWOW64\tdbg6.ocx
2017-12-27 10:29 - 2000-05-22 00:00 - 000647872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2017-12-27 10:29 - 2000-05-22 00:00 - 000203976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2017-12-27 10:29 - 1999-11-23 10:01 - 000276992 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFCMP11n.DLL
2017-12-27 10:29 - 1999-11-22 13:58 - 000751104 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltocx11n.ocx
2017-12-27 10:29 - 1999-11-22 13:52 - 000172544 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\Lfpng11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000151040 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lftif11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000080896 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lffax11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000059392 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwmf11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000041472 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfgif11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000036864 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfbmp11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000035328 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfcal11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000032768 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcx11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfeps11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfwpg11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lftga11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000027136 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfimg11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfpcd11n.dll
2017-12-27 10:29 - 1999-11-22 13:52 - 000026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lfmsp11n.dll
2017-12-27 10:29 - 1999-11-22 13:51 - 000262144 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTDIS11n.dll
2017-12-27 10:29 - 1999-11-22 13:51 - 000226816 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltefx11n.dll
2017-12-27 10:29 - 1999-11-22 13:51 - 000127488 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltimg11n.dll
2017-12-27 10:29 - 1999-11-22 13:51 - 000118272 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltfil11n.DLL
2017-12-27 10:29 - 1999-11-22 13:51 - 000038400 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\lttwn11n.dll
2017-12-27 10:29 - 1999-11-22 13:50 - 000391168 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltkrn11n.dll
2017-12-27 10:29 - 1999-11-22 13:49 - 000045936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltvdd11w.drv
2017-12-27 10:29 - 1999-11-22 13:49 - 000003824 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\ltthk11w.dll
2017-12-27 10:29 - 1999-09-17 11:14 - 000065536 _____ (Sheridan Software Systems, Inc) C:\WINDOWS\SysWOW64\ssfm1032.dll
2017-12-27 10:29 - 1999-07-01 13:17 - 000237568 _____ (VideoSoft) C:\WINDOWS\SysWOW64\Vsocx6.ocx
2017-12-27 10:29 - 1999-05-07 00:00 - 000198640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCI32.OCX
2017-12-27 10:29 - 1998-09-11 09:14 - 000021504 _____ () C:\WINDOWS\SysWOW64\WBCustomizer.dll
2017-12-27 10:29 - 1998-06-18 00:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.dll
2017-12-27 10:29 - 1995-07-31 11:44 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL
2017-12-27 10:28 - 2017-12-28 09:55 - 000000000 ____D C:\Program Files (x86)\Legacy9
2017-12-19 17:57 - 2017-12-19 17:57 - 000000000 ____D C:\Users\Des Callaghan\AppData\Roaming\Friday's games
2017-12-19 17:56 - 2017-12-19 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stray Souls
2017-12-19 17:53 - 2017-12-19 17:53 - 000000000 ____D C:\Program Files (x86)\Stray Souls
2017-12-19 08:40 - 2017-12-19 08:39 - 000003896 _____ C:\Users\Des Callaghan\Desktop\1513633148_1_01.xml
2017-12-17 20:18 - 2017-12-17 20:18 - 000254839 _____ C:\Users\Des Callaghan\Desktop\ARF105-MANUAL.pdf
2017-12-16 14:35 - 2017-12-27 10:09 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Our address book and printing aid
2017-12-15 09:47 - 2017-12-15 09:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-15 09:03 - 2017-12-15 09:03 - 000480177 _____ C:\Users\Des Callaghan\Downloads\AdobeAcroCleaner_DC2015.zip
2017-12-15 08:41 - 2017-12-15 08:42 - 000417042 _____ C:\Users\Des Callaghan\Desktop\REMITTANCE ADVICE.PDF
2017-12-14 16:10 - 2017-12-14 16:11 - 001083816 _____ C:\Users\Des Callaghan\Documents\GVVC November 2017 final.pdf
2017-12-14 10:22 - 2017-12-14 10:23 - 120189936 _____ (Adobe Systems Incorporated) C:\Users\Des Callaghan\Downloads\AcroRdrDC1800920044_en_US.exe
2017-12-14 10:20 - 2017-12-14 10:20 - 075858112 _____ (Adobe Systems Incorporated) C:\Users\Des Callaghan\Downloads\AdbeRdr11010_en_US.exe
2017-12-13 21:01 - 2017-12-08 17:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-13 21:01 - 2017-12-08 10:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-13 21:01 - 2017-12-08 10:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-13 21:01 - 2017-12-08 10:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-13 21:01 - 2017-12-08 10:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-13 21:01 - 2017-12-08 10:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-13 21:01 - 2017-12-08 09:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-13 21:01 - 2017-12-08 09:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-13 21:01 - 2017-12-08 09:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-13 21:01 - 2017-12-08 09:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-13 21:01 - 2017-12-08 09:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-13 21:01 - 2017-12-08 09:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-13 21:01 - 2017-12-08 09:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-13 21:01 - 2017-12-08 09:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-13 21:01 - 2017-12-08 09:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-13 21:01 - 2017-12-08 09:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-13 21:01 - 2017-12-08 09:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-13 21:01 - 2017-12-08 09:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-13 21:01 - 2017-12-08 09:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-13 21:01 - 2017-12-08 09:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-13 21:01 - 2017-12-08 09:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-13 21:01 - 2017-12-08 09:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-13 21:01 - 2017-12-08 09:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-13 21:01 - 2017-12-08 09:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-13 21:01 - 2017-12-08 09:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-13 21:01 - 2017-12-08 09:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-13 21:01 - 2017-12-08 09:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-13 21:01 - 2017-12-08 09:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-13 21:01 - 2017-12-08 08:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-13 21:01 - 2017-12-08 08:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-13 21:01 - 2017-12-08 08:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-13 21:01 - 2017-12-08 08:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-13 21:01 - 2017-12-08 08:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-13 21:01 - 2017-12-08 08:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-13 21:01 - 2017-12-08 08:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-13 21:01 - 2017-11-27 07:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-13 21:01 - 2017-11-27 07:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-13 21:01 - 2017-11-27 07:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-13 21:01 - 2017-11-27 03:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-13 21:01 - 2017-11-27 00:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-13 21:01 - 2017-11-27 00:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-13 21:01 - 2017-11-27 00:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-13 21:01 - 2017-11-27 00:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-13 21:01 - 2017-11-27 00:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-13 21:01 - 2017-11-27 00:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-13 21:01 - 2017-11-27 00:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-13 21:01 - 2017-11-27 00:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-13 21:01 - 2017-11-27 00:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-13 21:01 - 2017-11-27 00:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-13 21:01 - 2017-11-27 00:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-13 21:01 - 2017-11-26 23:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-13 21:01 - 2017-11-26 23:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-13 21:01 - 2017-11-26 23:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-13 21:01 - 2017-11-26 23:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-13 21:01 - 2017-11-26 23:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-13 21:01 - 2017-11-26 23:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-13 21:01 - 2017-11-26 22:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-13 21:01 - 2017-11-26 22:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-13 21:01 - 2017-11-26 22:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-13 21:01 - 2017-11-26 22:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-13 21:01 - 2017-11-26 21:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-13 21:01 - 2017-11-19 18:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-13 21:01 - 2017-11-19 13:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-13 21:00 - 2017-12-13 21:00 - 000000000 ____D C:\Users\Des Callaghan\Documents\acrobat_ittools_cleaner_p2_061713
2017-12-13 21:00 - 2017-12-08 10:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-13 21:00 - 2017-12-08 10:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-13 21:00 - 2017-12-08 10:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-13 21:00 - 2017-12-08 10:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-13 21:00 - 2017-12-08 10:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-13 21:00 - 2017-12-08 10:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-13 21:00 - 2017-12-08 10:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-13 21:00 - 2017-12-08 10:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-13 21:00 - 2017-12-08 10:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-13 21:00 - 2017-12-08 10:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-13 21:00 - 2017-12-08 10:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-13 21:00 - 2017-12-08 10:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-13 21:00 - 2017-12-08 10:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-13 21:00 - 2017-12-08 10:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-13 21:00 - 2017-12-08 10:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-13 21:00 - 2017-12-08 10:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-13 21:00 - 2017-12-08 10:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-13 21:00 - 2017-12-08 10:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-13 21:00 - 2017-12-08 10:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-13 21:00 - 2017-12-08 10:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-13 21:00 - 2017-12-08 10:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-13 21:00 - 2017-12-08 10:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-13 21:00 - 2017-12-08 10:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-13 21:00 - 2017-12-08 10:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-13 21:00 - 2017-12-08 10:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-13 21:00 - 2017-12-08 10:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-13 21:00 - 2017-12-08 10:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-13 21:00 - 2017-12-08 10:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-13 21:00 - 2017-12-08 10:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-13 21:00 - 2017-12-08 09:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-13 21:00 - 2017-12-08 09:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-13 21:00 - 2017-12-08 09:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-13 21:00 - 2017-12-08 09:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-13 21:00 - 2017-12-08 09:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-13 21:00 - 2017-12-08 09:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-13 21:00 - 2017-12-08 09:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-13 21:00 - 2017-12-08 09:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-13 21:00 - 2017-12-08 09:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-13 21:00 - 2017-12-08 09:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-13 21:00 - 2017-12-08 09:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-13 21:00 - 2017-12-08 09:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-13 21:00 - 2017-12-08 09:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-13 21:00 - 2017-12-08 09:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-13 21:00 - 2017-12-08 09:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-13 21:00 - 2017-12-08 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-13 21:00 - 2017-12-08 09:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-13 21:00 - 2017-12-08 09:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-13 21:00 - 2017-12-08 09:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-13 21:00 - 2017-12-08 09:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-13 21:00 - 2017-12-08 09:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-13 21:00 - 2017-12-08 09:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-13 21:00 - 2017-12-08 09:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-13 21:00 - 2017-12-08 09:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-13 21:00 - 2017-12-08 09:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-13 21:00 - 2017-12-08 09:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-13 21:00 - 2017-12-08 09:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-13 21:00 - 2017-12-08 09:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-13 21:00 - 2017-12-08 09:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-13 21:00 - 2017-12-08 09:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-13 21:00 - 2017-12-08 09:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-13 21:00 - 2017-12-08 09:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-13 21:00 - 2017-12-08 09:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-13 21:00 - 2017-12-08 09:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 21:00 - 2017-12-08 09:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-13 21:00 - 2017-12-08 09:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-13 21:00 - 2017-12-08 09:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-13 21:00 - 2017-12-08 09:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-13 21:00 - 2017-12-08 09:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-13 21:00 - 2017-12-08 09:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-13 21:00 - 2017-12-08 09:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-13 21:00 - 2017-12-08 09:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-13 21:00 - 2017-12-08 09:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-13 21:00 - 2017-12-08 09:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-13 21:00 - 2017-12-08 09:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-13 21:00 - 2017-12-08 09:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 21:00 - 2017-12-08 09:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-13 21:00 - 2017-12-08 09:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-13 21:00 - 2017-12-08 09:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-13 21:00 - 2017-12-08 09:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-13 21:00 - 2017-12-08 09:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-13 21:00 - 2017-12-08 09:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-13 21:00 - 2017-12-08 09:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-13 21:00 - 2017-12-08 09:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-13 21:00 - 2017-12-08 09:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-13 21:00 - 2017-12-08 09:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-13 21:00 - 2017-12-08 09:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-13 21:00 - 2017-12-08 08:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-13 21:00 - 2017-12-08 08:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-13 21:00 - 2017-12-08 08:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-13 21:00 - 2017-12-08 08:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-13 21:00 - 2017-12-08 08:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-13 21:00 - 2017-12-08 08:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-13 21:00 - 2017-12-08 08:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-13 21:00 - 2017-12-08 08:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-13 21:00 - 2017-12-08 08:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-13 21:00 - 2017-12-08 08:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-13 21:00 - 2017-12-08 08:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-13 21:00 - 2017-11-27 00:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-13 21:00 - 2017-11-27 00:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-13 21:00 - 2017-11-27 00:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-13 21:00 - 2017-11-27 00:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-13 21:00 - 2017-11-27 00:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-13 21:00 - 2017-11-27 00:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-13 21:00 - 2017-11-27 00:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-13 21:00 - 2017-11-27 00:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-13 21:00 - 2017-11-27 00:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-13 21:00 - 2017-11-27 00:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-13 21:00 - 2017-11-27 00:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-13 21:00 - 2017-11-27 00:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-13 21:00 - 2017-11-27 00:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-13 21:00 - 2017-11-27 00:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-13 21:00 - 2017-11-27 00:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-13 21:00 - 2017-11-27 00:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-13 21:00 - 2017-11-27 00:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-13 21:00 - 2017-11-27 00:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-13 21:00 - 2017-11-27 00:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-13 21:00 - 2017-11-27 00:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-13 21:00 - 2017-11-27 00:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-13 21:00 - 2017-11-27 00:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-13 21:00 - 2017-11-27 00:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-13 21:00 - 2017-11-27 00:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-13 21:00 - 2017-11-27 00:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-13 21:00 - 2017-11-27 00:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-13 21:00 - 2017-11-27 00:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-13 21:00 - 2017-11-27 00:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-13 21:00 - 2017-11-27 00:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-13 21:00 - 2017-11-27 00:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-13 21:00 - 2017-11-27 00:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-13 21:00 - 2017-11-27 00:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-13 21:00 - 2017-11-27 00:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-13 21:00 - 2017-11-27 00:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-13 21:00 - 2017-11-27 00:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-13 21:00 - 2017-11-27 00:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-13 21:00 - 2017-11-26 23:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-13 21:00 - 2017-11-26 23:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-13 21:00 - 2017-11-26 23:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-13 21:00 - 2017-11-26 23:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-13 21:00 - 2017-11-26 23:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-13 21:00 - 2017-11-26 23:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-13 21:00 - 2017-11-26 23:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-13 21:00 - 2017-11-26 23:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-13 21:00 - 2017-11-26 23:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-13 21:00 - 2017-11-26 23:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-13 21:00 - 2017-11-26 23:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-13 21:00 - 2017-11-26 23:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-13 21:00 - 2017-11-26 23:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-13 21:00 - 2017-11-26 23:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-13 21:00 - 2017-11-26 23:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-13 21:00 - 2017-11-26 23:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-13 21:00 - 2017-11-26 23:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-13 21:00 - 2017-11-26 23:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-13 21:00 - 2017-11-26 23:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-13 21:00 - 2017-11-26 23:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-13 21:00 - 2017-11-26 23:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-13 21:00 - 2017-11-26 23:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-13 21:00 - 2017-11-26 23:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-13 21:00 - 2017-11-26 23:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-13 21:00 - 2017-11-26 23:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-13 21:00 - 2017-11-26 23:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-13 21:00 - 2017-11-26 23:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-13 21:00 - 2017-11-26 23:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-13 21:00 - 2017-11-26 23:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-13 21:00 - 2017-11-26 23:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-13 21:00 - 2017-11-26 23:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-13 21:00 - 2017-11-26 23:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-13 21:00 - 2017-11-26 23:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-13 21:00 - 2017-11-26 23:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-13 21:00 - 2017-11-26 23:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-13 21:00 - 2017-11-26 23:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-13 21:00 - 2017-11-26 23:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-13 21:00 - 2017-11-26 23:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-13 21:00 - 2017-11-26 23:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-13 21:00 - 2017-11-26 23:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-13 21:00 - 2017-11-26 23:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-13 21:00 - 2017-11-26 23:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-13 21:00 - 2017-11-26 23:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-13 21:00 - 2017-11-26 23:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-13 21:00 - 2017-11-26 23:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-13 21:00 - 2017-11-26 23:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-13 21:00 - 2017-11-26 23:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-13 21:00 - 2017-11-26 23:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-13 21:00 - 2017-11-26 23:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-13 21:00 - 2017-11-26 23:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-13 21:00 - 2017-11-26 22:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-13 21:00 - 2017-11-26 22:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-13 21:00 - 2017-11-26 22:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-13 21:00 - 2017-11-26 22:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-13 21:00 - 2017-11-26 22:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-13 21:00 - 2017-11-26 22:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-13 21:00 - 2017-11-26 22:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-13 21:00 - 2017-11-26 22:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-13 21:00 - 2017-11-26 22:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-13 21:00 - 2017-11-26 22:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-13 21:00 - 2017-11-26 22:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-13 21:00 - 2017-11-26 22:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-13 21:00 - 2017-11-26 22:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-13 21:00 - 2017-11-26 21:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-13 21:00 - 2017-11-26 21:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-13 21:00 - 2017-11-26 21:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-13 21:00 - 2017-11-26 21:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-13 21:00 - 2017-11-26 21:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-13 21:00 - 2017-11-26 21:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-13 21:00 - 2017-11-26 21:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-13 21:00 - 2017-11-26 21:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-13 21:00 - 2017-11-26 21:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-13 21:00 - 2017-11-26 21:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-13 21:00 - 2017-11-26 21:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-13 21:00 - 2017-11-26 21:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-13 21:00 - 2017-11-26 21:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-13 21:00 - 2017-11-26 21:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-13 21:00 - 2017-11-26 21:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-13 21:00 - 2017-11-26 21:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-13 21:00 - 2017-11-26 21:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-13 21:00 - 2017-11-26 21:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-13 21:00 - 2017-11-26 21:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-13 21:00 - 2017-11-26 21:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-13 21:00 - 2017-11-26 21:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-13 21:00 - 2017-11-26 21:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-13 21:00 - 2017-11-26 21:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-13 21:00 - 2017-11-26 21:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-13 21:00 - 2017-11-26 21:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-13 21:00 - 2017-11-26 21:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-13 21:00 - 2017-11-26 21:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-13 21:00 - 2017-11-26 21:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-13 21:00 - 2017-11-26 21:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-13 21:00 - 2017-11-26 21:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-12 10:27 - 2017-12-12 10:28 - 086766386 _____ C:\Users\Des Callaghan\Desktop\Guitar power chords.mp4
2017-12-08 19:56 - 2017-12-08 19:57 - 000000000 ____D C:\Users\Des Callaghan\Documents\Laptop rcpts etc
2017-12-08 19:47 - 2017-12-08 19:48 - 000000000 ____D C:\Users\Des Callaghan\Documents\Product info
2017-12-08 19:46 - 2017-12-08 19:47 - 000000000 ____D C:\Users\Des Callaghan\Documents\Appliance manuals
2017-12-08 19:31 - 2017-12-20 08:48 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Christmas trip 2017
2017-12-08 13:12 - 2017-12-08 13:12 - 002116288 _____ C:\Users\Des Callaghan\Desktop\ChristmasandAdventDevotionals2017.pdf
2017-12-05 15:49 - 2017-12-05 16:00 - 000000000 ____D C:\Users\Des Callaghan\Documents\Taxi card info
2017-12-03 23:44 - 2017-12-03 23:44 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-31 10:54 - 2017-10-31 20:16 - 000003028 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-31 10:41 - 2017-09-29 19:45 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2017-12-31 10:15 - 2016-12-29 17:54 - 000000000 ____D C:\Users\Des Callaghan\AppData\LocalLow\Mozilla
2017-12-30 19:48 - 2017-10-31 19:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-30 15:08 - 2017-10-11 13:02 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-30 15:08 - 2016-12-29 20:54 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-30 14:56 - 2017-11-08 11:33 - 000000000 ____D C:\Users\Des Callaghan\AppData\Roaming\FVD Downloader Module
2017-12-30 14:49 - 2017-01-08 22:33 - 000000000 ___RD C:\Users\Des Callaghan\Desktop\Contains unused desktop shortcuts
2017-12-30 14:25 - 2017-01-04 16:36 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-30 14:21 - 2016-12-29 18:19 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-12-30 14:21 - 2016-12-29 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-12-30 14:21 - 2016-12-29 17:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-30 08:44 - 2017-01-08 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata
2017-12-30 08:44 - 2016-10-28 06:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-12-30 07:25 - 2017-10-31 20:16 - 000002272 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task
2017-12-30 07:19 - 2017-10-31 20:16 - 000003236 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-30 07:19 - 2017-10-31 20:16 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-30 07:19 - 2017-10-31 20:16 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-30 07:19 - 2017-10-31 20:16 - 000002468 _____ C:\WINDOWS\System32\Tasks\App Explorer
2017-12-30 07:18 - 2017-10-31 20:16 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-12-30 07:17 - 2017-10-31 20:16 - 000002916 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1291720134-1892629821-116790201-1001
2017-12-30 02:01 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-29 19:02 - 2017-10-31 17:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-29 19:02 - 2017-09-30 00:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-29 19:02 - 2017-09-29 19:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 19:02 - 2017-06-20 08:57 - 000000000 ____D C:\Intel
2017-12-29 19:02 - 2016-10-28 06:19 - 000000000 ____D C:\ProgramData\Temp
2017-12-29 18:48 - 2017-06-19 19:58 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-12-29 18:48 - 2017-01-08 22:20 - 000000000 ____D C:\Users\Des Callaghan\AppData\Local\AvgSetupLog
2017-12-29 18:47 - 2017-01-08 17:56 - 000000000 ____D C:\ProgramData\TuneUp Software
2017-12-29 18:25 - 2017-06-19 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-12-29 18:23 - 2017-06-19 19:55 - 000000000 ____D C:\Program Files (x86)\AVG
2017-12-29 18:21 - 2017-06-19 19:52 - 000000000 ____D C:\ProgramData\Avg
2017-12-29 18:15 - 2017-01-08 20:54 - 000000000 ____D C:\Users\Des Callaghan\Documents\C Cleaner deleted registry enrties backup
2017-12-29 18:14 - 2017-11-09 15:37 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-12-29 18:14 - 2016-12-29 22:19 - 000000000 ____D C:\Program Files\CCleaner
2017-12-29 17:37 - 2017-01-08 23:10 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-12-29 17:35 - 2017-10-31 20:11 - 000976298 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 17:32 - 2016-12-30 08:52 - 000198328 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-12-29 17:27 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-29 17:27 - 2016-12-29 17:29 - 000000000 __SHD C:\Users\Des Callaghan\IntelGraphicsProfiles
2017-12-29 17:26 - 2017-10-31 20:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 17:25 - 2017-09-29 19:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-29 17:25 - 2016-12-29 19:34 - 000044646 _____ C:\bdlog.txt
2017-12-29 17:10 - 2016-12-29 17:28 - 000000000 ____D C:\Users\Des Callaghan\AppData\Local\Host App Service
2017-12-29 09:57 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-27 19:39 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-26 20:04 - 2017-01-08 21:04 - 000000000 ____D C:\Users\Des Callaghan\Documents\Outlook Files
2017-12-26 19:48 - 2017-09-30 00:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-26 19:47 - 2017-09-30 00:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-26 19:46 - 2016-10-28 06:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-12-17 18:18 - 2017-09-30 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-15 09:57 - 2017-09-08 13:05 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Christian stuff
2017-12-15 09:48 - 2017-10-31 20:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-15 09:48 - 2016-12-30 20:54 - 000000000 ____D C:\Users\Des Callaghan\AppData\Local\Adobe
2017-12-15 09:47 - 2017-01-04 11:29 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-15 08:44 - 2017-10-31 19:52 - 000000000 ____D C:\Users\Des Callaghan\AppData\Local\Packages
2017-12-14 14:24 - 2017-11-11 09:08 - 000000000 ____D C:\Users\Des Callaghan\Desktop\GVVC Monthly News
2017-12-13 22:05 - 2016-10-28 06:15 - 000000000 ____D C:\ProgramData\McAfee
2017-12-13 21:37 - 2017-01-08 18:17 - 000000000 ___RD C:\Users\Des Callaghan\3D Objects
2017-12-13 21:37 - 2015-11-04 06:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-13 21:34 - 2017-10-31 19:40 - 000382824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-13 21:26 - 2017-09-30 00:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-13 21:26 - 2017-09-29 19:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-13 21:25 - 2017-09-30 00:46 - 000000000 ____D C:\PerfLogs
2017-12-13 21:25 - 2017-07-14 21:16 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-13 21:10 - 2016-12-29 20:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-13 21:04 - 2017-09-30 00:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-13 21:04 - 2017-09-30 00:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-13 21:04 - 2017-09-30 00:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-13 21:04 - 2017-09-30 00:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-13 21:03 - 2017-01-16 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2017-12-13 20:49 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-13 20:49 - 2017-09-30 00:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-08 20:00 - 2017-01-08 20:54 - 000000000 ____D C:\Users\Des Callaghan\Documents\33 Leith Street Newborough
2017-12-08 19:56 - 2017-06-29 08:28 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Instruction manuals various
2017-12-08 19:55 - 2017-11-09 15:47 - 000000000 ____D C:\Users\Des Callaghan\Documents\x old laptop
2017-12-08 19:43 - 2017-01-08 20:54 - 000000000 ____D C:\Users\Des Callaghan\Documents\Adoption
2017-12-08 19:40 - 2017-01-08 22:45 - 000000000 ____D C:\Users\Des Callaghan\Documents\Mum stuff
2017-12-08 19:39 - 2017-01-08 21:04 - 000000000 ____D C:\Users\Des Callaghan\Documents\Roma QBE etc
2017-12-08 19:38 - 2017-09-17 00:17 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Movies and Music
2017-12-08 19:35 - 2017-11-11 09:16 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Cars and Vans Info
2017-12-04 09:38 - 2017-09-30 00:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-04 09:38 - 2017-09-30 00:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-01 09:22 - 2017-01-08 22:33 - 000000000 ____D C:\Users\Des Callaghan\Desktop\Bank receipts
==================== Files in the root of some directories =======
2014-11-14 17:08 - 2017-04-04 16:35 - 000000169 _____ () C:\Users\Des Callaghan\AppData\Roaming\Opusbext.dat
2014-09-02 10:25 - 2014-09-02 10:25 - 000000042 _____ () C:\Users\Des Callaghan\AppData\Roaming\WB.CFG
2014-03-02 14:28 - 2016-05-09 14:43 - 000003584 _____ () C:\Users\Des Callaghan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-15 12:17 - 2015-03-15 12:17 - 000004096 ____H () C:\Users\Des Callaghan\AppData\Local\keyfile3.drm
2015-05-19 21:50 - 2015-05-19 21:50 - 000007605 _____ () C:\Users\Des Callaghan\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-27 11:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2017
Ran by Des Callaghan (31-12-2017 11:32:45)
Running from C:\Users\Des Callaghan\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-10-31 09:27:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1291720134-1892629821-116790201-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1291720134-1892629821-116790201-503 - Limited - Disabled)
Des Callaghan (S-1-5-21-1291720134-1892629821-116790201-1001 - Administrator - Enabled) => C:\Users\Des Callaghan
Guest (S-1-5-21-1291720134-1892629821-116790201-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1291720134-1892629821-116790201-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.64 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{B9218A36-7AD3-4046-8D77-31F51DC0D795}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\{82B9AF2D-4254-428A-9D1E-7714BA91A4B0}) (Version: 16.76.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.76.3.18604 - AVG Technologies)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 19.7.0.632 - AVG Technologies)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.22.1050 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender)
calibre 64bit (HKLM\...\{B74D8371-98D2-42AD-9D94-3531FF4EA328}) (Version: 2.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
CCSDK Customer Engagement Service (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.3.0.3 - Lenovo)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
DocuPrint M205 f_fw (HKLM-x32\...\{5004C480-8C2B-4DB4-A524-9E721401DD54}) (Version: 1.014.00 - Fuji Xerox) Hidden
DocuPrint M205 f_fw (HKLM-x32\...\{EC8B1F0F-BF1B-461C-8155-50CD0FE574AF}) (Version: 1.008.00 - Fuji Xerox) Hidden
DocuPrint M205 f_fw (HKLM-x32\...\InstallShield_{5004C480-8C2B-4DB4-A524-9E721401DD54}) (Version: 1.014.00 - Fuji Xerox)
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
Elevated Installer (HKLM-x32\...\{B85F70BE-A5A3-48A2-A790-AF6001F026E0}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Eraser 6.1.0.2946 (HKLM\...\{2901EEAA-C6CE-41B2-BC10-5DA62102A820}) (Version: 6.1.2946 - The Eraser Project)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
FVD Downloader Module (HKLM-x32\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
Garmin Express (HKLM-x32\...\{5b328687-2baf-4fb6-b6c7-c49fb4840cba}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{5F4164CE-621E-4AFD-BBFE-1BBE2299710E}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{4E9533AB-7743-4B73-A5D2-42207E159E11}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4471 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Laplink PCmover Professional (HKLM-x32\...\{E9D6312A-7207-403F-B0B4-E3732BE62937}) (Version: 10.01.648 - Laplink Software, Inc.)
Legacy 9.0 (HKLM-x32\...\Legacy 9.0) (Version: 9.0 - Millennia Corporation)
Lenovo App Explorer (HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\Host App Service) (Version: 0.273.2.501 - SweetLabs for Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
MailWasherPro (HKLM-x32\...\{C57FE6A8-FB54-4270-9A18-D8C058EB5F6F}) (Version: 7.8.10 - Firetrust)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8730.2127 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.3 (x64 en-US)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.5.0 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.5.0 (x86 en-US)) (Version: 52.5.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
NavDesk 7.50 (HKLM-x32\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.50) (Version: 7.50.0112.135 - Navman Technology NZ Limited)
NVIDIA 3D Vision Driver 382.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.64 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.64 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
Reader for PC (HKLM-x32\...\{38FB32F7-5A2A-40E4-B106-4C35F75725CD}) (Version: 2.4.00.05230 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
ScannerDriver (HKLM\...\{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation) Hidden
Screenshot Captor 4.9.3 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Stray Souls Dollhouse Story Collector's Edition (HKLM-x32\...\Stray Souls Dollhouse Story Collector's Edition_is1) (Version: - Focus Multimedia Ltd)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.221 - TuneUp Software) Hidden
Unity Web Player (HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{90C3D9C7-2F83-4399-8E28-A00228CFFDF8}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\HostAppService_322460fb8f47d8cb14cd883b17b5e0dd233a7768) (Version: v1.0.1 - YouTube)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-22] (Cyberlink)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2013-07-30] (The Eraser Project)
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-22] (Cyberlink)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2013-07-30] (The Eraser Project)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2013-07-30] (The Eraser Project)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2013-07-30] (The Eraser Project)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cac487d7a695d2e9\igfxDTCM.dll [2017-08-22] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-19] (NVIDIA Corporation)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2013-07-30] (The Eraser Project)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05BB2C38-15B3-48E2-B855-3F9F0E91792B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\033e54ca-489b-4f45-a48b-33173fd59cb5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {087BF6A1-CC37-4A67-B1AB-F1DE3B0F4F70} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-04] (NVIDIA Corporation)
Task: {1DAEB950-1DC3-440D-8302-AE91CC89FDB5} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {28B01C3B-2AA5-48D0-BDE6-D2785AF19D28} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8073da62-5757-4383-827d-94c922410b51 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {2BE4E340-53FA-4A2A-836B-F74F763CAF2F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {2E7A79E1-35A4-48B9-A1A3-5B6B27F151C3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {349133C9-47CA-4ABB-88F0-3DC9BD7BC61B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {3F0D2623-B29C-4F5A-A1B0-51F8D6635704} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-04] (NVIDIA Corporation)
Task: {42BDE187-A75F-42FB-B3FA-E29023105FB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)
Task: {4849C687-6BB5-498D-8084-975EACB380A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-28] (AVAST Software)
Task: {55BB7FF5-FEA9-499E-9FB5-D7C75AB08FF8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\251b49e6-c905-4b56-b705-014ea55164d6 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {66EA4E98-59BF-41DE-A1EC-32C68D7D32BC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {76A446D5-92FB-405C-A8C9-C0D3FC9ABFAE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2068d277-5309-4e79-b02b-29121a221241 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {830CF07F-C96E-4269-8617-9787EB427B00} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {8BCE2E20-3176-475B-9E95-79E4D092F09C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9ED20587-C9EF-44E2-BEC1-AC9033113B5F} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-09-11] (CyberLink Corp.)
Task: {9F2F321E-67FC-41DF-9AF9-536530EC28D2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-04] (NVIDIA Corporation)
Task: {A2B44316-D9B8-49F6-A111-0C426FB054D6} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-12-14] (Bitdefender)
Task: {A6C09312-4C83-4542-9DCE-355F24E42D68} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {A7C6432C-1E1A-4CF7-927A-59FF2A1CB6D5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-10-09] ()
Task: {ACCB9660-A316-4B1E-8DA3-5043F706A1F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-02] (Piriform Ltd)
Task: {AEC3F6BC-E882-41F0-9B1D-104A389EC440} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B69F65BE-8AE2-405C-9DCA-138A38E1D594} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-12-26] (Microsoft Corporation)
Task: {B7BCAE91-3047-46B1-8016-2EE26F7C4300} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {B95DE26B-D2F7-4663-830D-4FC17F042469} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-28] (Adobe Systems Incorporated)
Task: {C49EED78-15C4-430B-AAB8-4E845475037C} - System32\Tasks\Nvbackend => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {CA0FD64B-9548-4DA0-A836-3FF2D0632C36} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-26] (Microsoft Corporation)
Task: {D151B580-B2F7-4B2C-ACEB-9C46E7F40CC3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {D8A10F51-733A-4E3A-8B5A-908E109D8CC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-26] (Microsoft Corporation)
Task: {E2000AE7-E7FC-4110-AB63-E44BC9550631} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04] (NVIDIA Corporation)
Task: {E6655DF3-575C-4543-9796-9F806FA041EF} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {E969C8DF-B780-48AF-A51F-F96B5558B25F} - System32\Tasks\App Explorer => C:\Users\Des Callaghan\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-12-19] (SweetLabs, Inc) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Des Callaghan\Desktop\Contains unused desktop shortcuts\Shortcuts\YouTube.lnk -> C:\Users\Des Callaghan\AppData\Local\Host App Service\Engine\WebAppHelper.exe (SweetLabs, Inc) -> /NAME"YouTube" /APPID"322460fb8f47d8cb14cd883b17b5e0dd233a7768" /URL"hxxps://www.youtube.com/?gl=US"
ShortcutWithArgument: C:\Users\Des Callaghan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube.lnk -> C:\Users\Des Callaghan\AppData\Local\Host App Service\Engine\WebAppHelper.exe (SweetLabs, Inc) -> /NAME"YouTube" /APPID"322460fb8f47d8cb14cd883b17b5e0dd233a7768" /URL"hxxps://www.youtube.com/?gl=US"
==================== Loaded Modules (Whitelisted) ==============
2017-09-30 00:41 - 2017-09-30 00:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-08 13:49 - 2017-02-08 13:49 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-08 13:49 - 2017-02-08 13:49 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-08 13:49 - 2017-02-08 13:49 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-08 13:49 - 2017-02-08 13:49 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2011-11-18 21:02 - 2011-11-18 10:02 - 000023040 _____ () C:\WINDOWS\System32\fxhr8aLM.DLL
2012-06-20 12:21 - 2012-06-20 12:21 - 000096768 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
2016-12-29 19:41 - 2017-05-04 07:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-29 17:14 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-12-29 17:14 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-18 11:39 - 2016-07-18 11:39 - 000154816 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2017-12-13 21:00 - 2017-11-26 23:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 21:00 - 2017-11-26 23:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-12 16:26 - 2017-12-12 16:26 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-12 16:26 - 2017-12-12 16:26 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-12 16:26 - 2017-12-12 16:26 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-12 16:26 - 2017-12-12 16:26 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2012-06-20 12:21 - 2012-06-20 12:21 - 003978752 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe
2016-06-24 02:33 - 2016-06-24 02:33 - 000829632 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2017-05-17 09:55 - 2010-10-26 12:40 - 000049056 _____ () C:\Program Files\Conexant\ForteConfig\fmapp.exe
2012-06-20 12:21 - 2012-06-20 12:21 - 000248320 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
2012-06-20 12:21 - 2012-06-20 12:21 - 000229376 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
2017-11-28 20:45 - 2017-11-28 20:45 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-12-06 09:02 - 2017-12-06 09:02 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-29 17:42 - 2017-12-30 07:42 - 001707080 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2016-12-29 19:41 - 2017-05-04 07:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-11 11:38 - 2016-08-11 11:38 - 000061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll
2016-08-11 11:38 - 2016-08-11 11:38 - 006077440 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll
2016-08-11 20:03 - 2016-08-11 20:03 - 000069272 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll
2016-08-11 20:03 - 2016-08-11 20:03 - 000279704 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll
2016-08-04 20:24 - 2016-08-04 20:24 - 000324608 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll
2016-10-28 06:22 - 2014-07-04 15:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-05 06:35 - 2014-07-05 06:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2014-05-23 20:13 - 2014-05-23 20:13 - 000880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2014-04-25 23:27 - 2014-04-25 23:27 - 000798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-05-23 20:15 - 2014-05-23 20:15 - 000178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2017-12-29 18:23 - 2017-12-29 18:22 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\0008-64bit_Win7_Win8_Win81_Win10_R281.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\AVG_Performance_1683.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\AVG_Protection_Free_1606.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\bitdefender_windows_c1b48730-5fd1-4d1a-8a4c-eb003de49f63.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\ccsetup530.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\ConvertHelperSetup-3.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\DriverSupport.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\Firefox Setup Stub 53.0.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\iTunes64Setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\OKW3C03Z154.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\OKW3D04O103_40164.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\pcmover_en.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\pcmover_transfer_report.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\RevoUninProSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\Setup.X86.en-US_O365HomePremRetail_06041e61-71a2-40c8-ad76-a2c0dde6686d_TX_SG_.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\SharePointDesigner.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\Thunderbird Setup 52.2.0.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\torbrowser-install-7.0.2_en-US.exe:BDU [0]
AlternateDataStreams: C:\Users\Des Callaghan\Downloads\Windows-KB890830-x64-V5.44.exe:BDU [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 18:24 - 2017-12-31 10:41 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Des Callaghan\Pictures\camera 2016 2017\IMG_0032.JPG
DNS Servers: 77.234.40.79 - 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Launcher205f"
HKLM\...\StartupApproved\Run32: => "M205f RUN"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "StatusAutoRunm205f"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\StartupFolder: => "FacebookGamesNotifier.exe.lnk"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-1291720134-1892629821-116790201-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AA741153-A4D0-441E-BD79-97E3B3BAFAFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4A074528-7EF6-4EC3-9BAF-7920405173FC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E04918D3-D757-46FE-AAA6-1401445B60EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EED5B1F7-4F50-4370-A124-B32758AB555A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4D961565-0111-4626-B674-8D4FDD2E0514}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2DDB7C41-52C7-48B0-98B7-3236EE02E15B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DD4B732F-C344-40A1-A263-7B2FCC95B517}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A634D133-A740-445B-B39F-DF607B226873}] => (Allow) C:\Program Files (x86)\Laplink\PCmover\pcmover.exe
FirewallRules: [{98294A9C-7D7F-412C-BC3A-D078F9518244}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{CEEAA601-7F3A-4CF0-9DAE-68E001C63113}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{68190D22-CADF-4068-845F-5FF5AD26AFA3}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{1EFBBA64-9955-44D7-A58A-83917C9E4D0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FA29EF6D-2F81-47A9-8571-F11D9DA0FF3E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
30-12-2017 14:13:54 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/31/2017 09:59:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: seccenter.exe, version: 22.0.17.205, time stamp: 0x5a2ea1ca
Faulting module name: sciter.dll, version: 4.0.0.7, time stamp: 0x599c0c16
Exception code: 0xc0000005
Fault offset: 0x000000000018d8fb
Faulting process id: 0x140c
Faulting application start time: 0x01d381c09435eabd
Faulting application path: C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe
Faulting module path: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Report Id: 8191dae5-6816-4f36-a3aa-4287f3d6e53f
Faulting package full name:
Faulting package-relative application ID:
Error: (12/31/2017 09:18:17 AM) (Source: MsiInstaller) (EventID: 1023) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer - Update 'Update for Microsoft Office 2010 (KB4011188) 32-Bit Edition' could not be installed. Error code 1603. Additional information is available in the log file C:\Users\DESCAL~1\AppData\Local\Temp\MSIe3e48.LOG.
Error: (12/31/2017 09:18:17 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer -- Microsoft PowerPoint Viewer cannot be installed because there are 64-bit Office products installed. Uninstall the following 64-bit products and run this setup again to install the Microsoft PowerPoint Viewer:
Microsoft Office SharePoint Designer 2010
Error: (12/31/2017 09:18:16 AM) (Source: MsiInstaller) (EventID: 1023) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer - Update 'Security Update for Microsoft Office 2010 (KB4011055) 32-Bit Edition' could not be installed. Error code 1603. Additional information is available in the log file C:\Users\DESCAL~1\AppData\Local\Temp\MSIe3e47.LOG.
Error: (12/31/2017 09:18:16 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer -- Microsoft PowerPoint Viewer cannot be installed because there are 64-bit Office products installed. Uninstall the following 64-bit products and run this setup again to install the Microsoft PowerPoint Viewer:
Microsoft Office SharePoint Designer 2010
Error: (12/31/2017 09:18:15 AM) (Source: MsiInstaller) (EventID: 1023) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer - Update 'Security Update for Microsoft Office 2010 (KB3213631) 32-Bit Edition' could not be installed. Error code 1603. Additional information is available in the log file C:\Users\DESCAL~1\AppData\Local\Temp\MSIe3e46.LOG.
Error: (12/31/2017 09:18:15 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer -- Microsoft PowerPoint Viewer cannot be installed because there are 64-bit Office products installed. Uninstall the following 64-bit products and run this setup again to install the Microsoft PowerPoint Viewer:
Microsoft Office SharePoint Designer 2010
Error: (12/31/2017 09:18:13 AM) (Source: MsiInstaller) (EventID: 1023) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer - Update 'Security Update for Microsoft PowerPoint Viewer 2010 (KB3128030) 32-Bit Edition' could not be installed. Error code 1603. Additional information is available in the log file C:\Users\DESCAL~1\AppData\Local\Temp\MSIe3e45.LOG.
Error: (12/31/2017 09:18:13 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-MPCB59VU)
Description: Product: Microsoft PowerPoint Viewer -- Microsoft PowerPoint Viewer cannot be installed because there are 64-bit Office products installed. Uninstall the following 64-bit products and run this setup again to install the Microsoft PowerPoint Viewer:
Microsoft Office SharePoint Designer 2010
Error: (12/31/2017 08:45:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: seccenter.exe, version: 22.0.17.205, time stamp: 0x5a2ea1ca
Faulting module name: sciter.dll, version: 4.0.0.7, time stamp: 0x599c0c16
Exception code: 0xc0000005
Fault offset: 0x000000000018d8fb
Faulting process id: 0x33b0
Faulting application start time: 0x01d381b72cad68c2
Faulting application path: C:\Program Files\Bitdefender\Bitdefender 2017\seccenter.exe
Faulting module path: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Report Id: 4203e499-0b6e-4cab-b05a-609aa259b597
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (12/31/2017 09:18:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB4011188) 32-Bit Edition.
Error: (12/31/2017 09:18:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB4011055) 32-Bit Edition.
Error: (12/31/2017 09:18:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB3213631) 32-Bit Edition.
Error: (12/31/2017 09:18:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft PowerPoint Viewer 2010 (KB3128030) 32-Bit Edition.
Error: (12/31/2017 08:46:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/31/2017 08:44:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/30/2017 04:40:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB4011188) 32-Bit Edition.
Error: (12/30/2017 08:59:05 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (12/30/2017 03:52:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2017 05:41:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-12-29 17:26:43.838
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-29 17:09:59.810
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-28 09:40:42.692
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-15 09:07:55.102
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-14 10:11:38.879
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-13 22:16:30.725
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-13 21:37:19.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-13 21:16:39.515
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 17:40:12.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-09 21:34:58.058
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 49%
Total physical RAM: 8092.13 MB
Available physical RAM: 4121.25 MB
Total Virtual: 9372.13 MB
Available Virtual: 3774.56 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:889.9 GB) (Free:651.69 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.17 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ED70EB4F)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by fastenough4me, 30 December 2017 - 06:44 PM.