Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by David (28-03-2018 21:54:28)
Running from C:\Users\David\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2017-02-16 09:08:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1365679944-132168641-953657067-500 - Administrator - Disabled)
David (S-1-5-21-1365679944-132168641-953657067-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-1365679944-132168641-953657067-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1365679944-132168641-953657067-1059 - Limited - Enabled)
UpdatusUser (S-1-5-21-1365679944-132168641-953657067-1057 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM\...\{A911056C-E170-476A-9C9E-9E0500E6DC6A}) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM\...\{BAF5175E-C27F-4252-81B9-E42F01E46CB6}) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2218B6FE-7215-4EC9-B0E7-F47674AFA2F5}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Athentech Perfectly Clear (HKLM\...\_{128FBA3A-36CA-4BEB-8AAA-036A0AF8E4E2}) (Version: 1.0.0.135 - Corel Corporation)
Athentech Perfectly Clear (HKLM\...\{128FBA3A-36CA-4BEB-8AAA-036A0AF8E4E2}) (Version: 1.0.0.135 - Corel Corporation) Hidden
Avira (HKLM\...\{5269e51a-b619-4c55-8a5c-8c7eaf27e6cf}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{DBA89A98-6FF1-4FE3-8147-69DD2C5DE889}) (Version: 1.2.108.24268 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.34.27 - Avira Operations GmbH & Co. KG)
Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel PaintShop Pro X9 (HKLM\...\_{998717E5-1031-4D28-A143-48ADAF062E5F}) (Version: 19.2.0.7 - Corel Corporation)
Corel PaintShop Pro X9 (HKLM\...\{93EE564E-9DA1-4655-8A90-4E816019B409}) (Version: 19.1.0.29 - Corel Corporation) Hidden
Corel ScreenCap (HKLM\...\{99642277-4695-438F-8F07-E59D3E8EDB26}) (Version: 1.0.0 - Corel Corporation)
Corel Update Manager (HKLM\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.7.355 - Corel corporation) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell System Detect (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Dropbox (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
EPSON PhotoQuicker3.5 (HKLM\...\{65F5B7AF-3363-11D7-BB6B-00018021113F}) (Version: - )
EPSON Print CD (HKLM\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus SX210_SX410_TX210_TX410 Manual (HKLM\...\Epson Stylus SX210_SX410_TX210_TX410 User’s Guide) (Version: - )
EPSON SX410 Series Printer Uninstall (HKLM\...\EPSON SX410 Series) (Version: - SEIKO EPSON Corporation)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
getPlus(R) for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.35 - NOS Microsystems Ltd.)
Google Chrome (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Drive (HKLM\...\{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}) (Version: 1.9.4536.8202 - Google, Inc.)
Google Earth (HKLM\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Hauppauge MCE XP/Vista Software Encoder (2.0.25296) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25296 - Hauppauge Computer Works, Inc.)
Hauppauge TV Tuner Driver (HKLM\...\{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}) (Version: 2.0.25312 - Hauppauge Computer Works) Hidden
ICA (HKLM\...\{998717E5-1031-4D28-A143-48ADAF062E5F}) (Version: 19.1.0.29 - Corel Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
IPM_PSP_COM (HKLM\...\{9A86C6EE-2CCC-4A51-BCC8-AAF97C2F4615}) (Version: 19.1.0.29 - Corel Corporation) Hidden
iTunes (HKLM\...\{BAE90D3C-B93B-4B8E-BA38-C9B5575CC483}) (Version: 12.7.3.46 - Apple Inc.)
Juniper Installer Service (HKLM\...\SetupService) (Version: 1.1.0.3489 - Juniper Networks)
Juniper Networks Host Checker (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Neoteris_Host_Checker) (Version: 6.3.0.14715 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Juniper_Setup_Client) (Version: 1.3.3.13503 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 1.3.1.6 - Juniper Networks)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.1 (HKLM\...\{6AF5CAB9-FD0A-494F-8AA6-784D4B5D06C5}) (Version: 2.1.0000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{A71D5E81-B967-43DB-93D7-FD31BFB95748}) (Version: 3.1.5.0 - Apple Inc.)
Mozilla Firefox 58.0.2 (x86 en-GB) (HKLM\...\Mozilla Firefox 58.0.2 (x86 en-GB)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (HKLM\...\{32343DB6-9A52-40C9-87E4-5E7C79791C87}) (Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PSPPContent (HKLM\...\{91773E30-F29C-4381-854A-95281DEB8DA1}) (Version: 19.1.0.29 - Corel Corporation) Hidden
PSPPHelp (HKLM\...\{9F087D85-EDDC-4DC4-B665-AFDD3734D987}) (Version: 19.1.0.29 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1908.137 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.104.1223.2016 - Realtek)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Seagate Manager Installer (HKLM\...\{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Hidden
Seagate Manager Installer (HKLM\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.4 - Seagate Technology)
Secunia PSI (3.0.0.11005) (HKLM\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Segoe UI (HKLM\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Setup (HKLM\...\{9E0054AB-F957-4177-850E-3541960DBD53}) (Version: 19.1.0.29 - Corel Corporation) Hidden
SIPPS (HKLM\...\SIPPS!UninstallKey) (Version: - )
Skype™ 7.24 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1908.137 - Trusteer)
TuxGuitar 1.2 (HKLM\...\TuxGuitar_0) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC 9.0 Runtime (HKLM\...\{A040AC77-C1AA-4CC9-8931-9F648AF178F6}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.4053 (HKLM\...\{5EE7D259-D137-4438-9A5F-42F432EC0421}) (Version: 1.1.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
ZoneAlarm Antivirus (HKLM\...\{4818D335-B3C0-4CE7-89EF-1380A3A549A3}) (Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\ChromeHTML: -> C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1365679944-132168641-953657067-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\David\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2013-04-16] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2013-04-16] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2013-04-16] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2013-04-16] (Google)
ContextMenuHandlers1: [EPP] -> {3F3B81BE-529B-40b9-8189-6666B241ADFA} => C:\Program Files\Epson Software\Easy Photo Print\EPPShell.dll [2008-10-22] (SEIKO EPSON CORPORATION)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2013-04-16] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-12-21] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> No File
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files\CheckPoint\ZoneAlarm\zlavscan.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2013-04-16] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2017-12-21] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files\CheckPoint\ZoneAlarm\zlavscan.dll -> No File
ContextMenuHandlers1_S-1-5-21-1365679944-132168641-953657067-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1365679944-132168641-953657067-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1365679944-132168641-953657067-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\David\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2018-03-15] (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {051D0B09-CFC4-4E3D-8B65-F8FCF2489E6F} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-07-21] (Realtek)
Task: {07BA4BB6-FE13-4020-985A-780781738826} - \Driver Booster SkipUAC (David) -> No File <==== ATTENTION
Task: {0FA34E30-83C3-40D2-921D-6C432B6E9E53} - System32\Tasks\CorelUpdateHelperTask-6D51C8F514C231B4491278912C46A4AD => C:\Program Files\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation)
Task: {137ABB43-7313-49E1-81C7-4AB3C31E18DB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000Core => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {14624C15-C2B0-4738-BAC9-B243666F915D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-23] (Adobe Systems Incorporated)
Task: {2BF02622-C870-4B5A-8850-49BA3525A67A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000UA => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {2BF84EFE-C4BA-4720-BD3C-C9BFBC620937} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {38F1B869-43D7-41CA-8C59-AAE57DF6CAD1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-23] (Adobe Systems Incorporated)
Task: {41CE564A-97CD-42C3-AC79-5A1CC14B67CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-11] (Google Inc.)
Task: {50B32295-DFEF-495E-B684-1EDC2EAFC3D1} - System32\Tasks\{8BAEA27D-0DDA-428A-9727-E208DE68AAAA} => C:\Program Files\Skype\Phone\Skype.exe [2016-05-17] (Skype Technologies S.A.)
Task: {52D7030C-C7A7-43C0-BD62-0F7B6726D22D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {5664BF4D-D5C9-4708-9A0F-72B0E555509E} - System32\Tasks\{B28DE500-09F8-4770-8AB1-40C41B0C7399} => C:\Windows\system32\pcalua.exe -a C:\Users\David\Downloads\converter.exe -d C:\Windows\system32
Task: {57A9D223-4743-42A4-A195-BD5F48C5755B} - System32\Tasks\SmartDefrag => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
Task: {63370F96-9BAF-4307-9350-1348A42F2579} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000UA => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6467F6B6-F82F-4978-BA3B-98D388624403} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2018-03-02] (Avira Operations GmbH & Co. KG)
Task: {67DDFABE-683F-4953-BE25-41FC8728CC47} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1365679944-132168641-953657067-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)
Task: {796DCEC3-6154-4AA1-8059-EAB65E5F75A6} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation)
Task: {8401FDD5-BD53-4F87-AA11-45BB97713683} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {84B5593E-5FAA-4676-AB89-9511DA7E5917} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000Core => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {85053098-403B-490A-99A4-F9C40E672C5E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1365679944-132168641-953657067-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)
Task: {878236F4-BFB9-42A4-8EB7-BA1552F24AF4} - \{4DB442F9-C5C4-47D4-CABC-256BB9E033EC} -> No File <==== ATTENTION
Task: {BB81403D-923E-4F31-B6FA-1F24F0BDD336} - System32\Tasks\{DF81553E-9FE4-46F9-A698-E6FEC3497677} => C:\Windows\system32\pcalua.exe -a C:\Users\David\Downloads\Xvid-1.2.2-07062009.exe -d "K:\Photos\Lost season 5"
Task: {C2C21F40-674F-47CF-8D11-D24E7D21EBBC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {D0AB8569-08AA-4FCD-B319-21339C4255D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-11] (Google Inc.)
Task: {DEAEF5E5-4577-4785-B02A-19A99003D01F} - \{77FD207A-F73E-4650-9133-C6BF9DCB9A1D} -> No File <==== ATTENTION
Task: {E3B74E19-B294-4BA5-8891-D72218EE4503} - System32\Tasks\{C16E4FDC-EC6A-4B6B-9404-EDA79210A247} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F31BB7E0-A603-46F9-B04E-10075749C18E} - System32\Tasks\{6DCE0CBF-14D4-4F83-A3A5-6D140E6CC7A3} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/5.8.0.158.259/en/abandoninstall?page=tsMain
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000Core.job => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1365679944-132168641-953657067-1000UA.job => C:\Users\David\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlNICDiagVistaStart.job => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe
Task: C:\Windows\Tasks\SmartDefrag.job => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{AE143750-3A46-4BA4-B78A-221DF09B574B}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\{4DB442F9-C5C4-47D4-CABC-256BB9E033EC}.job => C:\Users\David\AppData\Local\{453F7~1\UNINST~1.EXE <==== ATTENTION
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-16 02:38 - 2013-01-18 15:20 - 000079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-22 04:21 - 2018-01-22 04:21 - 001042232 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 04:21 - 2018-01-22 04:21 - 000076088 _____ () C:\Program Files\iTunes\zlib1.dll
2018-03-23 18:50 - 2018-03-15 12:50 - 000746312 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-03-23 18:50 - 2018-03-15 12:50 - 002079048 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-03-23 18:50 - 2018-03-15 12:50 - 000100312 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000018896 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\select.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000020808 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000035808 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000694232 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000021856 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000130520 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 001856864 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000022880 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000145880 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000116696 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2018-03-23 18:50 - 2018-03-15 12:50 - 000105944 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32api.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000022872 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000063312 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000024536 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32event.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000077120 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\fastpath.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000020952 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000124888 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32file.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000114136 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32security.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000392664 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2018-03-23 18:50 - 2018-03-15 12:53 - 000392520 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000026464 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000043480 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32process.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000024024 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000175576 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32gui.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000030168 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000026072 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32job.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000048600 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32service.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000057816 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000021840 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000023376 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000022864 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000066400 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 001798464 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000084944 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\sip.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 001959232 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 003863880 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000155472 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000521544 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000051024 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000043336 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000131400 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000219984 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000204104 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000025440 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000060888 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32print.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000054616 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000024024 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32profile.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000022880 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000028632 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\win32ts.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000022368 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000021856 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000022368 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000027496 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000349144 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2018-03-23 18:50 - 2018-03-15 12:53 - 000023904 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000025432 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2018-03-23 18:50 - 2018-03-15 12:50 - 000036312 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\librsync.dll
2018-03-23 18:50 - 2018-03-15 12:53 - 000021856 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000181064 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-03-23 18:50 - 2018-03-15 12:53 - 000030544 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000024384 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-03-23 18:50 - 2018-03-15 12:52 - 001638208 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-03-23 18:50 - 2018-03-15 12:53 - 000026464 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000546632 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000359744 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2018-03-23 18:50 - 2018-03-15 12:52 - 000038216 _____ () C:\Users\David\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd
2018-01-09 12:39 - 2017-11-29 10:11 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\David\Downloads\f9824a1717a164c3.mp4:TOC.WMV [130]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1365679944-132168641-953657067-1000\...\1-se.com -> 1-se.com
There are 11327 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2012-10-24 15:18 - 000444930 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
127.0.0.1
www.0scan.com
127.0.0.1 0scan.com
127.0.0.1
www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1
www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1
www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1
www.10sek.com
127.0.0.1
www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1
www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1
www.123moviedownload.com
127.0.0.1
www.123simsen.com
There are 15277 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1365679944-132168641-953657067-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1365679944-132168641-953657067-1057\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: cmdAgent => 2
MSCONFIG\Services: DockLoginService => 2
MSCONFIG\Services: FreeAgentGoNext Service => 2
MSCONFIG\Services: getPlus(R) Helper => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate1c9eaad5b861f00 => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: JuniperAccessService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: sprtsvc_DellSupportCenter => 2
MSCONFIG\Services: sprtsvc_O2 => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: SupportSoft RemoteAssist => 3
MSCONFIG\Services: WRSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => c:\program files\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\David\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: BigDogPath => C:\Windows\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc%
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: COMODO Internet Security => "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
MSCONFIG\startupreg: Corel File Shell Monitor => "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe"
MSCONFIG\startupreg: dellsupportcenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
MSCONFIG\startupreg: DellSystemDetect => C:\Users\David\AppData\Local\Apps\2.0\1LLGV105.GMT\RVYL3TNL.DOM\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: EPSON SX410 Series => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE /FU "C:\Windows\TEMP\E_S7A24.tmp" /EF "HKCU"
MSCONFIG\startupreg: Google Update => C:\Users\David\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => c:\program files\itunes\ituneshelper.exe
MSCONFIG\startupreg: MaxMenuMgr => "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
MSCONFIG\startupreg: NvCplDaemon => "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: O2 => "C:\Program Files\O2\bin\sprtcmd.exe" /P O2
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => "RtHDVCpl.exe"
MSCONFIG\startupreg: Sidebar => "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: Windows Defender => "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: WRSVC => "C:\Program Files\Webroot\WRSA.exe" -ul
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{05CF087E-C64E-4B61-814C-FD13A6B494C6}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{DA0D2A9D-CF58-4D63-95A9-263834660F96}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{2EDE33D7-8E86-4EB9-AEA8-64EB7F98BEF3}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{3C2AB1E3-B9C3-4C64-A730-744984D24A82}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{CD5F3F51-9DF3-4BF2-AE8E-17F2F9D5146F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{22026013-FAA5-444E-976C-B6285ECCE026}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DFA8EFA7-8A41-44E6-A698-99378003C888}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDFE950A-4ABA-45B8-BFDF-A4E78669B550}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F51D327-8C81-43D3-8457-E3800EC62119}] => (Allow) svchost.exe
FirewallRules: [{03E74A64-6F3E-4364-B71B-4A54045ACCF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF576377-8A6D-4FED-92C4-FF0EB2AF3262}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{47CBA9AA-C393-491A-9546-12CEADDAFD9E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CAABCC27-07A9-4E59-B07B-DCD253DAB9FB}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{EC035C11-C96F-437D-881E-6E59EC88CD38}] => (Allow) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{39DD02EB-61D9-4D27-99A2-5C882975B183}] => (Allow) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C26C0584-96CE-461D-8E95-8580B9C3F74F}] => (Allow) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{C505D153-8DA8-42CA-A6DF-513A2B85D07B}] => (Allow) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{715D3D46-2683-4064-874E-67E9E7021D33}] => (Allow) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{193C18DB-ED12-4CCE-AA9B-71B9626251D7}] => (Allow) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [UDP Query User{3F1AF4D2-5F3E-465A-8626-BBF9F0675531}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BD4FD3AA-9047-407A-A79D-09307F39E867}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EA42CFFB-07B3-4D87-9D61-E2023FE8EA7A}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [TCP Query User{BDB850D8-2F0B-4AFB-A185-48A14D8C6FEA}C:\program files\spotify\spotify.exe] => (Allow) C:\program files\spotify\spotify.exe
FirewallRules: [{55A7882E-1A44-4677-A093-8DD144D49D90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7ADEDB6D-DDF1-4855-80B6-8CDF3553FFBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E170C54D-5694-4D57-8102-98E0E3936BEA}] => (Allow) LPort=1900
FirewallRules: [{5D7B9ADE-2366-41B8-827E-582763EDB857}] => (Allow) LPort=2869
FirewallRules: [{7F874A11-3D79-46F6-A831-F720A961FA8D}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{603C2E12-B761-49E8-A1A8-21640C9C12B8}] => (Allow) svchost.exe
FirewallRules: [{C9D16E0F-82CA-4487-A868-F49FBB1CF343}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{F5077FFF-61FB-43B2-98FC-AE7231AE55FD}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A69706D1-D859-4C30-A253-77495A3FBB66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5A1B4F42-BA6A-4107-8E23-32D951591112}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5EB55078-9ADD-4638-A41E-5DAC00846E90}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{A8D2ED93-A547-486C-823B-F1D2F453806B}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E200C539-29F5-4DAF-A4F6-038EBF5FB0C1}] => (Allow) C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{C37670A3-9120-4522-BAA7-3244D649118D}] => (Allow) C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{BDE62C79-CE7B-4FBC-B067-9FE0792D2791}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C40F9521-12F8-4A3C-8F30-C2181B0101D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{61BE2BDA-77F4-436C-92AA-3F61561C26C4}C:\users\david\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\david\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{43F9C885-BC26-4D6D-9414-16DDFDD62C47}C:\users\david\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\david\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{93F59A67-B3EE-486D-9894-55F35EAA1671}C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4E635DB7-7583-498E-BA38-BEF81DA305DF}C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{832A899F-B34E-4389-800B-5090782A4278}C:\windows\system32\spool\drivers\w32x86\3\sagent4.exe] => (Block) C:\windows\system32\spool\drivers\w32x86\3\sagent4.exe
FirewallRules: [UDP Query User{C8CEF33C-16C8-48F1-97E5-A069D9574CA2}C:\windows\system32\spool\drivers\w32x86\3\sagent4.exe] => (Block) C:\windows\system32\spool\drivers\w32x86\3\sagent4.exe
FirewallRules: [{C3250E6D-31E4-4EC3-84AF-34F45B6A5E76}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{CB559F87-345D-425A-9A85-A6918D23D1A5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
04-09-2017 15:57:18 Installed Rapport
14-09-2017 12:36:33 Windows Update
20-09-2017 14:28:57 Windows Update
22-09-2017 17:20:46 Installed Rapport
06-10-2017 17:14:17 Installed Rapport
11-10-2017 17:56:20 Windows Update
10-11-2017 14:33:19 Scheduled Checkpoint
16-11-2017 15:37:06 Windows Update
23-11-2017 04:01:48 Windows Update
28-11-2017 23:22:06 Windows Update
07-12-2017 23:27:43 Windows Update
13-12-2017 16:08:21 Windows Update
21-12-2017 13:30:25 Installed Rapport
04-01-2018 17:24:32 Installed Rapport
10-01-2018 13:04:32 Windows Update
23-01-2018 13:59:19 Installed Rapport
08-02-2018 17:31:10 Installed Rapport
14-02-2018 15:52:21 Windows Update
22-02-2018 13:10:40 Scheduled Checkpoint
11-03-2018 17:49:51 Windows Update
24-03-2018 13:38:32 Windows Update
28-03-2018 20:57:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2018 09:49:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/28/2018 09:31:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.595, time stamp: 0x59f74253
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a7d
Exception code: 0xc0000005
Fault offset: 0x00031dca
Faulting process id: 0xab4
Faulting application start time: 0x01d3c6d22feb7bcf
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 0c03344e-32c7-11e8-a58e-0021705a8342
Error: (03/28/2018 09:20:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/28/2018 08:50:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/27/2018 10:18:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/26/2018 06:08:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
Error: (03/26/2018 06:08:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
Error: (03/26/2018 06:08:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (03/28/2018 09:26:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (03/28/2018 09:26:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/28/2018 09:15:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
Error: (03/28/2018 08:54:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Error: (03/27/2018 12:51:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
Error: (03/27/2018 12:49:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
Error: (03/27/2018 11:22:25 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (03/27/2018 11:22:22 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
CodeIntegrity:
===================================
Date: 2017-02-16 00:23:17.624
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-16 00:23:16.922
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-16 00:23:16.235
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-16 00:23:15.471
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-15 23:22:59.875
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-15 23:22:59.188
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-15 23:22:58.517
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-02-15 23:22:57.862
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 58%
Total physical RAM: 3071.18 MB
Available physical RAM: 1269.14 MB
Total Virtual: 6140.68 MB
Available Virtual: 3923.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:683.55 GB) (Free:391.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.67 GB) NTFS
Drive k: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:496.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 50000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=683.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: E46CEBE2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================