Firefox Keeps Re-enabling Bing

Here you go. All three.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by XXX (10-01-2018 18:41:29)
Running from C:\Users\XXX\Downloads
Windows 10 Home Version 1709 16299.192 (X64) (2017-12-01 02:20:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3405600673-1413478055-2133006793-500 - Administrator - Disabled)
XXX (S-1-5-21-3405600673-1413478055-2133006793-1001 - Administrator - Enabled) => C:\Users\XXX
DefaultAccount (S-1-5-21-3405600673-1413478055-2133006793-503 - Limited - Disabled)
Guest (S-1-5-21-3405600673-1413478055-2133006793-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3405600673-1413478055-2133006793-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3405600673-1413478055-2133006793-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
AMD Catalyst Install Manager (HKLM\...\{CE8066BF-3EF7-35D4-0CC8-45DC93B20C87}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Browser Cleanup (HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
AVG (HKLM\...\{BE1A8A5D-8197-48D3-8A41-4360888B7306}) (Version: 1.231.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.720 - Broadcom Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Corel PaintShop Pro X9 (HKLM-x32\...\_{998717E5-1031-4D28-A143-48ADAF062E5F}) (Version: 19.0.0.96 - Corel Corporation)
Corel PaintShop Pro X9 (HKLM-x32\...\{93EE564E-9DA1-4655-8A90-4E816019B409}) (Version: 19.0.0.96 - Corel Corporation) Hidden
Corel Update Manager (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.4.245 - Corel corporation) Hidden
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6307 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4614 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4614 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Hekasoft Backup & Restore 0.70 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.70 - Hekasoft)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
HP ENVY 4520 series Help (HKLM-x32\...\{201E58BD-2A1D-4C4D-BD6F-ADA7669FE3AE}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{76272057-98E0-4DC4-AAC3-10C546C47195}) (Version: 14.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.8.47.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
ICA (HKLM-x32\...\{998717E5-1031-4D28-A143-48ADAF062E5F}) (Version: 19.0.0.96 - Corel Corporation) Hidden
IPM_PSP_COM (HKLM-x32\...\{9A86C6EE-2CCC-4A51-BCC8-AAF97C2F4615}) (Version: 19.0.0.96 - Corel Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4989.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Collector (HKLM-x32\...\{8EC6EBB4-D899-4C6B-BA17-C21B78988F23}_is1) (Version: - Collectorz.com)
Mozilla Firefox 57.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 en-US)) (Version: 52.5.2 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4989.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4989.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4989.1000 - Microsoft Corporation) Hidden
PSPPContent (HKLM-x32\...\{91773E30-F29C-4381-854A-95281DEB8DA1}) (Version: 19.0.0.96 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{9F087D85-EDDC-4DC4-B665-AFDD3734D987}) (Version: 19.0.0.96 - Corel Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Setup (HKLM-x32\...\{9E0054AB-F957-4177-850E-3541960DBD53}) (Version: 19.0.0.96 - Corel Corporation) Hidden
Subtitle Edit 3.5.4 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.4.0 - Nikse)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{D7D38949-8251-4F07-BC2C-AA767308010B}) (Version: 4.0.11.39 - Pegasys Inc.)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version: - )
UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 10.8.0.0 - Carifred)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{25A2CD6E-52B2-4F3C-A121-9C3F47634CAF}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{E673B8B4-6068-4AAB-8E68-2EE751D3EBA9}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [
MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [
MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [
MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-21] (AVG Technologies CZ, s.r.o.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E1914F1-3EC9-4280-A146-7FB7A61A3DFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {15659A83-3E5A-4F3E-90D8-15E0FCFDBF78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {15E37F13-1CD3-4D15-9250-CE55BE7AEDB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {1C49BA25-6E1C-4746-94AF-5065F04558EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {287C18EE-C500-4BB0-86C0-EC7FCED10C88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH5741M10R => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {28A216D4-9DEF-4A56-8B2F-B29871019534} - System32\Tasks\HPCeeScheduleForXXX => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {3DC163E0-B48B-4139-9AD1-A3D614E7672C} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {43300875-EEE1-4507-8B82-B7CF991191B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {5448BEBB-610B-4F4B-8A2D-F87432EE1A4C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-18] ()
Task: {56B4D8E1-F9C9-4820-A17C-F644E3E0B3AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {777B7EC0-1BD2-4D7C-92D2-6AEFC05F40F5} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {77CDBE81-BC3E-4CB4-9AC0-A1209281359D} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {7A4E467A-4071-47A7-820B-E175EC05A80F} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {7D808A99-C14E-4EF4-8C42-F29BF7A0E78E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {83B89EC4-5F9C-4215-BDB6-E98395B4FC2F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-05] (AVG Technologies CZ, s.r.o.)
Task: {864CA55E-B33D-4707-8EAB-5D106F6DC285} - System32\Tasks\avast! BCU UpdateS-1-5-21-3405600673-1413478055-2133006793-1001 => C:\Users\XXX\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {9A8036F2-CB61-42B6-8FD9-A221A78AB9FC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-20] (Dropbox, Inc.)
Task: {AA482D8D-FE6F-4A9E-9E43-F1772E9F9962} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-12-21] (AVG Technologies CZ, s.r.o.)
Task: {B286ADC5-C72F-4AF4-90D5-74DC0B172406} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-20] (Dropbox, Inc.)
Task: {B75F819D-19BD-42CB-AB51-A2EEC2033499} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
Task: {B7C54D72-4A6E-44D0-8A35-E1FB1254F3B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-10-20] (Microsoft Corporation)
Task: {C2DE66E7-C868-4CF2-A9B9-C57C00FEF6D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-10-20] (Microsoft Corporation)
Task: {D7B7D363-7509-4EF1-A91D-40BB28CE1191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {E1A2B3F7-2088-47FB-BBF1-1482EB5DD104} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3405600673-1413478055-2133006793-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2017-11-23] (Mega Limited)
Task: {E29280C9-400B-4C5A-B3BB-EDAFB40242A2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {FC10A3C6-A907-4242-9B90-85202656FB82} - System32\Tasks\avastBCLS-1-5-21-3405600673-1413478055-2133006793-1001 => C:\Users\XXX\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2018-01-10] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForXXX.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping (2).lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TripAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=TripAdvisor_W10_taskbar&tp=Taskbar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-20 09:54 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-05-14 01:11 - 2014-04-14 17:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-10-18 13:51 - 2017-10-18 13:51 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-02 23:26 - 2018-01-02 23:26 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-02 23:26 - 2018-01-02 23:26 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-02 23:26 - 2018-01-02 23:26 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-02 23:26 - 2018-01-02 23:26 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-22 00:02 - 2017-12-22 00:02 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-12-22 00:02 - 2017-12-22 00:02 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-20 07:41 - 2017-10-20 07:41 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-22 00:02 - 2017-12-22 00:02 - 010137600 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2015-07-10 17:05 - 2015-07-10 17:05 - 000630792 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\JobCapsA.DLL
2017-10-20 07:45 - 2017-10-20 07:45 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-12-07 08:58 - 2017-12-07 08:58 - 000102088 _____ () C:\Users\XXX\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2017-09-10 12:51 - 2017-09-10 12:51 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2017-12-21 18:18 - 2017-12-21 18:18 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-12-21 18:18 - 2017-12-21 18:18 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2017-12-21 18:18 - 2017-12-21 18:18 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll
2017-10-20 07:52 - 2017-10-20 07:52 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-12-21 18:18 - 2017-12-21 18:18 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-29 23:24 - 2015-10-29 23:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\DefaultUser\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX\Downloads\16411.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87FAA970-7931-407F-A0C1-7B59E6676016}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F5020E4D-2812-42C9-B477-8553C5D2D76B}] => (Allow) LPort=5357
FirewallRules: [{50EC0D9B-8678-4979-9EFB-6A05CCD1F824}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{624CF858-5566-47FB-8899-4A03C0234211}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{66974136-DB73-4913-8ADF-65133E0E6DA8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{5A9DDA8B-C58B-4605-B15E-B7BFD77BA121}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0C02AA80-6DA5-4A78-B8DC-0C153E0CC2DD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{44F1F518-C9AE-46EB-B2CD-DABB66A4FBF3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{9A628035-3C4D-44FA-AAC7-A267A9FFB1CE}] => (Allow) C:\Users\XXX\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{075A352D-6338-4764-93C5-236FA0A46AFB}] => (Allow) C:\Users\XXX\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F1787D85-4456-4229-B9E7-74C2C03F5718}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A2CBFFA-B67C-4DFB-9A3D-B6E65D94FB8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{166FA289-5399-440C-8AA1-7588E0C6DBE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5952CB1-0232-498A-B3D7-0AFEBFF93069}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC84BE2B-F09B-4142-8A50-466C51418020}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{74E68726-8949-41E6-9F94-7BBBC697ECBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6C82206-3B03-439D-8C79-6ABC157A7475}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{A0857230-C052-46E9-A567-55305B2A92CE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{1B4CA2DC-922A-4F35-BC2C-2BD9F27DF6B2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{794DB14C-B4FD-4ED7-830A-3321EF9461EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{6614B1A0-E5CE-483F-9205-A64E7D10516E}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe
FirewallRules: [{2C1134E7-2CC1-434A-94CD-FAD6177BB1DF}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe
FirewallRules: [{5D1D81A2-CCE3-4883-B5BE-1A5D355F1E92}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe

==================== Restore Points =========================

28-12-2017 08:06:12 Scheduled Checkpoint
05-01-2018 14:15:48 Windows Update
09-01-2018 13:15:08 Windows Update
09-01-2018 13:16:05 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2018 06:39:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 2.1.2018.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1238

Start Time: 01d38a852e73560b

Termination Time: 4294967295

Application Path: C:\Users\XXX\Downloads\FRST64.exe

Report Id: 85e88ff0-044b-43c9-bd53-7517107df1be

Faulting package full name:

Faulting package-relative application ID:

Error: (01/10/2018 02:30:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (01/10/2018 02:19:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (01/10/2018 02:18:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest.

Error: (01/09/2018 09:25:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest.

Error: (01/09/2018 03:41:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "aspnet_state" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (01/09/2018 03:41:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ASP.NET_4.0.30319" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (01/09/2018 03:41:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ASP.NET" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (01/09/2018 01:19:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (01/09/2018 01:18:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest.


System errors:
=============
Error: (01/09/2018 01:11:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

Error: (01/09/2018 01:11:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/09/2018 01:11:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/07/2018 03:21:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/07/2018 03:21:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/07/2018 03:21:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:52:05 PM on ‎1/‎7/‎2018 was unexpected.

Error: (01/06/2018 12:13:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/06/2018 12:13:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/05/2018 08:11:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
This operation returned because the timeout period expired.

Error: (01/02/2018 10:34:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
Date: 2018-01-10 18:29:33.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 18:29:33.895
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 18:29:28.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 18:29:28.206
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 18:24:20.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 18:24:20.444
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 17:59:27.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 17:59:27.211
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 17:47:57.374
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-01-10 17:47:57.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 41%
Total physical RAM: 7864.14 MB
Available physical RAM: 4639.11 MB
Total Virtual: 9080.14 MB
Available Virtual: 5452.31 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:911.55 GB) (Free:564.5 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.52 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Downloads) (Fixed) (Total:465.72 GB) (Free:395.92 GB) NTFS
Drive j: (Downloads) (Fixed) (Total:232.42 GB) (Free:33.98 GB) NTFS
Drive k: (Data) (Fixed) (Total:233.34 GB) (Free:124.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 45CBD880)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3127786)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: CBE51F09)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by XXX (administrator) on XXX-PC (10-01-2018 18:39:51)
Running from C:\Users\XXX\Downloads
Loaded Profiles: XXX (Available Profiles: XXX)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AVAST Software) C:\Users\XXX\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe.1515614567718
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [295512 2017-12-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-03-24] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-19] (Western Digital Technologies, Inc.)
HKU\DefaultUser\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.)
HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [36864 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-12-21]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{652e6946-f10d-477f-a6f8-5335a3f66975}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3405600673-1413478055-2133006793-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D102017-A915F698E57&form=CONMHP&conlogo=CT3335818
SearchScopes: HKU\S-1-5-21-3405600673-1413478055-2133006793-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102017-A915F698E57&form=CONBDF&conlogo=CT3335818&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-10-20] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-10-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: axv9nn4c.default
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\axv9nn4c.default [2018-01-10]
FF Homepage: Mozilla\Firefox\Profiles\axv9nn4c.default -> hxxps://www.google.com/?bcutc=sp-004-752
FF NewTab: Mozilla\Firefox\Profiles\axv9nn4c.default -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\axv9nn4c.default -> type", 0
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\axv9nn4c.default\features\{60481c66-7be6-4951-84ec-7c861dc575e7}\disable-js-shared-memory@mozilla.org.xpi [2018-01-09] [Legacy]
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\axv9nn4c.default\searchplugins\google-avast.xml [2018-01-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2018-01-07] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2018-01-07] <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [301720 2017-12-21] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7589200 2017-12-21] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-08-05] (Broadcom Corporation.)
R2 bgsvcgen; C:\WINDOWS\SysWOW64\bgsvcgen.exe [139264 2017-10-20] (SOURCENEXT) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-20] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-21] (HP Inc.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-29] (Realtek Semiconductor)
R2 tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [60432 2015-08-31] (Advanced Micro Devices, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-08-31] (Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-25] (Advanced Micro Devices)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [177536 2017-12-21] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2017-12-21] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [315152 2017-12-21] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193096 2017-12-21] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337408 2017-12-21] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2017-12-21] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2017-12-21] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139112 2018-01-10] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2017-12-21] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2017-12-21] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1017624 2017-12-21] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [450360 2018-01-10] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196904 2017-12-21] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [351128 2017-12-21] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-08-05] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794376 2017-07-13] (Broadcom Corp)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [38944 2017-10-20] (B.H.A Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-06-02] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(ë�°ë¸Œêµ¬ë£¨ | ë�°ë¸Œêµ¬ë£¨ì—� 오ì‹*것ì�„ 환ì˜�합니다.))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(ë�°ë¸Œêµ¬ë£¨ | ë�°ë¸Œêµ¬ë£¨ì—� 오ì‹*것ì�„ 환ì˜�합니다.))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(ë�°ë¸Œêµ¬ë£¨ | ë�°ë¸Œêµ¬ë£¨ì—� 오ì‹*것ì�„ 환ì˜�합니다.))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(ë�°ë¸Œêµ¬ë£¨ | ë�°ë¸Œêµ¬ë£¨ì—� 오ì‹*것ì�„ 환ì˜�합니다.))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-10 18:38 - 2018-01-10 18:40 - 000016341 _____ C:\Users\XXX\Downloads\FRST.txt
2018-01-10 18:37 - 2018-01-10 18:38 - 000000000 ____D C:\FRST
2018-01-10 18:37 - 2018-01-10 18:37 - 002393088 _____ (Farbar) C:\Users\XXX\Downloads\FRST64.exe
2018-01-10 15:49 - 2018-01-10 15:49 - 001083838 _____ C:\Users\XXX\Documents\Ultra Virus Killer log.txt
2018-01-10 15:39 - 2018-01-10 15:44 - 001084454 _____ C:\Users\Public\Desktop\Ultra Virus Killer log.txt
2018-01-10 14:18 - 2018-01-10 15:44 - 000000000 ____D C:\Program Files\UVK - Ultra Virus Killer
2018-01-10 14:18 - 2018-01-10 14:18 - 000001854 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk
2018-01-10 14:18 - 2018-01-10 14:18 - 000000000 ____D C:\ProgramData\UVK
2018-01-10 14:18 - 2018-01-10 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer
2018-01-10 14:17 - 2018-01-10 14:17 - 016540168 _____ (Carifred) C:\Users\XXX\Downloads\UVKSetup.exe
2018-01-10 12:02 - 2018-01-10 12:02 - 000004394 _____ C:\WINDOWS\System32\Tasks\avast! BCU UpdateS-1-5-21-3405600673-1413478055-2133006793-1001
2018-01-10 12:02 - 2018-01-10 12:02 - 000003520 _____ C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-3405600673-1413478055-2133006793-1001
2018-01-10 12:02 - 2018-01-10 12:02 - 000001159 _____ C:\Users\XXX\Desktop\Avast Browser Cleanup.lnk
2018-01-10 12:02 - 2018-01-10 12:02 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2018-01-10 12:02 - 2018-01-10 12:02 - 000000000 ____D C:\Users\XXX\AppData\Roaming\AVAST Software
2018-01-10 12:01 - 2018-01-10 12:01 - 004284888 _____ (AVAST Software) C:\Users\XXX\Downloads\avast-browser-cleanup-sfx.exe
2018-01-09 19:05 - 2018-01-09 19:07 - 243911333 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E10.WEB.x264-R.mp4
2018-01-09 17:48 - 2018-01-09 17:48 - 000000000 ____D C:\Users\XXX\Downloads\Firefox backup
2018-01-09 17:47 - 2018-01-09 17:47 - 003721107 _____ C:\Users\XXX\Documents\Firefox backup.zip
2018-01-09 17:46 - 2018-01-09 17:46 - 049249750 _____ C:\Users\XXX\Documents\Mozilla Firefox 2018191746.backup
2018-01-09 17:46 - 2018-01-09 17:46 - 000000948 _____ C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2018-01-09 17:46 - 2018-01-09 17:46 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Hekasoft
2018-01-09 17:46 - 2018-01-09 17:46 - 000000000 ____D C:\Users\XXX\AppData\Local\Hekasoft
2018-01-09 17:46 - 2018-01-09 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
2018-01-09 17:46 - 2018-01-09 17:46 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore
2018-01-09 17:45 - 2018-01-09 17:45 - 001448295 _____ (Hekasoft ) C:\Users\XXX\Downloads\hekasoft-backup-restore_0.70.exe
2018-01-09 13:05 - 2018-01-09 13:09 - 000002607 _____ C:\Users\XXX\Desktop\ZHPCleaner.txt
2018-01-09 12:55 - 2018-01-09 13:09 - 000000000 ____D C:\Users\XXX\AppData\Roaming\ZHP
2018-01-09 12:55 - 2018-01-09 12:55 - 000000882 _____ C:\Users\XXX\Desktop\ZHPCleaner.lnk
2018-01-09 12:55 - 2018-01-09 12:55 - 000000000 ____D C:\Users\XXX\AppData\Local\ZHP
2018-01-09 12:54 - 2018-01-09 12:54 - 003027328 _____ C:\Users\XXX\Downloads\ZHPCleaner.exe
2018-01-08 23:28 - 2018-01-08 23:29 - 380848598 _____ C:\Users\XXX\Downloads\Murdoch.Mysteries.S11E10.XviD-AFG.avi
2018-01-08 19:43 - 2018-01-08 19:44 - 359253920 _____ C:\Users\XXX\Downloads\Frankie.Drake.Mysteries.S01E07.XviD-AFG.avi
2018-01-08 19:42 - 2018-01-08 23:29 - 1030449017 _____ C:\Users\XXX\Downloads\Last.Scene.Alive.An.Aurora.Teagarden.Mystery.2018.720p.HDTV.X264.Solar.mp4
2018-01-08 19:17 - 2018-01-08 19:19 - 310494253 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 44SD [3F0CB858].mp4
2018-01-08 19:17 - 2018-01-08 19:18 - 319883741 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 17SD [96B44EBC].mp4
2018-01-07 18:11 - 2018-01-07 18:12 - 208640939 _____ C:\Users\XXX\Downloads\ghosted.s01e09.web.x264-tbs.mkv.mp4
2018-01-07 17:52 - 2018-01-07 18:10 - 210718747 _____ C:\Users\XXX\Downloads\Star.Trek.Discovery.S01E10.iNTERNAL.XviD-AFG.avi.mp4
2018-01-07 17:20 - 2018-01-07 17:27 - 473271501 _____ C:\Users\XXX\Downloads\G-m.2017.HDRip.XviD.AC3-EVO.avi.mp4
2018-01-07 13:40 - 2018-01-07 15:14 - 665024758 _____ C:\Users\XXX\Downloads\Robot.Wars.2017-2018.World.Series.E02.WEB-DL.x264-JIVE.mp4
2018-01-07 13:38 - 2018-01-07 14:50 - 286069587 _____ C:\Users\XXX\Downloads\Mysteries.at.the.Museum.S18E09.iNTERNAL.HDTV.x264-RBB.mp4
2018-01-07 13:37 - 2018-01-07 14:39 - 273570443 _____ C:\Users\XXX\Downloads\Mysteries.at.the.Museum.S18E00.Andes.Rescue.iNTERNAL.HDTV.x264-RBB.mp4
2018-01-06 14:30 - 2018-01-06 14:32 - 695472782 _____ C:\Users\XXX\Downloads\The.Grand.Tour.S02E05.WEB.h264-SKGTV[eztv].mkv
2018-01-06 14:07 - 2018-01-05 15:50 - 1603453991 _____ C:\Users\XXX\Downloads\StarshipInvasions_highTV.mp4
2018-01-05 19:15 - 2018-01-05 19:16 - 221254730 _____ C:\Users\XXX\Downloads\Marvels.Agents.of.S.H.I.E.L.D.S05E06.HDTV.x264.mp4
2018-01-05 15:35 - 2018-01-05 16:46 - 434102265 _____ C:\Users\XXX\Downloads\The.Gifted.S01E11.WEBRip.x264-RARBG.mp4
2018-01-05 15:13 - 2018-01-05 15:25 - 287881875 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E09.WEB.h264-TBS.mkv
2018-01-05 14:18 - 2018-01-01 04:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-05 14:18 - 2018-01-01 04:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-05 14:18 - 2018-01-01 03:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-05 14:18 - 2018-01-01 03:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-05 14:18 - 2018-01-01 03:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-05 14:18 - 2018-01-01 03:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-05 14:18 - 2018-01-01 03:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-05 14:18 - 2018-01-01 03:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-05 14:18 - 2018-01-01 03:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-05 14:18 - 2018-01-01 03:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-05 14:18 - 2018-01-01 03:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-05 14:18 - 2018-01-01 03:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-05 14:18 - 2018-01-01 03:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-05 14:18 - 2018-01-01 03:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-05 14:18 - 2018-01-01 03:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-05 14:18 - 2018-01-01 03:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-05 14:17 - 2018-01-01 09:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-05 14:17 - 2018-01-01 04:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-05 14:17 - 2018-01-01 04:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-05 14:17 - 2018-01-01 04:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-05 14:17 - 2018-01-01 04:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-05 14:17 - 2018-01-01 04:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-05 14:17 - 2018-01-01 04:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-05 14:17 - 2018-01-01 04:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-05 14:17 - 2018-01-01 04:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-05 14:17 - 2018-01-01 04:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-05 14:17 - 2018-01-01 04:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-05 14:17 - 2018-01-01 04:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-05 14:17 - 2018-01-01 04:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-05 14:17 - 2018-01-01 04:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-05 14:17 - 2018-01-01 04:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-05 14:17 - 2018-01-01 04:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-05 14:17 - 2018-01-01 04:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-05 14:17 - 2018-01-01 04:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-05 14:17 - 2018-01-01 04:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-05 14:17 - 2018-01-01 04:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-05 14:17 - 2018-01-01 04:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-05 14:17 - 2018-01-01 04:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-05 14:17 - 2018-01-01 04:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-05 14:17 - 2018-01-01 04:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-05 14:17 - 2018-01-01 04:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-05 14:17 - 2018-01-01 04:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-05 14:17 - 2018-01-01 04:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-05 14:17 - 2018-01-01 04:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-05 14:17 - 2018-01-01 04:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-05 14:17 - 2018-01-01 04:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-05 14:17 - 2018-01-01 04:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-05 14:17 - 2018-01-01 04:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-05 14:17 - 2018-01-01 04:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-05 14:17 - 2018-01-01 04:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-05 14:17 - 2018-01-01 04:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-05 14:17 - 2018-01-01 04:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-05 14:17 - 2018-01-01 04:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-05 14:17 - 2018-01-01 04:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-05 14:17 - 2018-01-01 04:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-05 14:17 - 2018-01-01 04:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-05 14:17 - 2018-01-01 04:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-05 14:17 - 2018-01-01 04:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-05 14:17 - 2018-01-01 04:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-05 14:17 - 2018-01-01 04:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-05 14:17 - 2018-01-01 04:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-05 14:17 - 2018-01-01 04:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-05 14:17 - 2018-01-01 04:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-05 14:17 - 2018-01-01 04:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-05 14:17 - 2018-01-01 04:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-05 14:17 - 2018-01-01 04:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-05 14:17 - 2018-01-01 04:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-05 14:17 - 2018-01-01 04:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-05 14:17 - 2018-01-01 04:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-05 14:17 - 2018-01-01 04:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-05 14:17 - 2018-01-01 04:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-05 14:17 - 2018-01-01 04:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-05 14:17 - 2018-01-01 04:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-05 14:17 - 2018-01-01 04:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-05 14:17 - 2018-01-01 04:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-05 14:17 - 2018-01-01 04:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-05 14:17 - 2018-01-01 04:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-05 14:17 - 2018-01-01 04:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-05 14:17 - 2018-01-01 04:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-05 14:17 - 2018-01-01 04:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-05 14:17 - 2018-01-01 04:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-05 14:17 - 2018-01-01 04:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-05 14:17 - 2018-01-01 04:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-05 14:17 - 2018-01-01 04:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-05 14:17 - 2018-01-01 04:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-05 14:17 - 2018-01-01 04:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-05 14:17 - 2018-01-01 04:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-05 14:17 - 2018-01-01 04:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-05 14:17 - 2018-01-01 04:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-05 14:17 - 2018-01-01 04:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-05 14:17 - 2018-01-01 04:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-05 14:17 - 2018-01-01 04:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-05 14:17 - 2018-01-01 04:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-05 14:17 - 2018-01-01 04:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-05 14:17 - 2018-01-01 04:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-05 14:17 - 2018-01-01 04:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-05 14:17 - 2018-01-01 03:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-05 14:17 - 2018-01-01 03:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-05 14:17 - 2018-01-01 03:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-05 14:17 - 2018-01-01 03:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-05 14:17 - 2018-01-01 03:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-05 14:17 - 2018-01-01 03:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-05 14:17 - 2018-01-01 03:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-05 14:17 - 2018-01-01 03:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-05 14:17 - 2018-01-01 03:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-05 14:17 - 2018-01-01 03:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-05 14:17 - 2018-01-01 03:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-05 14:17 - 2018-01-01 03:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-05 14:17 - 2018-01-01 03:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-05 14:17 - 2018-01-01 03:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-05 14:17 - 2018-01-01 03:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-05 14:17 - 2018-01-01 03:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-05 14:17 - 2018-01-01 03:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-05 14:17 - 2018-01-01 03:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-05 14:17 - 2018-01-01 03:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-05 14:17 - 2018-01-01 03:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-05 14:17 - 2018-01-01 03:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-05 14:17 - 2018-01-01 03:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-05 14:17 - 2018-01-01 03:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-05 14:17 - 2018-01-01 03:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-05 14:17 - 2018-01-01 03:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-05 14:17 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-05 14:17 - 2018-01-01 03:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-05 14:17 - 2018-01-01 03:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-05 14:17 - 2018-01-01 03:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-05 14:17 - 2018-01-01 03:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-05 14:17 - 2018-01-01 03:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-05 14:17 - 2018-01-01 03:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-05 14:17 - 2018-01-01 03:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-05 14:17 - 2018-01-01 03:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-05 14:17 - 2018-01-01 03:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-05 14:17 - 2018-01-01 03:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-05 14:17 - 2018-01-01 03:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-05 14:17 - 2018-01-01 03:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-05 14:17 - 2018-01-01 03:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-05 14:17 - 2018-01-01 03:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-05 14:17 - 2018-01-01 03:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-05 14:17 - 2018-01-01 03:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-05 14:17 - 2018-01-01 03:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-05 14:17 - 2018-01-01 03:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-05 14:17 - 2018-01-01 03:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-05 14:17 - 2018-01-01 03:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-05 14:17 - 2018-01-01 03:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-05 14:17 - 2018-01-01 03:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-05 14:17 - 2018-01-01 03:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-05 14:17 - 2018-01-01 03:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-05 14:17 - 2018-01-01 03:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-05 14:17 - 2018-01-01 03:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-05 14:17 - 2018-01-01 03:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-05 14:17 - 2018-01-01 03:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-05 14:17 - 2018-01-01 03:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-05 14:17 - 2018-01-01 03:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-05 14:16 - 2018-01-01 03:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-05 14:16 - 2018-01-01 03:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-05 14:16 - 2018-01-01 03:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-05 14:16 - 2018-01-01 03:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-05 14:16 - 2018-01-01 03:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-05 14:16 - 2018-01-01 03:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-05 14:16 - 2018-01-01 03:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-05 14:16 - 2018-01-01 03:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-05 14:16 - 2018-01-01 03:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-05 14:16 - 2018-01-01 03:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-05 14:16 - 2018-01-01 03:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-05 14:16 - 2018-01-01 03:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-05 14:16 - 2018-01-01 03:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-05 14:16 - 2018-01-01 03:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-05 14:16 - 2018-01-01 03:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-05 14:16 - 2018-01-01 03:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-05 14:16 - 2018-01-01 03:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-05 14:16 - 2018-01-01 03:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-05 14:16 - 2018-01-01 03:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-05 14:16 - 2018-01-01 03:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-05 14:16 - 2018-01-01 03:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-05 14:16 - 2018-01-01 03:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-05 14:16 - 2018-01-01 03:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-05 14:16 - 2018-01-01 03:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-05 14:16 - 2018-01-01 03:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-05 14:16 - 2018-01-01 03:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-05 14:16 - 2018-01-01 03:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-05 14:16 - 2018-01-01 03:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-05 14:16 - 2018-01-01 03:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-05 14:16 - 2018-01-01 03:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-05 14:16 - 2018-01-01 03:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-05 14:16 - 2018-01-01 03:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-05 14:16 - 2018-01-01 03:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-05 14:16 - 2018-01-01 03:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-05 14:16 - 2018-01-01 03:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-05 14:16 - 2018-01-01 03:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-04 18:41 - 2018-01-04 18:43 - 157607502 _____ C:\Users\XXX\Downloads\[EXCITE! Subs] Kamen Rider Snipe Episode Zero - 04 [480p] [F599BD6E].mp4
2018-01-04 18:38 - 2018-01-04 18:38 - 006698297 _____ C:\Users\XXX\Downloads\Sannen Kimengumi c66 [Secret Ninja Empire].zip
2018-01-04 18:36 - 2018-01-05 07:50 - 000000000 ____D C:\Users\XXX\Downloads\Video Warrior Laserion (1984) [Luurah - TSHS] episode 01-03
2018-01-04 18:32 - 2018-01-04 18:32 - 000000000 ____D C:\Users\XXX\Downloads\1-3
2018-01-04 18:28 - 2018-01-04 18:29 - 179083043 _____ C:\Users\XXX\Downloads\The.Librarians.US.S04E07.XviD-AFG.avi.mp4
2018-01-04 18:23 - 2018-01-04 18:29 - 376189140 _____ C:\Users\XXX\Downloads\lucifer.s03e11.web.x264-tbs.mkv.mp4
2018-01-01 19:31 - 2018-01-01 20:26 - 1704243297 _____ C:\Users\XXX\Downloads\The.american.scream.2012.reconvert.mp4
2018-01-01 19:11 - 2018-01-01 19:21 - 263818622 _____ C:\Users\XXX\Downloads\Marvels.runaways.s01e03.reconvert.mp4
2018-01-01 19:01 - 2018-01-01 19:11 - 256374229 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E02.Reconvert.mp4
2018-01-01 17:35 - 2018-01-01 17:45 - 315469129 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E01.Reconvert.mp4
2018-01-01 09:18 - 2018-01-01 10:34 - 382635297 _____ C:\Users\XXX\Downloads\Robot.Wars.2017-2018.World.Series.Ep01.WEB-DL.x264-JIVE.mp4
2018-01-01 00:54 - 2018-01-01 00:54 - 000000000 ____D C:\Users\XXX\Downloads\David Wong Futuristic Violence and Fancy Suits
2018-01-01 00:53 - 2018-01-01 00:53 - 000728158 _____ C:\Users\XXX\Downloads\David_Wong_-_John_Dies_at_the_End.epub
2018-01-01 00:52 - 2018-01-01 00:52 - 001219764 _____ C:\Users\XXX\Downloads\David_Wong_-_This_Book_Is_Full_of_Spiders.epub
2017-12-31 01:53 - 2017-12-31 01:53 - 000000000 ____D C:\Users\XXX\Downloads\The.American.Scream.2012.720p.WEB-DL.H264-fiend [PublicHD]
2017-12-30 12:38 - 2017-12-17 21:19 - 209027186 _____ C:\Users\XXX\Downloads\QTtS_101.avi
2017-12-30 12:06 - 2018-01-07 11:24 - 000000000 ____D C:\Users\XXX\AppData\Local\Microsoft Help
2017-12-30 11:37 - 2017-12-30 13:42 - 372130524 _____ C:\Users\XXX\Downloads\The.Grand.Tour.S02E04.WEBRip.x264-RARBG.mp4
2017-12-30 11:34 - 2017-12-30 11:35 - 140474027 _____ C:\Users\XXX\Downloads\[LUURAH]_UFO_Senshi_Dai_Apolon_25_[DA5DF4C6].mkv
2017-12-30 11:31 - 2017-12-30 11:34 - 127391477 _____ C:\Users\XXX\Downloads\[LUURAH]_UFO_Senshi_Dai_Apolon_26_[404AAD6C].mkv
2017-12-28 18:33 - 2017-12-28 05:40 - 2691282725 _____ C:\Users\XXX\Downloads\RiffTrax Presents - Ghost Rider (2007) BDRip.mkv
2017-12-27 19:30 - 2017-12-27 19:31 - 229583915 _____ C:\Users\XXX\Downloads\Amon Saga (1986)..mp4
2017-12-27 19:12 - 2017-12-24 09:10 - 606610879 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 08 end (960x540).zip
2017-12-27 19:10 - 2017-12-14 19:22 - 610575187 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 07 (960x540).zip
2017-12-27 19:08 - 2017-11-29 15:31 - 606412662 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 06 (960x540).zip
2017-12-27 19:06 - 2017-11-24 17:14 - 610693308 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 05 (960x540).zip
2017-12-27 19:03 - 2017-11-16 09:18 - 617115767 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 04 (960x540).zip
2017-12-27 19:02 - 2017-11-11 09:44 - 614541309 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 03 (960x540).zip
2017-12-27 18:58 - 2017-12-27 19:17 - 000000000 ____D C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 01 (1280x720).zip(1)
2017-12-27 18:46 - 2017-10-30 06:19 - 609286441 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 02 (960x540).zip
2017-12-27 18:35 - 2017-10-24 12:15 - 956145147 _____ C:\Users\XXX\Downloads\[Sub] Juuyou Sankounin Tantei ep 01 (1280x720).zip
2017-12-26 19:20 - 2017-12-26 19:21 - 308654847 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 16SD [F7ED17BE].mp4
2017-12-26 19:19 - 2017-12-26 19:20 - 277123241 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 43SD [B3D99134].mp4
2017-12-26 19:15 - 2017-12-26 19:18 - 218051052 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E08.XviD-AFG.avi.mp4
2017-12-25 11:08 - 2017-12-25 11:18 - 061186582 _____ C:\Users\XXX\Downloads\Doctor_Who_Magazine_-_Issue_517,_2017.pdf
2017-12-25 11:03 - 2017-12-25 11:40 - 395910892 _____ C:\Users\XXX\Downloads\doctor.who.2005.s11e00.twice.upon.a.time.christmas.special.hdtv.x264-mtb.mkv.mp4
2017-12-23 19:12 - 2017-12-23 19:21 - 1106793016 _____ C:\Users\XXX\Downloads\35590-The.Dark.Maidens.2017.720p.BluRay.x264WiKi 1_1513993883.mp4.mp4
2017-12-23 19:10 - 2017-12-23 19:11 - 258525852 _____ C:\Users\XXX\Downloads\Ultraman Geed 25.mp4
2017-12-23 15:33 - 2017-12-23 15:57 - 745982179 _____ C:\Users\XXX\Downloads\The.grand.tour.s02e03.Reconvert.mp4
2017-12-23 14:57 - 2017-12-23 15:24 - 745851626 _____ C:\Users\XXX\Downloads\The.Grand.Tour.s02e01 Reconvert.mp4
2017-12-23 13:01 - 2017-12-23 13:01 - 284049319 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 54 (232577FC).mkv
2017-12-23 13:01 - 2017-12-23 13:01 - 236349565 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 55 (569D5098).mkv
2017-12-23 13:00 - 2017-04-13 12:11 - 261865662 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 53 (FA18F0BE).mkv
2017-12-23 12:59 - 2017-04-13 12:10 - 284766607 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 52 (C1F5E9CD).mkv
2017-12-23 12:57 - 2017-12-23 12:57 - 252871086 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 51 (D88BB0E2).mkv
2017-12-23 12:55 - 2017-12-23 12:56 - 295786597 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 50 (BD53DAE9).mkv
2017-12-23 12:54 - 2017-12-23 12:54 - 286405830 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 48 (D2F87445).mkv
2017-12-23 12:53 - 2017-12-23 12:53 - 240108339 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 47 (4DA437BF).mkv
2017-12-23 12:52 - 2017-04-13 12:08 - 306990213 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 49 (7E021D89).mkv
2017-12-23 12:51 - 2017-12-23 12:51 - 283957536 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 45 (B08493BD).mkv
2017-12-23 12:51 - 2017-12-23 12:51 - 264390437 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 46 (F200A11A).mkv
2017-12-23 12:50 - 2017-12-23 12:50 - 265952334 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 44 (0B293473).mkv
2017-12-23 12:49 - 2017-04-13 12:04 - 252728090 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 43 (D2963CA3).mkv
2017-12-23 12:48 - 2017-12-23 12:48 - 239407595 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 42 (F5756BC9).mkv
2017-12-23 12:47 - 2017-04-13 12:02 - 247526469 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 41 (4CB80E2A).mkv
2017-12-23 12:46 - 2017-04-13 12:01 - 258541827 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 40 (D44DD367).mkv
2017-12-23 12:10 - 2017-12-23 12:10 - 000000000 ____D C:\Users\XXX\Downloads\Taunton's Complete Illustrated Guide to Woodworking - Using Woodworking Tools; Finishing; Sharpening
2017-12-23 12:10 - 2017-12-23 12:10 - 000000000 ____D C:\Users\XXX\Downloads\Homemade Workshop - Build Your Own Woodworking Machines and Jigs
2017-12-23 12:10 - 2017-12-23 12:10 - 000000000 ____D C:\Users\XXX\Downloads\Fine Woodworking Tables and Chairs by Editors of Fine Woodworking
2017-12-23 12:09 - 2017-12-23 12:10 - 000000000 ____D C:\Users\XXX\Downloads\Woodworking Crafts Issue 35 January 2018 - True PDF - 6383 [ECLiPSE]
2017-12-23 11:57 - 2017-12-23 11:57 - 000000000 ____D C:\Users\XXX\Downloads\The.Grand.Tour.S02E01.WEB.H264-STRiFE[ettv]
2017-12-23 11:28 - 2017-12-23 14:46 - 757297177 _____ C:\Users\XXX\Downloads\the.grand.tour.s02e03.web.h264-skgtv.mkv
2017-12-22 14:38 - 2017-12-22 15:56 - 2012835764 _____ C:\Users\XXX\Downloads\Batman v Superman Rifftrax Reconvert.mp4
2017-12-21 18:18 - 2017-12-21 18:18 - 000366800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-12-21 18:16 - 2017-12-20 20:17 - 2379746927 _____ C:\Users\XXX\Downloads\BatSuper.Three.Tracks.mkv
2017-12-21 18:11 - 2017-12-21 18:11 - 000000806 _____ C:\Users\Public\Desktop\MEGAsync.lnk
2017-12-21 18:11 - 2017-12-21 18:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2017-12-21 18:11 - 2017-12-21 18:11 - 000000000 ____D C:\Users\XXX\AppData\Local\Mega Limited
2017-12-21 18:11 - 2017-12-21 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-12-21 18:11 - 2017-12-21 18:11 - 000000000 ____D C:\ProgramData\MEGAsync
2017-12-21 18:10 - 2017-12-21 18:11 - 014975800 _____ (MEGA Limited) C:\Users\XXX\Downloads\MEGAsyncSetup.exe
2017-12-21 18:05 - 2017-12-21 18:05 - 265740490 _____ C:\Users\XXX\Downloads\Ultraman Geed 24.mp4
2017-12-21 09:02 - 2017-12-21 09:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2017-12-21 09:02 - 2017-12-21 09:02 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-19 19:25 - 2017-12-19 19:26 - 299660075 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 15SD [23CADB1C].mp4
2017-12-19 19:24 - 2017-12-19 19:25 - 271511827 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 42SD [33DCE118].mp4
2017-12-19 18:18 - 2017-12-19 18:18 - 277478521 _____ C:\Users\XXX\Downloads\ChristmasCustomsNearAndFar_HDmed.mp4
2017-12-16 18:15 - 2017-12-16 18:23 - 163271789 _____ C:\Users\XXX\Downloads\Thunderbirds.Are.Go.2015.S02E24.Hyperspeed.x264-TVC.mp4
2017-12-16 17:47 - 2017-12-16 18:12 - 162923026 _____ C:\Users\XXX\Downloads\Thunderbirds.Are.Go.2015.S02E26.Brains.vs.Brawn.WEBRip.x264.AAC.mp4
2017-12-15 19:15 - 2017-12-15 19:16 - 252929662 _____ C:\Users\XXX\Downloads\Dr. Slump & Arale-chan 152.mp4
2017-12-15 19:12 - 2017-12-15 19:13 - 240365259 _____ C:\Users\XXX\Downloads\Dr. Slump & Arale-chan 154.mp4
2017-12-15 19:04 - 2017-12-15 19:31 - 479665664 _____ C:\Users\XXX\Downloads\Detective-YUGAMI-E10.mp4
2017-12-15 09:14 - 2018-01-08 23:49 - 000000000 ____D C:\Users\XXX\AppData\LocalLow\uTorrent
2017-12-14 18:39 - 2017-12-14 18:39 - 269564200 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 39 (4254948A).mkv
2017-12-14 18:38 - 2017-12-14 18:41 - 251337150 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 38 (00659287).mkv
2017-12-14 18:37 - 2017-12-14 18:37 - 250424871 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 37 (DFEB6A43).mkv
2017-12-14 18:36 - 2017-12-14 18:37 - 291404880 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 36 (7F137A22).mkv
2017-12-14 18:35 - 2017-12-14 18:35 - 313697059 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 35 (5743C0FC).mkv
2017-12-14 18:33 - 2017-12-14 18:33 - 279084721 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 34 (C213D5B6).mkv
2017-12-14 18:31 - 2017-12-14 18:31 - 155725941 _____ C:\Users\XXX\Downloads\SpunkyTheSnowman_HDmed.mp4
2017-12-14 18:23 - 2017-12-14 18:25 - 409464690 _____ C:\Users\XXX\Downloads\The.Grand.Tour.S02E02.WEBRip.x264-RBG.mp4
2017-12-13 09:22 - 2017-12-07 22:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-13 09:22 - 2017-12-07 15:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-13 09:22 - 2017-12-07 15:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-13 09:22 - 2017-12-07 15:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-13 09:22 - 2017-12-07 15:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-13 09:22 - 2017-12-07 15:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-13 09:22 - 2017-12-07 15:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-13 09:22 - 2017-12-07 15:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-13 09:22 - 2017-12-07 15:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-13 09:22 - 2017-12-07 15:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-13 09:22 - 2017-12-07 15:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-13 09:22 - 2017-12-07 15:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-13 09:22 - 2017-12-07 15:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-13 09:22 - 2017-12-07 15:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-13 09:22 - 2017-12-07 15:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-13 09:22 - 2017-12-07 15:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-13 09:22 - 2017-12-07 14:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-13 09:22 - 2017-12-07 14:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-13 09:22 - 2017-12-07 14:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-13 09:22 - 2017-12-07 14:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-13 09:22 - 2017-12-07 14:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-13 09:22 - 2017-12-07 14:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-13 09:22 - 2017-12-07 14:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-13 09:22 - 2017-12-07 14:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-13 09:22 - 2017-12-07 14:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-13 09:22 - 2017-12-07 14:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-13 09:22 - 2017-12-07 14:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-13 09:22 - 2017-12-07 14:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-13 09:22 - 2017-12-07 14:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-13 09:22 - 2017-12-07 14:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-13 09:22 - 2017-12-07 14:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-13 09:22 - 2017-12-07 14:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-13 09:22 - 2017-12-07 14:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-13 09:22 - 2017-12-07 14:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-13 09:22 - 2017-12-07 14:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-13 09:22 - 2017-12-07 14:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-13 09:22 - 2017-12-07 14:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-13 09:22 - 2017-12-07 14:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 09:22 - 2017-12-07 14:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-13 09:22 - 2017-12-07 14:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-13 09:22 - 2017-12-07 14:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-13 09:22 - 2017-12-07 14:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-13 09:22 - 2017-12-07 14:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-13 09:22 - 2017-12-07 14:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-13 09:22 - 2017-12-07 14:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-13 09:22 - 2017-12-07 14:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-13 09:22 - 2017-12-07 14:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-13 09:22 - 2017-12-07 14:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-13 09:22 - 2017-12-07 14:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-13 09:22 - 2017-12-07 14:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-13 09:22 - 2017-12-07 14:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-13 09:22 - 2017-12-07 14:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 09:22 - 2017-12-07 14:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-13 09:22 - 2017-12-07 14:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-13 09:22 - 2017-12-07 14:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-13 09:22 - 2017-12-07 14:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-13 09:22 - 2017-12-07 14:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-13 09:22 - 2017-12-07 14:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-13 09:22 - 2017-12-07 14:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-13 09:22 - 2017-12-07 14:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-13 09:22 - 2017-12-07 14:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-13 09:22 - 2017-12-07 14:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-13 09:22 - 2017-12-07 13:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-13 09:22 - 2017-12-07 13:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-13 09:22 - 2017-12-07 13:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-13 09:22 - 2017-12-07 13:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-13 09:22 - 2017-12-07 13:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-13 09:22 - 2017-12-07 13:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-13 09:22 - 2017-12-07 13:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-13 09:22 - 2017-12-07 13:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-13 09:22 - 2017-12-07 13:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-12 18:27 - 2017-12-12 18:27 - 305965929 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 33 (8BEAF2E0).mkv
2017-12-12 18:26 - 2017-12-12 18:26 - 296147650 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 32 (0011BE98).mkv
2017-12-12 18:26 - 2017-12-12 18:26 - 284379788 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 31 (F729B0C3).mkv
2017-12-12 18:25 - 2017-12-12 18:27 - 259783499 _____ C:\Users\XXX\Downloads\Ultraman Geed 23.mp4
2017-12-12 18:24 - 2017-12-12 18:24 - 304611928 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 30 (0C13FDD3).mkv
2017-12-12 18:23 - 2017-12-12 18:23 - 321941216 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 29 (34CC71B6).mkv
2017-12-12 18:22 - 2017-12-12 18:22 - 293120486 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 28 (71EE1FFD).mkv
2017-12-12 18:21 - 2017-12-12 18:22 - 297717292 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 27 (DAA7E299).mkv
2017-12-12 18:18 - 2017-12-12 18:18 - 255690913 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 41SD [9BB0F07D].mp4
2017-12-12 18:17 - 2017-12-12 18:18 - 282116575 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 14SD [D6711CE1].mp4
2017-12-11 19:12 - 2017-12-11 19:13 - 370156255 _____ C:\Users\XXX\Downloads\the.gifted.s01e10.web.x264.mp4
2017-12-11 18:52 - 2017-12-11 18:57 - 182788114 _____ C:\Users\XXX\Downloads\Frankie.Drake.Mysteries.S01E06.AAC.MP4-Mobile.mp4
2017-12-11 18:49 - 2017-12-11 18:51 - 211228688 _____ C:\Users\XXX\Downloads\Lucifer.S03E10.AAC.MP4-Mobile.mp4
2017-12-11 01:50 - 2017-12-11 01:50 - 000002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-12-10 14:46 - 2017-12-10 14:46 - 276607905 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 25 (44154926).mkv
2017-12-10 14:43 - 2017-12-10 14:43 - 274926832 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 26 (6D2AC9FE).mkv
2017-12-10 14:42 - 2017-12-10 14:42 - 333670605 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 24 (2CDE0F9A).mkv
2017-12-10 14:41 - 2017-12-10 14:41 - 354214150 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 23 (75E552CA).mkv
2017-12-10 14:41 - 2017-12-10 14:41 - 238167121 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 22 (700ED2B6).mkv
2017-12-10 14:40 - 2017-12-10 14:41 - 269869195 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 21 (3D069860).mkv
2017-12-09 15:51 - 2017-12-09 15:52 - 273331673 _____ C:\Users\XXX\Downloads\[KITsubs] - Kamen Rider Skyrider 34.mkv
2017-12-09 15:47 - 2017-12-09 15:48 - 282218409 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 18 (38BC4950).mkv
2017-12-09 15:45 - 2017-12-09 15:46 - 300303874 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 14 .mkv
2017-12-09 15:45 - 2017-12-09 15:45 - 286111568 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 20 (862930AD).mkv
2017-12-09 15:44 - 2017-12-09 15:44 - 276720727 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 19 (F27FC81A).mkv
2017-12-09 15:43 - 2017-12-09 15:43 - 276231702 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 16 (57755F79).mkv
2017-12-09 15:42 - 2017-12-09 15:42 - 290638120 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 15 (0EA4A57B).mkv
2017-12-09 15:40 - 2017-12-09 15:40 - 282842699 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 17 (A245E68C).mkv
2017-12-09 15:39 - 2017-12-09 15:39 - 297771460 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 13 (04CE889A).mkv
2017-12-09 15:38 - 2017-12-09 15:39 - 294658356 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 12 (435DF3D3).mkv
2017-12-09 15:37 - 2017-12-09 15:37 - 290913063 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 11 (E33F6E0B).mkv
2017-12-09 15:36 - 2017-12-09 15:36 - 303079448 _____ C:\Users\XXX\Downloads\[Lordtranza33 + DFF] Changeman 10 (810015DC).mkv
2017-12-09 15:30 - 2017-12-09 15:30 - 023478136 _____ C:\Users\XXX\Downloads\Fourze x Madoka MAGIMIX.pdf
2017-12-08 23:27 - 2017-12-09 00:05 - 567820093 _____ C:\Users\XXX\Downloads\Psych.The.Movie.2017.HDTV.x264.mp4
2017-12-08 19:18 - 2017-12-08 19:19 - 148972606 _____ C:\Users\XXX\Downloads\Avengers.Secret.Wars.S04E14.WEB-DL.x264-RBB.mp4
2017-12-08 18:19 - 2017-12-08 18:19 - 161704219 _____ C:\Users\XXX\Downloads\GiftsFromTheAir_HDmed.mp4
2017-12-08 18:18 - 2017-12-08 18:18 - 191207127 _____ C:\Users\XXX\Downloads\SantaClausWorkshop_HDmed.mp4
2017-12-08 18:04 - 2017-12-08 18:08 - 1072295021 _____ C:\Users\XXX\Downloads\Detective-YUGAMI-E09.mp4
2017-12-08 17:58 - 2017-12-08 17:58 - 338363396 _____ C:\Users\XXX\Downloads\Happy.S01E01.HDTV.x264-SDI.mp4
2017-12-07 18:59 - 2017-12-07 19:00 - 365783801 _____ C:\Users\XXX\Downloads\the.orville.s01e12.web.x264.mp4
2017-12-05 18:20 - 2017-12-05 18:24 - 1324489384 _____ C:\Users\XXX\Downloads\35449-Sakurada.Reset.Part.II.2017.720p.BluRay.x264WiKi 1_1512465753.mp4.mp4
2017-12-05 18:15 - 2017-12-05 18:25 - 132218346 _____ C:\Users\XXX\Downloads\[LUURAH]UFO_Senshi_Dai_Apolon_24_[235C78E9].mkv
2017-12-05 18:14 - 2017-12-05 18:15 - 285234219 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 13SD [5FB78E1E].mp4
2017-12-05 18:13 - 2017-12-05 18:16 - 262581083 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 40SD [DCA6A76A].mp4
2017-12-04 18:59 - 2017-12-04 19:01 - 380849770 _____ C:\Users\XXX\Downloads\the.gifted.s01e09.web.x264.mp4
2017-12-04 18:22 - 2017-12-04 18:23 - 319346854 _____ C:\Users\XXX\Downloads\Supergirl.S03E09.HDTV.x264.mp4
2017-12-04 18:20 - 2017-12-04 18:22 - 369702105 _____ C:\Users\XXX\Downloads\lucifer.s03e09.web.x264.mp4
2017-12-04 17:48 - 2017-12-04 17:49 - 301090762 _____ C:\Users\XXX\Downloads\Frankie.Drake.Mysteries.S01E05.WEBRip.x264.mp4
2017-12-04 17:39 - 2017-12-04 17:40 - 183431051 _____ C:\Users\XXX\Downloads\Ghosted.S01E08.WEB.x264.mp4
2017-12-04 17:37 - 2017-12-04 17:39 - 546528532 _____ C:\Users\XXX\Downloads\Robot.Wars.S10E06.Grand.Final.WEB-DL.x264-VV.mp4
2017-12-02 23:22 - 2017-12-02 23:23 - 163541665 _____ C:\Users\XXX\Downloads\Thunderbirds.Are.Go.2015.S02E23.Rigged.for.Disaster.WEBRip.x264.AAC.mp4
2017-12-02 19:20 - 2017-12-02 19:20 - 022212682 _____ C:\Users\XXX\Downloads\Loading Screen Template.rar
2017-12-02 19:10 - 2017-12-02 19:11 - 000000000 ____D C:\Users\XXX\AppData\Local\PlaceholderTileLogoFolder
2017-12-02 17:11 - 2017-12-02 17:14 - 019289006 _____ C:\Users\XXX\Downloads\Woodcraft_Magazine_-_August-September_2017.pdf
2017-12-02 13:52 - 2017-12-02 13:52 - 410902371 _____ C:\Users\XXX\Downloads\Ultraman Geed 22.mp4
2017-12-02 13:46 - 2017-12-02 13:52 - 140048785 _____ C:\Users\XXX\Downloads\[LUURAH]UFO_Senshi_Dai_Apolon_23_[67448793].mkv
2017-12-02 12:39 - 2017-12-02 13:08 - 189302746 _____ C:\Users\XXX\Downloads\The.Orville.S01E11.XviD-AFG.avi.mp4
2017-11-30 19:10 - 2017-11-30 19:10 - 431344051 _____ C:\Users\XXX\Downloads\Cyber Monday 2017.zip
2017-11-30 18:24 - 2017-11-30 18:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-30 18:22 - 2017-11-30 18:22 - 000000000 ___HD C:\Users\XXX\MicrosoftEdgeBackups
2017-11-30 18:21 - 2018-01-06 00:13 - 000000000 ___RD C:\Users\XXX\3D Objects
2017-11-30 18:20 - 2017-11-30 18:20 - 000000020 ___SH C:\Users\XXX\ntuser.ini
2017-11-30 18:18 - 2018-01-10 18:10 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-30 18:18 - 2018-01-10 02:03 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForXXX
2017-11-30 18:18 - 2018-01-09 13:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-30 18:18 - 2018-01-07 10:22 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-11-30 18:18 - 2018-01-07 10:22 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-11-30 18:18 - 2018-01-07 10:22 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3405600673-1413478055-2133006793-1001
2017-11-30 18:18 - 2018-01-07 10:22 - 000002262 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-11-30 18:18 - 2018-01-06 23:53 - 000003256 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTask
2017-11-30 18:18 - 2017-12-21 18:19 - 000004008 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-11-30 18:18 - 2017-11-30 18:18 - 000002598 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2017-11-30 18:18 - 2017-11-30 18:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-11-30 18:18 - 2017-11-30 18:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-11-30 18:17 - 2017-11-30 18:18 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-30 18:17 - 2017-11-30 18:18 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-30 18:07 - 2017-11-30 18:07 - 000000000 ____D C:\ProgramData\USOShared
2017-11-30 18:03 - 2017-11-30 18:03 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-30 18:01 - 2018-01-09 13:20 - 000000000 ____D C:\Users\XXX\AppData\Local\Packages
2017-11-30 18:00 - 2018-01-09 13:09 - 000000000 ____D C:\Users\XXX
2017-11-30 17:59 - 2018-01-10 13:48 - 001349292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-30 17:58 - 2017-09-29 05:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-30 17:55 - 2018-01-10 18:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-30 17:55 - 2018-01-06 00:12 - 000413104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-30 17:47 - 2017-12-13 06:55 - 000000000 ____D C:\Windows.old
2017-11-30 15:05 - 2018-01-10 18:19 - 000450360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-11-30 15:05 - 2018-01-10 18:19 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151563719592101
2017-11-30 15:05 - 2017-12-21 18:18 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys.151563719592101
2017-11-30 15:05 - 2017-12-21 18:18 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-11-30 15:05 - 2017-12-21 18:18 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-11-30 15:03 - 2017-11-30 17:47 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-30 14:54 - 2017-11-30 15:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-30 14:42 - 2017-11-30 14:42 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-11-30 14:42 - 2017-11-30 14:42 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-30 14:41 - 2017-11-30 14:41 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-30 14:41 - 2017-11-30 14:41 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-30 14:41 - 2017-11-30 14:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-30 14:41 - 2017-11-30 14:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-30 14:16 - 2017-11-30 14:16 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-30 14:16 - 2017-11-30 14:16 - 000000000 ____D C:\Program Files\MSBuild
2017-11-30 14:16 - 2017-11-30 14:16 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-30 14:16 - 2017-11-30 14:16 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-30 14:15 - 2017-11-30 14:15 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-30 14:15 - 2017-11-30 14:15 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-30 14:15 - 2017-11-30 14:15 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-30 14:15 - 2017-11-30 14:15 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-30 14:14 - 2017-11-30 14:14 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-30 14:14 - 2017-11-30 14:14 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-30 13:40 - 2017-11-30 13:40 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-30 11:36 - 2017-12-08 10:34 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-28 18:40 - 2017-11-28 18:41 - 131707580 _____ C:\Users\XXX\Downloads\Kamen Rider Snipe Episode Zero 03.mp4
2017-11-28 18:38 - 2017-11-28 18:39 - 261485670 _____ C:\Users\XXX\Downloads\Ultraman Geed 21.mp4
2017-11-28 18:35 - 2017-11-28 18:42 - 1088967073 _____ C:\Users\XXX\Downloads\35374-Sakurada.Reset.Part.I.2017.720p.BluRay.x264WiKi 1_1511773186.mp4.mp4
2017-11-28 18:27 - 2017-11-28 18:29 - 245963579 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 12SD [AF9F0B18].mp4
2017-11-28 17:58 - 2017-11-28 18:16 - 539349341 _____ C:\Users\XXX\Downloads\marvels.runaways.s01e04.720p.web.h264-tbs.mkv.mp4
2017-11-28 12:18 - 2017-11-28 12:18 - 000011025 _____ C:\Users\XXX\Downloads\laff_riot.zip
2017-11-26 20:23 - 2017-11-26 20:24 - 500873529 _____ C:\Users\XXX\Downloads\Robot.Wars.2016.S03E05.WEB-DL.H264-RBB.mp4
2017-11-26 17:57 - 2017-11-26 17:59 - 320656898 _____ C:\Users\XXX\Downloads\Marvels.Runaways.S01E01.WEB.h264-TBS[eztv].mkv
2017-11-26 17:57 - 2017-11-26 17:59 - 268700867 ____R C:\Users\XXX\Downloads\Marvels.Runaways.S01E03.WEB.h264-TBS[eztv].mkv
2017-11-26 17:57 - 2017-11-26 17:59 - 265057459 ____R C:\Users\XXX\Downloads\Marvels.Runaways.S01E02.WEB.h264-TBS[eztv].mkv
2017-11-26 12:03 - 2017-11-26 12:20 - 165273121 _____ C:\Users\XXX\Downloads\Thunderbirds.Are.Go.2015.S02E22.Long.Haul.WEB.x264-TVC.mp4
2017-11-25 18:14 - 2017-11-25 18:26 - 513161842 _____ C:\Users\XXX\Downloads\BattleBots.2015.S02E07.HDTV.x264-W4F[eztv].mkv
2017-11-25 17:30 - 2017-11-25 17:30 - 450931887 _____ C:\Users\XXX\Downloads\Rifftrax Shorts - LetsTalkTurkey_highTV.mp4
2017-11-24 15:42 - 2017-11-24 15:44 - 151223789 _____ C:\Users\XXX\Downloads\[LUURAH]_UFO_Senshi_Dai_Apolon_22_[C8B7D79A].mkv
2017-11-24 15:40 - 2017-11-24 15:42 - 282758207 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 11SD [05B1E90A].mp4
2017-11-24 15:33 - 2017-11-24 15:35 - 105256466 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E08.WEBRip.x264-RBB.mp4
2017-11-24 15:32 - 2017-11-24 15:37 - 112514788 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E07.WEBRip.x264-RBB.mp4
2017-11-20 18:58 - 2017-11-20 19:00 - 364618352 _____ C:\Users\XXX\Downloads\The.Gifted.S01E08.WEB.x264.mp4
2017-11-20 18:38 - 2017-11-20 18:39 - 183431051 _____ C:\Users\XXX\Downloads\ghosted.s01e07.web.x264.mp4
2017-11-19 13:44 - 2017-11-19 14:40 - 498509722 _____ C:\Users\XXX\Downloads\The.tick.2016.s01e00.pilot.reconvert.mp4
2017-11-19 13:18 - 2017-11-19 13:36 - 420371280 _____ C:\Users\XXX\Downloads\The.Orville.s01e08 Reconvert.mp4
2017-11-19 12:15 - 2017-11-19 12:41 - 074424183 _____ C:\Users\XXX\Downloads\Justice.League.Action.S01E45.Race.Against.Crime.WEB-DL.x264.AAC.mp4
2017-11-19 12:14 - 2017-11-19 13:14 - 163958059 _____ C:\Users\XXX\Downloads\Thunderbirds.Are.Go.2015.S02E21.Home.on.the.Range.WEBRip.x264.AAC-RBB.mp4
2017-11-18 17:38 - 2017-11-18 17:38 - 1669244758 _____ C:\Users\XXX\Downloads\Rifftrax - PressurePoint_highTV.mp4
2017-11-17 19:02 - 2017-11-17 19:03 - 227869111 _____ C:\Users\XXX\Downloads\Rifftrax Shorts - TheHotheadAndTheForgetter_highTV.mp4
2017-11-17 18:54 - 2017-11-17 18:55 - 186529911 _____ C:\Users\XXX\Downloads\Marvels.Guardians.of.the.Galaxy.S02E24.WEB-DL.x264.mp4
2017-11-17 18:54 - 2017-11-17 18:54 - 135176833 _____ C:\Users\XXX\Downloads\Guardians.of.the.Galaxy.S02E25.Behind.Gold.Eyes.WEB-DL.x264.mp4
2017-11-17 18:01 - 2017-11-17 18:34 - 359176542 _____ C:\Users\XXX\Downloads\The.Orville.S01E10.WEB.x264-SDI.mp4
2017-11-16 17:42 - 2017-11-16 17:43 - 293530839 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 10SD [F204EA6D].mp4
2017-11-16 17:37 - 2017-11-16 17:38 - 094779411 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E06.XviD-AFG.avi.mp4
2017-11-16 17:36 - 2017-11-16 17:36 - 093681960 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E05.XviD-AFG.avi.mp4
2017-11-14 18:17 - 2017-11-14 18:24 - 304385207 _____ C:\Users\XXX\Downloads\The.Gifted.S01E07.HDTV.x264.mp4
2017-11-13 17:55 - 2017-11-13 18:11 - 183371694 _____ C:\Users\XXX\Downloads\ghosted.s01e06.web.x264.mp4
2017-11-13 17:53 - 2017-11-13 17:54 - 373692028 _____ C:\Users\XXX\Downloads\Star.Trek.Discovery.S01E09.iNTERNAL.WEB.x264-SDI.mp4
2017-11-13 17:50 - 2017-11-13 17:54 - 550602858 _____ C:\Users\XXX\Downloads\robot.wars.2016.s03e04.hdtv.xvid.avi
2017-11-12 15:14 - 2017-11-12 15:26 - 117339233 _____ C:\Users\XXX\Downloads\justice.league.action.s01e44.system.error.720p.hdtv.x264-w4f.mkv.mp4
2017-11-11 20:31 - 2017-11-11 20:33 - 257766424 _____ C:\Users\XXX\Downloads\Dead Stock 06.mp4
2017-11-11 20:30 - 2017-11-11 20:33 - 257215608 _____ C:\Users\XXX\Downloads\Dead Stock Ep04.mp4
2017-11-11 20:30 - 2017-11-11 20:32 - 256716179 _____ C:\Users\XXX\Downloads\Dead Stock 05.mp4
2017-11-11 19:11 - 2017-11-11 19:12 - 254149987 _____ C:\Users\XXX\Downloads\Dead Stock EP03 720p AAC-AOZ.mp4
2017-11-11 18:38 - 2017-11-11 19:12 - 256371870 _____ C:\Users\XXX\Downloads\Dead Stock EP02 720p AAC-AOZ.mp4
2017-11-11 18:34 - 2017-11-11 18:36 - 253824455 _____ C:\Users\XXX\Downloads\Dead Stock EP01 720p AAC-AOZ.mp4
2017-11-11 13:29 - 2017-11-11 14:30 - 238964818 _____ C:\Users\XXX\Downloads\Dr. Slump & Arale-chan 063.mp4
2017-11-11 09:02 - 2017-11-11 09:02 - 000002020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2017-11-11 09:02 - 2017-11-11 09:02 - 000002008 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2017-11-10 23:15 - 2018-01-10 02:03 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForXXX.job
2017-11-10 16:06 - 2017-11-10 16:15 - 433094404 _____ C:\Users\XXX\Downloads\The.Orville.S01E09.iNTERNAL.XviD-AFG.avi
2017-11-09 18:25 - 2017-11-09 18:26 - 198990392 _____ C:\Users\XXX\Downloads\stan.against.evil.s02e04.hdtv.xvid.avi
2017-11-09 18:24 - 2017-11-09 18:25 - 198945852 _____ C:\Users\XXX\Downloads\stan.against.evil.s02e03.hdtv.xvid.avi
2017-11-07 18:55 - 2017-11-07 18:57 - 443113618 _____ C:\Users\XXX\Downloads\Star.Trek.Discovery.S01E08.Si.Vis.Pacem.Para.Bellum..1080p.x265.10bit.FS79.Jo y.mkv
2017-11-07 18:54 - 2017-11-07 18:54 - 301773090 _____ C:\Users\XXX\Downloads\Rifftrax Shorts - Babysitter_highTV.mp4
2017-11-07 18:46 - 2017-11-07 19:15 - 370879959 _____ C:\Users\XXX\Downloads\The.Gifted.S01E06.WEB.x264.mp4
2017-11-07 18:40 - 2017-11-07 18:40 - 182749003 _____ C:\Users\XXX\Downloads\ghosted.s01e05.web.x264.mp4
2017-11-07 18:36 - 2017-11-07 18:38 - 385002901 _____ C:\Users\XXX\Downloads\Robot.Wars.S10E03.WEB-DL.x264-VV.mp4
2017-11-03 08:46 - 2017-11-03 08:46 - 000000000 ____D C:\ProgramData\H2O
2017-11-02 18:23 - 2017-11-02 18:24 - 239217894 _____ C:\Users\XXX\Downloads\Dr. Slump & Arale-chan 062.mp4
2017-11-02 18:20 - 2017-11-02 18:22 - 262343748 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 09SD [522AC2D0].mp4
2017-11-02 17:58 - 2017-11-02 17:59 - 367623775 _____ C:\Users\XXX\Downloads\the.orville.s01e08.web.x264-tbs.mkv
2017-11-02 17:48 - 2017-11-02 17:55 - 123749240 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E02.HDTV.x264-RBB.mp4
2017-11-02 17:47 - 2017-11-02 17:47 - 122013928 _____ C:\Users\XXX\Downloads\Stan.Against.Evil.S02E01.HDTV.x264-RBB.mp4
2017-11-02 14:57 - 2017-11-02 14:57 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Sony Creative Software Inc
2017-10-30 18:34 - 2017-10-30 18:34 - 131782363 _____ C:\Users\XXX\Downloads\Marvels.Guardians.of.the.Galaxy.S02E21.WEBRip.x264-RBB.mp4
2017-10-30 18:32 - 2017-10-30 18:32 - 076820335 _____ C:\Users\XXX\Downloads\Marvels.Guardians.of.the.Galaxy.S02E20.WEBRip.x264-RBB.mp4
2017-10-30 18:31 - 2017-10-30 18:32 - 370571307 _____ C:\Users\XXX\Downloads\the.gifted.s01e05.web.x264.mp4
2017-10-30 18:26 - 2017-10-30 18:27 - 203503271 _____ C:\Users\XXX\Downloads\Star.Trek.Discovery.S01E07.iNTERNAL.XviD-AFG.avi.mp4
2017-10-29 10:23 - 2017-10-29 10:35 - 103423174 _____ C:\Users\XXX\Downloads\marvels.spider.man.s01e14.hdtv.x264.mp4
2017-10-28 17:20 - 2017-10-28 17:21 - 255690107 _____ C:\Users\XXX\Downloads\[Over-Time] Kamen Rider Build - 08SD [3ECF9247].mp4
2017-10-27 16:08 - 2017-10-27 16:51 - 966530143 _____ C:\Users\XXX\Downloads\star.trek.discovery.s01e06.real.internal.720p.web.x264-bamboozle.mkv
2017-10-27 15:56 - 2017-10-27 17:00 - 369340551 _____ C:\Users\XXX\Downloads\The.Orville.S01E07.WEB.x264.mp4
2017-10-26 11:50 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-10-26 11:50 - 2017-10-26 11:50 - 000002260 _____ C:\Users\Public\Desktop\HP ENVY 4520 series.lnk
2017-10-26 11:50 - 2017-10-26 11:50 - 000002031 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2017-10-26 11:50 - 2017-10-26 11:50 - 000000000 ____D C:\ProgramData\Visan
2017-10-26 11:50 - 2017-10-26 11:50 - 000000000 ____D C:\ProgramData\HP Photo Creations
2017-10-26 11:50 - 2017-10-26 11:50 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2017-10-26 11:46 - 2017-10-26 11:47 - 156129840 _____ C:\Users\XXX\Downloads\EN4520_Full_WebPack_1122.exe
2017-10-23 21:54 - 2017-10-23 21:57 - 624216797 _____ C:\Users\XXX\Downloads\Robot.Wars.S10E01.480p.x264-mSD.mkv
2017-10-23 21:44 - 2017-10-23 21:46 - 322659834 _____ C:\Users\XXX\Downloads\The.Gifted.S01E04.XviD-AFG.avi
2017-10-23 21:43 - 2017-10-23 21:44 - 169987776 _____ C:\Users\XXX\Downloads\ghosted.s01e03.hdtv.xvid.avi
2017-10-23 10:33 - 2017-10-23 10:33 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2017-10-23 10:31 - 2017-10-23 10:31 - 000000000 ____D C:\Users\XXX\Documents\Audacity
2017-10-23 10:29 - 2018-01-10 13:48 - 000000000 ____D C:\Users\XXX\AppData\Roaming\audacity
2017-10-23 10:29 - 2017-10-23 10:29 - 000000000 ____D C:\Users\XXX\AppData\Local\Audacity
2017-10-22 18:33 - 2018-01-01 17:35 - 000000000 ____D C:\Users\XXX\AppData\Roaming\HandBrake
2017-10-22 18:33 - 2017-10-22 18:33 - 000000000 ____D C:\Users\XXX\AppData\Roaming\HandBrake Team
2017-10-22 18:24 - 2017-10-22 18:24 - 250018697 _____ C:\Users\XXX\Downloads\Rifftrax Shorts - PeopleSoup_HDmed.mp4
2017-10-22 18:24 - 2017-10-22 18:24 - 240416890 _____ C:\Users\XXX\Downloads\Rifftrax Short - SixMurderousBeliefs_highTV.mp4
2017-10-22 18:21 - 2017-10-22 18:22 - 298032464 _____ C:\Users\XXX\Downloads\Rifftrax Shorts - Farm Family In Autumn (HDMed).mp4
2017-10-22 13:44 - 2017-10-22 14:33 - 226035927 _____ C:\Users\XXX\Downloads\marvel.spider.man.2017.s01e13.venom.1080p.web.dl.dd5.1.hevc.x265.mkv
2017-10-21 18:38 - 2018-01-08 10:18 - 000000000 ____D C:\Users\XXX\AppData\Roaming\vlc
2017-10-21 09:40 - 2018-01-09 13:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-21 09:40 - 2018-01-09 13:17 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-21 09:40 - 2018-01-09 13:17 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-20 17:13 - 2017-10-20 17:13 - 126701677 _____ C:\Users\XXX\Downloads\HorribleSubsGundamBuildFightersBattlogue03720pr689.x-rh-354.x.mp4
2017-10-20 16:57 - 2017-10-20 17:00 - 291305680 _____ C:\Users\XXX\Downloads\[G.U.I.S.] Choushinsei Flashman 11 (B5593B02).mp4
2017-10-20 16:41 - 2017-11-04 17:09 - 000000000 ____D C:\Users\XXX\Downloads\Keiji Yugami
2017-10-20 12:14 - 2017-10-20 12:14 - 000001212 _____ C:\Users\Public\Desktop\WD Security.lnk
2017-10-20 12:14 - 2017-10-20 12:14 - 000001157 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2017-10-20 12:14 - 2017-10-20 12:14 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Western Digital
2017-10-20 12:13 - 2017-11-30 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2017-10-20 12:13 - 2017-11-10 23:10 - 000002193 _____ C:\Users\Public\Desktop\WD Backup.lnk
2017-10-20 12:13 - 2017-11-10 23:10 - 000000000 ____D C:\Program Files (x86)\Western Digital
2017-10-20 12:13 - 2017-10-20 12:13 - 000000000 ____D C:\ProgramData\Western Digital
2017-10-20 12:12 - 2017-10-20 12:12 - 000000000 ____D C:\Users\XXX\AppData\Local\Western Digital
2017-10-20 12:04 - 2017-10-20 12:04 - 000000000 ____D C:\Users\XXX\AppData\Roaming\WildTangent
2017-10-20 11:28 - 2017-10-20 11:28 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Publish Providers
2017-10-20 11:28 - 2017-10-20 11:28 - 000000000 ____D C:\Users\XXX\AppData\Local\AMD
2017-10-20 11:26 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-10-20 11:26 - 2017-10-20 11:26 - 000000000 ____D C:\ProgramData\Sony
2017-10-20 11:26 - 2017-10-20 11:26 - 000000000 ____D C:\Program Files\Sony
2017-10-20 11:14 - 2017-10-20 11:26 - 000000000 ____D C:\Users\XXX\AppData\Local\Sony
2017-10-20 11:14 - 2017-10-20 11:14 - 000000000 ____D C:\Program Files (x86)\Sony
2017-10-20 11:13 - 2017-12-08 10:34 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Sony
2017-10-20 10:35 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc Video Mastering Works
2017-10-20 10:34 - 2017-10-22 22:08 - 000000000 ____D C:\Users\XXX\AppData\Roaming\LEAPS
2017-10-20 10:29 - 2017-10-20 10:35 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Pegasys Inc
2017-10-20 10:25 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc
2017-10-20 10:25 - 2017-10-20 10:34 - 000000000 ____D C:\Program Files (x86)\Pegasys Inc
2017-10-20 10:25 - 2017-10-20 10:25 - 000002242 _____ C:\Users\Public\Desktop\TMPGEnc Authoring Works 4.lnk
2017-10-20 10:25 - 2017-10-20 10:23 - 000139264 _____ (SOURCENEXT) C:\WINDOWS\SysWOW64\bgsvcgen.exe
2017-10-20 10:25 - 2017-10-20 10:23 - 000059240 _____ (SOURCENEXT CORPORATION) C:\WINDOWS\SysWOW64\GenSvcInst.exe
2017-10-20 10:25 - 2017-10-20 10:23 - 000038944 _____ (B.H.A Corporation) C:\WINDOWS\system32\Drivers\cdrbsdrv.sys
2017-10-20 10:20 - 2017-10-20 10:20 - 000000000 ____D C:\ProgramData\Protexis
2017-10-20 10:17 - 2017-10-20 10:17 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Ulead Systems
2017-10-20 10:17 - 2017-10-20 10:17 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Corel
2017-10-20 10:17 - 2017-10-20 10:17 - 000000000 ____D C:\Users\XXX\AppData\Local\Corel PaintShop Pro
2017-10-20 10:15 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X9
2017-10-20 10:15 - 2017-10-20 10:17 - 000000000 ____D C:\ProgramData\Corel
2017-10-20 10:15 - 2017-10-20 10:15 - 000001170 _____ C:\Users\Public\Desktop\Corel PaintShop Pro X9.lnk
2017-10-20 10:14 - 2017-10-20 10:16 - 000000000 ____D C:\Program Files (x86)\Corel
2017-10-20 09:55 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-10-20 09:54 - 2017-12-29 05:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-10-20 09:23 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collectorz.com
2017-10-20 09:23 - 2017-10-20 09:23 - 000001347 _____ C:\Users\Public\Desktop\Movie Collector.lnk
2017-10-20 09:23 - 2017-10-20 09:23 - 000000000 ____D C:\Users\XXX\AppData\Local\Collectorz.com
2017-10-20 09:22 - 2017-10-20 09:22 - 020292928 _____ (Collectorz.com ) C:\Users\XXX\Downloads\moviecollectorsetup1644.exe
2017-10-20 09:22 - 2017-10-20 09:22 - 000000000 ____D C:\Program Files (x86)\Collectorz.com
2017-10-20 09:20 - 2017-10-20 09:20 - 000000872 _____ C:\Users\XXX\Desktop\Handbrake.lnk
2017-10-20 09:20 - 2017-10-20 09:20 - 000000000 ____D C:\Program Files\Handbrake
2017-10-20 08:10 - 2017-12-08 10:38 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-10-20 08:10 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-10-20 08:09 - 2017-10-20 08:09 - 030950664 _____ C:\Users\XXX\Downloads\vlc-2.2.6-win32.exe
2017-10-20 08:09 - 2017-10-20 08:09 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-10-20 08:07 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2017-10-20 08:07 - 2017-10-22 18:31 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Subtitle Edit
2017-10-20 08:07 - 2017-10-20 08:07 - 006090087 _____ C:\Users\XXX\Downloads\SubtitleEdit-3.5.4-Setup.zip
2017-10-20 08:07 - 2017-10-20 08:07 - 000001924 _____ C:\Users\XXX\Desktop\Subtitle Edit.lnk
2017-10-20 08:07 - 2017-10-20 08:07 - 000000000 ____D C:\Program Files\Subtitle Edit
2017-10-20 08:05 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2017-10-20 08:05 - 2017-10-20 08:05 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2017-10-20 08:05 - 2017-10-20 08:05 - 000000000 ____D C:\Program Files\Combined Community Codec Pack 64bit
2017-10-20 08:04 - 2017-11-10 23:05 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2017-10-20 08:04 - 2017-11-05 11:36 - 000001187 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2017-10-20 08:04 - 2017-11-05 11:36 - 000001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2017-10-20 08:04 - 2017-10-20 08:04 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Canneverbe Limited
2017-10-20 08:03 - 2017-10-23 10:29 - 000000000 ____D C:\Program Files (x86)\Audacity
2017-10-20 08:03 - 2017-10-20 08:03 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-10-20 08:03 - 2017-10-20 08:03 - 000001087 _____ C:\Users\Public\Desktop\Audacity.lnk
2017-10-20 07:54 - 2017-10-20 07:54 - 000000000 ____D C:\Users\XXX\AppData\Roaming\AVG
2017-10-20 07:52 - 2017-11-30 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-10-20 07:52 - 2017-10-20 07:52 - 000000903 _____ C:\Users\XXX\Desktop\µTorrent.lnk
2017-10-20 07:52 - 2017-10-20 07:52 - 000000883 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-10-20 07:51 - 2018-01-08 23:49 - 000000000 ____D C:\Users\XXX\AppData\Roaming\uTorrent
2017-10-20 07:50 - 2017-10-20 07:50 - 002849376 _____ (BitTorrent Inc.) C:\Users\XXX\Downloads\uTorrent.exe
2017-10-20 07:46 - 2017-10-20 08:32 - 000000000 ____D C:\Users\XXX\AppData\LocalLow\LastPass
2017-10-20 07:45 - 2017-12-08 10:22 - 000000000 ____D C:\Program Files (x86)\AVG
2017-10-20 07:44 - 2017-10-20 07:44 - 000000000 ____D C:\Users\XXX\AppData\Local\Comms
2017-10-20 07:42 - 2017-10-20 08:35 - 000000000 ____D C:\Users\XXX\AppData\Local\Thunderbird
2017-10-20 07:42 - 2017-10-20 07:42 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-10-20 07:42 - 2017-10-20 07:42 - 000001277 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2017-10-20 07:42 - 2017-10-20 07:42 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Thunderbird
2017-10-20 07:41 - 2018-01-02 10:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-10-20 07:32 - 2017-12-07 08:58 - 000002374 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-20 07:31 - 2018-01-09 13:18 - 000000000 ____D C:\Users\XXX\AppData\Local\AvgSetupLog
2017-10-20 07:31 - 2017-12-08 10:23 - 000000000 ____D C:\ProgramData\Avg
2017-10-20 07:31 - 2017-12-08 10:22 - 000000000 ____D C:\Users\XXX\AppData\Local\Avg
2017-10-20 07:31 - 2017-10-20 07:31 - 000000000 ____D C:\Users\XXX\AppData\Local\CEF
2017-10-20 07:30 - 2017-10-20 07:30 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Macromedia
2017-10-20 07:29 - 2018-01-07 15:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-20 07:29 - 2018-01-06 00:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 07:29 - 2018-01-05 12:00 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-10-20 07:29 - 2017-11-16 18:10 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Mozilla
2017-10-20 07:29 - 2017-10-20 07:38 - 000000000 ____D C:\Users\XXX\AppData\Local\Mozilla
2017-10-20 07:29 - 2017-10-20 07:30 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Hewlett-Packard
2017-10-20 07:29 - 2017-10-20 07:29 - 000001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-20 07:28 - 2017-11-10 23:15 - 000000000 ____D C:\Users\XXX\AppData\Local\Hewlett-Packard
2017-10-20 07:28 - 2017-10-26 11:52 - 000000000 ____D C:\Users\XXX\AppData\Local\HP
2017-10-20 07:28 - 2017-10-20 07:28 - 000000000 ____D C:\Users\XXX\AppData\Local\HP_Inc
2017-10-20 07:28 - 2017-10-20 07:28 - 000000000 ____D C:\Users\XXX\AppData\Local\DBG
2017-10-20 07:27 - 2017-11-30 18:22 - 000000000 ____D C:\Users\XXX\AppData\Local\MicrosoftEdge
2017-10-20 07:26 - 2017-11-10 23:10 - 000000000 ____D C:\Users\XXX\AppData\Roaming\DropboxOEM
2017-10-20 07:26 - 2017-10-20 07:26 - 000000000 ____D C:\Users\XXX\AppData\Local\DropboxOEM
2017-10-20 07:25 - 2017-11-30 18:21 - 000000000 ____D C:\Users\XXX\AppData\Local\TileDataLayer
2017-10-20 07:25 - 2017-10-20 10:27 - 000000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2017-10-20 07:25 - 2017-10-20 08:33 - 000000000 ____D C:\Users\XXX\AppData\Local\Publishers
2017-10-20 07:25 - 2017-10-20 07:25 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Adobe
2017-10-20 07:25 - 2017-10-20 07:25 - 000000000 ____D C:\Users\XXX\AppData\Local\ConnectedDevicesPlatform
2017-10-20 07:19 - 2017-11-30 18:16 - 000027280 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-20 07:15 - 2017-10-20 07:20 - 000000000 ___HD C:\Users\XXX\Documents\hp.system.package.metadata
2017-10-20 07:15 - 2016-05-14 01:00 - 000000000 ___HD C:\Users\XXX\Documents\hp.applications.package.appdata
2017-10-20 06:52 - 2017-10-20 06:52 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-10-20 06:51 - 2018-01-09 13:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-10-20 06:51 - 2017-11-30 17:59 - 000007873 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-10-20 06:51 - 2017-11-30 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-20 06:51 - 2017-11-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-10-20 06:51 - 2017-11-30 17:47 - 000000000 ____D C:\Program Files\AMD
2017-10-20 06:51 - 2017-11-30 15:05 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-10-20 06:51 - 2017-11-30 15:03 - 000000000 ____D C:\Program Files\Realtek
2017-10-20 06:51 - 2017-11-30 15:03 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-10-20 06:51 - 2017-10-20 06:51 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-10-20 06:51 - 2017-10-20 06:51 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2017-10-20 06:51 - 2017-10-20 06:51 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-10-20 01:07 - 2017-10-20 01:07 - 000000000 ____D C:\RecoveryImage
2017-10-20 01:03 - 2017-10-20 01:03 - 000000000 ____D C:\WINDOWS\AMDTAs
2017-10-20 01:00 - 2017-11-30 17:59 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-10-20 00:38 - 2017-11-30 17:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-10-20 00:38 - 2017-10-20 00:38 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2017-10-20 00:38 - 2017-10-20 00:38 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-10-16 22:14 - 2017-10-16 22:15 - 051456309 _____ C:\Users\XXX\Downloads\Justice.League.Action.S01E40.E.Nigma.Consulting.Detective.WEB-DL.x264.AAC.mp4
2017-10-16 22:13 - 2017-10-16 22:14 - 113919956 _____ C:\Users\XXX\Downloads\Marvel.Spider-Man.2017.S01E12.Spider-Man.On.Ice.WEB-DL.x264.AAC.mp4
2017-10-16 21:56 - 2017-10-16 22:04 - 370415468 _____ C:\Users\XXX\Downloads\The.Gifted.S01E03.WEB.x264.mp4
2017-10-16 17:44 - 2017-10-16 17:45 - 221622958 _____ C:\Users\XXX\Downloads\star.trek.discovery.s01e05.internal.720p.web.x264-bamboozle.mkv.mp4
2017-10-14 13:20 - 2017-10-14 21:25 - 000000000 ____D C:\Users\XXX\Downloads\Full Series Batch
2017-10-14 13:16 - 2017-10-14 13:17 - 303913443 _____ C:\Users\XXX\Downloads\[Over-Time] Space Sentai Kyuranger - 33SD [CF1140FB].mp4
2017-10-12 18:14 - 2017-10-12 20:15 - 339021896 _____ C:\Users\XXX\Downloads\The.Orville.S01E06.HDTV.x264.mp4

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-10 18:35 - 2016-11-18 15:13 - 000000000 ____D C:\Users\XXX\AppData\LocalLow\Mozilla
2018-01-10 15:37 - 2016-06-28 13:05 - 000078708 _____ C:\Users\XXX\Documents\Applications 2016.xlsx
2018-01-10 15:37 - 2016-06-28 13:03 - 000000000 ____D C:\Users\XXX\Downloads\Resumes
2018-01-10 14:14 - 2017-08-17 09:41 - 000024232 _____ C:\Users\XXX\Documents\Universal Video Tracker.xlsx
2018-01-09 21:25 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-09 21:24 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-09 21:24 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-09 13:16 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-09 13:13 - 2016-05-14 00:49 - 000636415 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2018-01-09 13:09 - 2017-09-29 00:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-08 00:10 - 2016-06-28 13:05 - 000049152 _____ C:\Users\XXX\Documents\Rifftrax Presents Checklist.xls
2018-01-07 15:21 - 2016-05-14 01:18 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-01-07 15:21 - 2016-05-14 01:18 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-01-07 15:17 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-07 15:00 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-06 10:27 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-06 00:14 - 2015-11-03 18:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-06 00:13 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-05 20:11 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-05 20:11 - 2017-09-29 00:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-05 14:22 - 2017-09-29 05:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-05 14:21 - 2017-09-29 05:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-05 14:21 - 2017-09-29 05:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-02 10:35 - 2017-09-29 00:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-30 12:33 - 2016-06-28 13:05 - 000012054 _____ C:\Users\XXX\Documents\Rifftrax iRiffs.xlsx
2017-12-30 12:17 - 2016-06-28 13:05 - 000056832 _____ C:\Users\XXX\Documents\Ultraman.xls
2017-12-30 12:14 - 2016-06-28 13:05 - 000057856 _____ C:\Users\XXX\Documents\Rifftrax Shorts.xls
2017-12-30 12:11 - 2016-06-28 13:05 - 000055808 _____ C:\Users\XXX\Documents\Rifftrax Regular Checklist.xls
2017-12-30 12:09 - 2016-06-28 13:05 - 000168960 _____ C:\Users\XXX\Documents\Cartoons.xls
2017-12-30 12:07 - 2016-06-28 13:05 - 000099328 _____ C:\Users\XXX\Documents\TV.xls
2017-12-30 11:55 - 2016-06-28 13:05 - 000060928 _____ C:\Users\XXX\Documents\Super Sentai.xls
2017-12-30 11:53 - 2016-06-28 13:05 - 000182272 _____ C:\Users\XXX\Documents\Misc Live Action.xls
2017-12-30 11:47 - 2016-06-28 13:05 - 000104960 _____ C:\Users\XXX\Documents\Kamen Rider.xls
2017-12-30 11:45 - 2016-06-28 13:05 - 000642048 _____ C:\Users\XXX\Documents\Anime.xls
2017-12-29 05:51 - 2017-09-29 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-25 22:38 - 2016-06-26 13:09 - 000000000 ____D C:\Users\XXX\Documents\Movie Collector
2017-12-22 05:45 - 2017-09-29 05:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-22 05:45 - 2017-09-29 05:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-15 09:14 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-10 03:10

==================== End of FRST.txt ============================

Users shortcut scan result (x64) Version: 02.01.2018
Ran by xxx (10-01-2018 18:42:04)
Running from C:\Users\xxx\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\xxx\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\xxx\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\xxx\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\xxx\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\xxx\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\xxx ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk -> C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 14.lnk -> C:\Program Files (x86)\Cyberlink\PowerDVD14\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Welcome.lnk -> C:\Program Files\HP\HP Welcome\Garage.Container.exe (HP Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk -> C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk -> C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe (Western Digital Technologies, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk -> C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe (Western Digital Technologies, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer\Log analyzer.lnk -> C:\Program Files\UVK - Ultra Virus Killer\Log analyzer.exe (Carifred)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer\UVK - Ultra Virus Killer.lnk -> C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe (Carifred.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc Video Mastering Works\TMPGEnc Video Mastering Works.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Video Mastering Works 5\TMPGEncVMW5.exe (Pegasys Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc Video Mastering Works\Uninstall TMPGEnc Video Mastering Works.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Video Mastering Works 5\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc\TMPGEnc Authoring Works 4\Batch Authoring Tool.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\TMPGEncAuthoringWorks4Batch.exe (Pegasys Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc\TMPGEnc Authoring Works 4\Help File.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\Help\TMPGEncAuthoringWorks4.en.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc\TMPGEnc Authoring Works 4\TMPGEnc Authoring Works 4.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\TMPGEncAuthoringWorks4.exe (Pegasys Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPGEnc\TMPGEnc Authoring Works 4\User License Agreement.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\License.en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Subtitle Edit.lnk -> C:\Program Files\Subtitle Edit\SubtitleEdit.exe (Nikse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Uninstall Subtitle Edit.lnk -> C:\Program Files\Subtitle Edit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Changelog.lnk -> C:\Program Files\Subtitle Edit\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Readme.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Evernote.lnk -> C:\Windows\Installer\{A229420E-204B-11E5-B844-0050569584E9}\Evernote.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk -> C:\Program Files\CyberLink\PhotoDirector\PhotoDirector5.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDirector.lnk -> C:\Program Files\CyberLink\PowerDirector12\PDR12.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\INFOPATH.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\mspub.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk -> C:\Program Files\Microsoft Office 15\root\office15\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Skype for Business Recording Manager.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk -> C:\ProgramData\MEGAsync\MEGA Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk -> C:\ProgramData\MEGAsync\uninst.exe (MEGA Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Web Companion.lnk -> C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Uninstall HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP ENVY 4520 series\HP TWAIN Administration.lnk -> C:\Program Files (x86)\HP\HP ENVY 4520 series\bin\TwainUtilityUI.exe (HP Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore\Hekasoft Backup & Restore.lnk -> C:\Program Files\Hekasoft Backup & Restore\hbr.exe (Hekasoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X9\Corel PaintShop Pro X9.lnk -> C:\Program Files (x86)\Corel\Corel PaintShop Pro X9\Corel PaintShop Pro.exe (Corel, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X9\Restore Database.lnk -> C:\Program Files (x86)\Corel\Corel PaintShop Pro X9\ResetDB.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Settings (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\CCCP-Settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Uninstall (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Media Player Classic Home Cinema (64bit).lnk -> C:\Program Files\Combined Community Codec Pack 64bit\MPC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collectorz.com\Movie Collector\Movie Collector.lnk -> C:\Program Files (x86)\Collectorz.com\Movie Collector\MovieCollector.exe (Collectorz.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collectorz.com\Movie Collector\Uninstall Movie Collector.lnk -> C:\Program Files (x86)\Collectorz.com\Movie Collector\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\xxx\Links\Desktop.lnk -> C:\Users\xxx\Desktop ()
Shortcut: C:\Users\xxx\Links\Downloads.lnk -> C:\Users\xxx\Downloads ()
Shortcut: C:\Users\xxx\Links\OneDrive.lnk -> C:\Users\xxx\OneDrive ()
Shortcut: C:\Users\xxx\Desktop\Avast Browser Cleanup.lnk -> C:\Users\xxx\AppData\Roaming\AVAST Software\Browser Cleanup\BrowserCleanup.exe (AVAST Software)
Shortcut: C:\Users\xxx\Desktop\Handbrake.lnk -> C:\Program Files\Handbrake\Handbrake.exe (HandBrake Team)
Shortcut: C:\Users\xxx\Desktop\Subtitle Edit.lnk -> C:\Program Files\Subtitle Edit\SubtitleEdit.exe (Nikse)
Shortcut: C:\Users\xxx\Desktop\ZHPCleaner.lnk -> C:\Users\xxx\AppData\Roaming\ZHP\ZHPCleaner.exe ()
Shortcut: C:\Users\xxx\Desktop\µTorrent.lnk -> C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\xxx\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake\Handbrake.lnk -> C:\Program Files\Handbrake\Handbrake.exe (HandBrake Team)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake\Uninstall.lnk -> C:\Program Files\Handbrake\uninst.exe ()
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\internet explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup\Browser Cleanup.lnk -> C:\Users\xxx\AppData\Roaming\AVAST Software\Browser Cleanup\BrowserCleanup.exe (AVAST Software)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TMPGEnc Authoring Works 4.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\TMPGEncAuthoringWorks4.exe (Pegasys Inc.)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TMPGEnc Video Mastering Works.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Video Mastering Works 5\TMPGEncVMW5.exe (Pegasys Inc.)
Shortcut: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\xxx\AppData\Local\Collectorz.com\Movie Collector\MCE\Movie Collector MCE.lnk -> C:\WINDOWS\ehome\ehshell.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk -> C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\Corel PaintShop Pro X9.lnk -> C:\Program Files (x86)\Corel\Corel PaintShop Pro X9\Corel PaintShop Pro.exe (Corel, Inc.)
Shortcut: C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk -> C:\Program Files\Hekasoft Backup & Restore\hbr.exe (Hekasoft)
Shortcut: C:\Users\Public\Desktop\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Public\Desktop\MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)
Shortcut: C:\Users\Public\Desktop\Movie Collector.lnk -> C:\Program Files (x86)\Collectorz.com\Movie Collector\MovieCollector.exe (Collectorz.com)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\TMPGEnc Authoring Works 4.lnk -> C:\Program Files (x86)\Pegasys Inc\TMPGEnc Authoring Works 4\TMPGEncAuthoringWorks4.exe (Pegasys Inc.)
Shortcut: C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk -> C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe (Carifred.com)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\WD Drive Utilities.lnk -> C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe (Western Digital Technologies, Inc.)
Shortcut: C:\Users\Public\Desktop\WD Security.lnk -> C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe (Western Digital Technologies, Inc.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping (2).lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TripAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=TripAdvisor_W10_taskbar&tp=Taskbar


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk -> C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe () -> manualstartmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Backup\WD Backup.lnk -> C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe (Western Digital Technologies, Inc.) -> -launchbackupdefault
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer\Uninstall.lnk -> C:\Program Files\UVK - Ultra Virus Killer\UVK_en.exe (Carifred.com) -> -uninst
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\B&O Play.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> shell32.dll,Control_RunDLL RTSnMg64.cpl,,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\INFOPATH.EXE (Microsoft Corporation) -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Documentation.lnk -> C:\Program Files\HP\Documentation\platform_guides\languages\index.html () -> /Arguments:Shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc.) -> /p 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP ENVY 4520 series\HP ENVY 4520 series.lnk -> C:\Program Files\HP\HP ENVY 4520 series\Bin\HP ENVY 4520 series.exe (HP Inc.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Barbarians.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Barbarians\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\City of Steam.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - City of Steam\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Command and Conquer Tiberium Alliances.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Command and Conquer Tiberium Alliances\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dino Storm.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Dino Storm\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Fringo.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Fringo\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Vegas World.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Vegas World\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Villagers & Heroes.lnk -> C:\Program Files (x86)\WildTangent Games\Web Link - Villagers & Heroes\launcher.exe (WildTangent) -> /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Audio Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVAudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Splitter Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVSplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\LAV Video Settings (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\LAVFilters\LAVVideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\Filters\VSFilter Configuration (64bit).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Combined Community Codec Pack 64bit\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \BTR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) -> \CRM
ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dropbox 25 GB.lnk -> C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe () -> manualstartmenu
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\xxx\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\HP ENVY 4520 series.lnk -> C:\Program Files\HP\HP ENVY 4520 series\Bin\HP ENVY 4520 series.exe (HP Inc.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\Users\Public\Desktop\WD Backup.lnk -> C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe (Western Digital Technologies, Inc.) -> -launchbackupdefault


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Online Help.url -> URL: hxxp://www.nikse.dk/SubtitleEdit/Help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit\Help and Support\Subtitle Edit on the Web.url -> URL: hxxp://www.nikse.dk/SubtitleEdit/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion\Frequently Asked Questions.url -> URL: hxxp://webcompanion.com/faq
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Playback FAQ.url -> URL: hxxp://www.cccp-project.net/wiki/index.php?title=Main_Page
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit\CCCP Website.url -> URL: hxxp://www.cccp-project.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collectorz.com\Movie Collector\Movie Collector Website.url -> URL: hxxp://www.collectorz.com/movie/
InternetURL: C:\ProgramData\MEGAsync\MEGA Website.url -> URL: hxxp://www.mega.nz
InternetURL: C:\Users\xxx\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\xxx\Favorites\Links\Amazon.com – Online Shopping.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=en_us&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\xxx\Favorites\Links\Priceline.com.url -> URL: hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=webslice
InternetURL: C:\Users\xxx\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=tripadvisor_W10_iefavsbar&tp=iefavs
InternetURL: C:\Users\xxx\Favorites\HP\Accessories.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\Amazon.com – Online Shopping.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=en_us&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\xxx\Favorites\HP\Best Buy.url -> URL: hxxp://www.bestbuy.com/
InternetURL: C:\Users\xxx\Favorites\HP\HP Blog-TheNextBench.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_blog&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\HP Creative Studio.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\HP Store.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\Priceline.com.url -> URL: hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=iefav
InternetURL: C:\Users\xxx\Favorites\HP\Printing.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\Services and Support.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=en_us&pf=cndt&s=sf_volume_ie_dt&tp=iefavs
InternetURL: C:\Users\xxx\Favorites\HP\Software and Driver Downloads.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\xxx\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=TripAdvisor_W10_iefav&tp=iefavs
InternetURL: C:\Users\xxx\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en-us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\Links\Amazon.com – Online Shopping.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=en_us&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\Default\Favorites\Links\Priceline.com.url -> URL: hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=webslice
InternetURL: C:\Users\Default\Favorites\Links\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=tripadvisor_W10_iefavsbar&tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\Amazon.com – Online Shopping.url -> URL: hxxp://redirect.hp.com/svs/rdr?locale=en_us&c=142&bd=pavilion&tp=iefavbar&s=amazon&pf=cndt&TYPE=4
InternetURL: C:\Users\Default\Favorites\HP\Best Buy.url -> URL: hxxp://www.bestbuy.com/
InternetURL: C:\Users\Default\Favorites\HP\HP Blog-TheNextBench.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_blog&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\HP Creative Studio.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\Priceline.com.url -> URL: hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=iefav
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\Services and Support.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=en_us&pf=cndt&s=sf_volume_ie_dt&tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=161
InternetURL: C:\Users\Default\Favorites\HP\TripAdvisor.url -> URL: hxxp://js.redirect.hp.com/jumpstation?bd=all&c=none&locale=all&pf=cndt&s=TripAdvisor_W10_iefav&tp=iefavs
InternetURL: C:\Users\Default\Favorites\HP\WildTangent Games for HP.url -> URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en-us&bd=all&c=161

==================== End of Shortcut.txt =============================

Callender said:

RE: Connection. Possibly need to reinstall your network adapter but I'm not expert on that.

What the heck, did that too. Didn't change a thing.

Hi. Really I need you to attach the text files as some text is truncated in your post.

Anyway a quick look seems to suggest that this is installed?

http://www.thewindowsclub.com/lavaso...mpanion-review

If setings have been configured it will set you homepage to bing as well as search engine if that is what is specified in the program settings.

Try uninstalling it.

Callender said:

Hi. Really I need you to attach the text files as some text is truncated in your post.

Anyway a quick look seems to suggest that this is installed?

http://www.thewindowsclub.com/lavaso...mpanion-review

If setings have been configured it will set you homepage to bing as well as search engine if that is what is specified in the program settings.

Try uninstalling it.

I already did.

Did uninstalling it solve the problem? Or if you uninstalled before running Farbar then uninstallation hasn't fully removed it.

RE: Hekasoft Backup & Restore. If you want to keep it to make FF profile backups that you can restore you should make sure that it doesn't start with windows:

Or uninstall if it's of no use.

Callender said:

Did uninstalling it solve the problem? Or if you uninstalled before running Farbar then uninstallation hasn't fully removed it.

No, it didn't, it was uninstalled after I ran Farbar but it had no effect on the problem.

Quote from webpage here:

Ad-Aware Web Companion

In case you want to restore your homepage and search engine to what they were before installing Web Companion, just check the boxes during uninstallation process.

Let me install this software and I will see what happens after installation and during removal.

Installed and FF Homepage and search engine sets to bing.

Code:

=======================================================
** Thursday 11/01/2018 19:51:40 **
Low-level Drivers and Services
Registry Key hkey_local_machine\system\ControlSet001\services
Subkey WCAssistantService has been added
=======================================================
** Thursday 11/01/2018 19:51:45 **
Low-level Drivers and Services
Registry Key hkey_local_machine\system\CurrentControlSet\services
Subkey WCAssistantService has been added
=======================================================
** Thursday 11/01/2018 19:51:50 **
Launched WebCompanion.exe[9872] « WebCompanionInstaller.exe[6396] « WcInstaller.exe[9168] « explorer.exe[9388] « svchost.exe[1264] « services.exe[1116] « wininit.exe[964]
Run Keys and Startup Files
Registry Key hkey_users\S-1-5-21-1868965074-785632981-1352939268-1001\software\microsoft\windows\currentversion\run
Value Web Companion (S) will be a new value with data
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
=======================================================
** Thursday 11/01/2018 19:51:53 **
Change Accepted
=======================================================
** Thursday 11/01/2018 19:52:06 **
Internet Zone Settings
Registry Key hkey_users\S-1-5-21-1868965074-785632981-1352939268-1001\software\microsoft\windows\currentversion\internet settings\zonemap\domains
Subkey localhost has been added
Subkey webcompanion.com has been added
=======================================================
** Thursday 11/01/2018 19:52:37 **
Launched WebCompanion.exe[9124] « WebCompanionInstaller.exe[6396] « WcInstaller.exe[9168] « explorer.exe[9388] « svchost.exe[1264] « services.exe[1116] « wininit.exe[964]
Internet Explorer Settings
Registry Key hkey_users\S-1-5-21-1868965074-785632981-1352939268-1001\software\microsoft\internet explorer\main
Value Start Page (S) will be a new value with data
http://www.bing.com/?pc=COSP&ptag=D011118-A4051B2AE3CDF42EAB2F&form=CONMHP&conlogo=CT3329381
=======================================================
** Thursday 11/01/2018 19:52:42 **
Change Accepted

Code:

[Process Creation]

01/11/2018 19:49:28
Process: [9168] C:\Users\Chris\Downloads\WcInstaller.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\Users\Chris\Downloads\WcInstaller.exe" 
MD5 Hash: 6B8380BFFC458CBC8D87126BCA5899A8
Bitness: 32-bit
Publisher: Lavasoft
Description: Web Companion Installer
Version: 4.0.1777.3330
Integrity Level: High
Signer: Lavasoft Software Canada
System Process: False
Protected Process: False
Metro Process: False
Parent: [9388] C:\WINDOWS\explorer.exe
Parent CommandLine: C:\WINDOWS\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding


[Process Creation]

01/11/2018 19:49:28
Process: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod
MD5 Hash: 7021B17338FBFD5E5156548A7E42F156
Bitness: 32-bit
Publisher: Lavasoft
Description: Web Companion
Version: 4.0.1777.3330
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [9168] C:\Users\Chris\Downloads\WcInstaller.exe
Parent CommandLine: "C:\Users\Chris\Downloads\WcInstaller.exe" 

[Process Creation]


[Process Creation]

01/11/2018 19:51:36
Process: [2832] C:\WINDOWS\System32\sc.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto
MD5 Hash: 21B09C66D6F035022FBC1E6E2A22BDA4
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Service Control Manager Configuration Tool
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod


[Process Creation]

01/11/2018 19:51:36
Process: [6232] C:\WINDOWS\System32\conhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [2832] C:\WINDOWS\System32\sc.exe
Parent CommandLine: "sc.exe" Create "WCAssistantService" binPath= "C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" DisplayName= "WC Assistant" start= auto


[Process Creation]

01/11/2018 19:51:36
Process: [9000] C:\WINDOWS\System32\sc.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000
MD5 Hash: 21B09C66D6F035022FBC1E6E2A22BDA4
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Service Control Manager Configuration Tool
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod


[Process Creation]

01/11/2018 19:51:36
Process: [960] C:\WINDOWS\System32\conhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [9000] C:\WINDOWS\System32\sc.exe
Parent CommandLine: "sc.exe" failure WCAssistantService reset= 30 actions= restart/60000


[Process Creation]

01/11/2018 19:51:38
Process: [6648] C:\WINDOWS\System32\sc.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"
MD5 Hash: 21B09C66D6F035022FBC1E6E2A22BDA4
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Service Control Manager Configuration Tool
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod


[Process Creation]

01/11/2018 19:51:38
Process: [4208] C:\WINDOWS\System32\conhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [6648] C:\WINDOWS\System32\sc.exe
Parent CommandLine: "sc.exe" description "WCAssistantService" "Ad-Aware Web Companion Internet security service"


[Process Creation]

01/11/2018 19:51:42
Process: [9128] C:\WINDOWS\System32\cmd.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
MD5 Hash: 50B930137463B14F73186C7C6767A2AA
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Windows Command Processor
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod


[Process Creation]

01/11/2018 19:51:42
Process: [9424] C:\WINDOWS\System32\conhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [9128] C:\WINDOWS\System32\cmd.exe
Parent CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone


[Process Creation]

01/11/2018 19:51:42
Process: [408] C:\WINDOWS\System32\netsh.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: netsh  http add urlacl url=http://+:9007/ user=Everyone
MD5 Hash: 549265D209264735FA7B40D913EC9EC0
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Network Command Shell
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [9128] C:\WINDOWS\System32\cmd.exe
Parent CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone


[Process Creation]

01/11/2018 19:51:46
Process: [9872] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo= 
MD5 Hash: BD74FBF8F7A2DB0BDEC9F591490E654E
Bitness: 32-bit
Publisher: Lavasoft
Description: Web Companion
Version: 4.0.1777.3330
Integrity Level: High
Signer: Lavasoft Software Canada
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod


[Process Creation]

01/11/2018 19:51:58
Process: [10184] C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
Username/Domain: SYSTEM/NT AUTHORITY
CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
MD5 Hash: 8EE025C3784BA3E1CBCBC13B2886B8E8
Bitness: 32-bit
Description: SPWindowsService
Version: 1.0.0.0
Integrity Level: System
Signer: Lavasoft Software Canada
System Process: True
Protected Process: False
Metro Process: False
Parent: [1116] C:\WINDOWS\System32\services.exe


[Process Creation]

01/11/2018 19:52:00
Process: [7724] C:\WINDOWS\System32\cmd.exe
Username/Domain: SYSTEM/NT AUTHORITY
CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
MD5 Hash: 50B930137463B14F73186C7C6767A2AA
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Windows Command Processor
Version: 6.2.15063.0
Integrity Level: System
System Process: True
Protected Process: False
Metro Process: False
Parent: [10184] C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
Parent CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"


[Process Creation]

01/11/2018 19:52:00
Process: [2508] C:\WINDOWS\System32\conhost.exe
Username/Domain: SYSTEM/NT AUTHORITY
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: System
System Process: True
Protected Process: False
Metro Process: False
Parent: [7724] C:\WINDOWS\System32\cmd.exe
Parent CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone


[Process Creation]

01/11/2018 19:52:00
Process: [6820] C:\WINDOWS\System32\netsh.exe
Username/Domain: SYSTEM/NT AUTHORITY
CommandLine: netsh  http add urlacl url=http://+:9007/ user=Everyone
MD5 Hash: 549265D209264735FA7B40D913EC9EC0
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Network Command Shell
Version: 6.2.15063.0
Integrity Level: System
System Process: True
Protected Process: False
Metro Process: False
Parent: [7724] C:\WINDOWS\System32\cmd.exe
Parent CommandLine: "C:\WINDOWS\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone


[Process Creation]

01/11/2018 19:52:02
Process: [8864] C:\WINDOWS\System32\backgroundTaskHost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
MD5 Hash: C090F2500F2A3AEF9DE6213519AAFB13
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Background Task Host
Version: 6.2.15063.0
Integrity Level: Low
Signer: Microsoft Windows
System Process: False
Protected Process: False
Metro Process: False
Parent: [1264] C:\WINDOWS\System32\svchost.exe
Parent CommandLine: C:\WINDOWS\system32\svchost.exe -k DcomLaunch


[Process Creation]

01/11/2018 19:52:08
Process: [2528] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Chris\AppData\Local\Temp\uokrl3jg.cmdline"
MD5 Hash: 66032114D75B2A881725128653DF8144
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Visual C# Command Line Compiler
Version: 8.0.50727.8784
Integrity Level: High
Signer: Microsoft Corporation
System Process: False
Protected Process: False
Metro Process: False
Parent: [9872] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
Parent CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo= 


[Process Creation]

01/11/2018 19:52:08
Process: [4128] C:\WINDOWS\System32\conhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
MD5 Hash: 24BFE27EC8759F56B539217585DA277C
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Console Window Host
Version: 6.2.15063.0
Integrity Level: High
System Process: False
Protected Process: False
Metro Process: False
Parent: [2528] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
Parent CommandLine: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Chris\AppData\Local\Temp\uokrl3jg.cmdline"


[Process Creation]

01/11/2018 19:52:08
Process: [2644] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Chris\AppData\Local\Temp\RES52D5.tmp" "c:\Users\Chris\AppData\Local\Temp\CSC52D4.tmp"
MD5 Hash: DD0EE56841E535A3A3AE7C20C32DE9CD
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: Microsoft® Resource File To COFF Object Conversion Utility
Version: 8.0.50727.9307
Integrity Level: High
Signer: Microsoft Corporation
System Process: False
Protected Process: False
Metro Process: False
Parent: [2528] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
Parent CommandLine: "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /noconfig /fullpaths @"C:\Users\Chris\AppData\Local\Temp\uokrl3jg.cmdline"


[Process Creation]

01/11/2018 19:52:10
Process: [6812] C:\Program Files\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\Ad-Aware Web Companion.exe" {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
MD5 Hash: 9738CE73ADEDC4FAA33558A0F20ECAE2
Bitness: 32-bit
Publisher:  
Description: Ad-Aware Web Companion.exe
Version: 4.0.1777.3330
Integrity Level: High
Signer: Lavasoft Software Canada
System Process: False
Protected Process: False
Metro Process: False
Parent: [9872] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
Parent CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo= 


[Process Creation]

01/11/2018 19:52:16
Process: [7048] C:\WINDOWS\System32\dllhost.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
MD5 Hash: FF19922720962D8A75412AB80868E796
Bitness: 32-bit
Publisher: Microsoft Corporation
Description: COM Surrogate
Version: 6.2.15063.0
Integrity Level: Medium
Signer: Microsoft Windows
System Process: False
Protected Process: False
Metro Process: False
Parent: [1264] C:\WINDOWS\System32\svchost.exe
Parent CommandLine: C:\WINDOWS\system32\svchost.exe -k DcomLaunch


[Process Creation]

01/11/2018 19:52:32
Process: [9124] C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
Username/Domain: Chris/DESKTOP-VR50D1D
CommandLine: "C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall 
MD5 Hash: BD74FBF8F7A2DB0BDEC9F591490E654E
Bitness: 32-bit
Publisher: Lavasoft
Description: Web Companion
Version: 4.0.1777.3330
Integrity Level: High
Signer: Lavasoft Software Canada
System Process: False
Protected Process: False
Metro Process: False
Parent: [6396] C:\Users\Chris\AppData\Local\Temp\7zSDDAE.tmp\WebCompanionInstaller.exe
Parent CommandLine: .\WebCompanionInstaller.exe --partner=website --campaign=homepage  --version=4.0.1777.3330 --prod

Now to uninstall.

Okay uninstalled:

Exit the program before uninstall. If you didn't right click the icon in the taskbar to stop the program running before uninstalling then I'd suggest reinstalling it then try removing it again.













After uninstall bing remained as homepage and search engine but could be removed.

I reckon it's possible that something went wrong with your uninstall. Try installing it again then remove it and check to see that any FF addon was also removed.