Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by xxxxxxx (21-01-2018 12:09:02)
Running from C:\Users\xxxxxxx\Downloads
Windows 7 Professional Service Pack 1 (X64) (2017-09-18 20:32:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3571793897-3695349560-1157639705-500 - Administrator - Enabled) => C:\Users\Administrator
dstover (S-1-5-21-3571793897-3695349560-1157639705-1001 - Limited - Enabled)
Guest (S-1-5-21-3571793897-3695349560-1157639705-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro OfficeScan Antivirus (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Trend Micro OfficeScan Anti-spyware (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-623538099-558311655-452798024-2129\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Application Compatibility Toolkit (HKLM\...\{F750E5A7-BCC1-1F6D-4FDA-C5B349F1254C}) (Version: 8.100.26641 - Microsoft) Hidden
AQ (HKLM-x32\...\{A05B1A6E-214A-4669-B9BE-C6E587FB876E}) (Version: 1.17.7190.1233 - AutoQuotes)
Assessments on Client (HKLM-x32\...\{C1C83898-5A60-AE9D-A3AB-7534375CA453}) (Version: 8.100.26866 - Microsoft) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
D110 (HKLM-x32\...\{55C4B9E9-39C8-4BD6-9BCF-41BE40393A5F}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
Dell Backup and Recovery Manager (HKLM\...\{C08FC5E5-54A3-41AC-9209-5A07DEDBF2DF}) (Version: 1.3.3 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{8D7B279C-A661-465C-9658-F62FBD6A6B91}) (Version: 2.1.3.5 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.134 - ALPS ELECTRIC CO., LTD.)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 41.4.80 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell Inc.)
Eagle e4wDrivers 25.0885.065 (HKLM-x32\...\{693F6AB5-64D0-492E-A76C-9A56C5150B72}) (Version: 14.244.13257 - Epicor Software Corporation) Hidden
Eagle e4wFonts e4wFonts 25.0885.065 (HKLM-x32\...\{FD351FF7-3D77-4A88-9107-1E0DA066CC51}) (Version: 14.244.13257 - Epicor Software Corporation) Hidden
Eagle e4wHelp 25.0885.065 (HKLM-x32\...\{D2F2B121-912E-438F-9555-8159D8E7EEAC}) (Version: 14.244.13257 - Epicor Software Corporation) Hidden
Eagle e4wServices 25.0885.065 (HKLM-x32\...\{4F1DFE5F-1F65-434F-9AE8-D984ED847CF5}) (Version: 14.244.13257 - Epicor Software Corporation) Hidden
Eagle for Windows (HKLM-x32\...\Eagle for Windows) (Version:  - Epicor Software Corporation)
Eagle LaserCat 3 Client (HKLM-x32\...\{A97D30A2-E40D-4DFF-B9B8-AB7C25B25BE9}) (Version:  - )
Eagle N Series™ 25.0885.065 (HKLM-x32\...\{63E88CE8-DB3D-4730-8735-CF2994ABD348}) (Version: 14.244.13257 - Epicor Software Corporation) Hidden
Eagle SecureAccess 25.0885.065 (HKLM-x32\...\{DC37CB49-F595-4B63-A049-3EC7961D53F6}) (Version: 14.244.13257 - Epicor Software Corporation)
Google Chrome (HKLM-x32\...\{25D2D4B7-33E0-301B-989D-63B657E5CD59}) (Version: 63.0.3239.132 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4997.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-623538099-558311655-452798024-2129\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Nuance PDF Converter Professional 8 (HKLM\...\{4131723B-BF21-4372-AFFD-82F31C31E50A}) (Version: 8.10.6267 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM-x32\...\{4131723B-BF21-4372-AFFD-82F31C31E50A}) (Version: 8.10.6267 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 Update x64 (HKLM\...\{45AE5880-34A1-4575-92A6-11D0DC182F24}) (Version: 8.11.0000 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4997.1000 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PS_AIO_07_D110_SW_Min (HKLM-x32\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{8E4B1BE8-DCF3-4B90-A726-B28107442623}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics)
Status (HKLM-x32\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}) (Version: 140.0.424.000 - Hewlett-Packard) Hidden
Toolkit Documentation (HKLM-x32\...\{6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}) (Version: 8.100.26866 - Microsoft) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.4268 - Trend Micro Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.6 - uvnc bvba)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows Driver Package - STMicroelectronics (ST_Accel) System  (02/17/2016 2.2.3.11) (HKLM\...\5466ABE69B0774EF3A6EC25BB0C6BA388A4622D5) (Version: 02/17/2016 2.2.3.11 - STMicroelectronics)
WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26837 - Microsoft) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1: [OfficeScan NT] -> {AF4F7471-FCFB-11d0-80B6-0080C838D5F9} => C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmdShell_64x.dll [2015-04-27] (Trend Micro Inc.)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 8\ShellExt70.dll [2012-10-23] (Nuance Communications, Inc.)
ContextMenuHandlers1: [Zeon.GMFCDirectShellExt] -> {C037D85B-2F6F-4B14-9E6D-26D504D9194B} => C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GDirectShellExt.dll [2013-04-15] (Zeon International Investment Corp. )
ContextMenuHandlers2: [OfficeScan NT] -> {AF4F7471-FCFB-11d0-80B6-0080C838D5F9} => C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmdShell_64x.dll [2015-04-27] (Trend Micro Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers4: [OfficeScan NT] -> {AF4F7471-FCFB-11d0-80B6-0080C838D5F9} => C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmdShell_64x.dll [2015-04-27] (Trend Micro Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-22] (Intel Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CA1FBD-06F5-4997-8BB3-188163DB9030} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {10ADE829-2E59-4B0A-9F59-785E74EA0A48} - System32\Tasks\{527B88B9-D0A9-41AC-8D8D-042AE1736986} => C:\Windows\system32\pcalua.exe -a C:\Users\dstover\Documents\sysclean\SysClean.com -d C:\Users\dstover\Documents\sysclean
Task: {115C0CC9-4D71-45EC-90D6-053C6A8341F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-21] (Google Inc.)
Task: {272841C1-8BC1-4F37-A94D-4F532FD7E2B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-21] (Google Inc.)
Task: {278A9161-0895-4431-965D-5F52A9CB829C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-22] (Dropbox, Inc.)
Task: {351224FD-11E0-4733-86DE-E56CF58BE782} - System32\Tasks\{6BA9E8F0-B7C0-4CF8-AC93-C7B38336343A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}"
Task: {40A5C1C1-A818-49AB-BF3F-3A5E756D4E5F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4DC4FEA2-C0C2-4488-9226-7E9B1DC09BBF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {4E4512F2-129F-4DB3-9343-18140553C4AC} - System32\Tasks\{2F857FB8-0633-4937-A5DA-3BA6C4DD4A40} => C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe [2015-07-24] (Trend Micro Inc.)
Task: {67962C29-0430-4FCD-96E5-78A063CFB20B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {69CFF332-CB04-4784-AEC7-4AC9D15313E2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-12-22] (Dell Inc.)
Task: {7319F8BC-D127-4501-A121-49BB6A2153DC} - System32\Tasks\{1B53C9B0-1C92-4EF6-B429-DA4095534B0A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmExtIns32.exe" -d "C:\Program Files (x86)\Trend Micro\OfficeScan Client"
Task: {80C7CC36-86B1-402A-8FC5-BA34CFB447BA} - System32\Tasks\Microsoft\Windows\PLA\System\{2FEDDA37-EF95-4C30-9E32-01FE0F298409}_System Diagnostics => Command(1): C:\Windows\system32\rundll32.exe -> C:\Windows\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {80C7CC36-86B1-402A-8FC5-BA34CFB447BA} - System32\Tasks\Microsoft\Windows\PLA\System\{2FEDDA37-EF95-4C30-9E32-01FE0F298409}_System Diagnostics => Command(2): C:\Windows\system32\schtasks.exe -> /delete /f /tn "\Microsoft\Windows\PLA\System\{2FEDDA37-EF95-4C30-9E32-01FE0F298409}_System Diagnostics"
Task: {80D5755B-E758-4130-98DE-8C5B6D7BDBBB} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {92E9034E-6013-4BA0-9479-F509367F38AF} - System32\Tasks\{79EAB2E1-4038-4AB5-8699-F5C3734A1DB8} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopExtIns32.exe" -d "C:\Program Files (x86)\Trend Micro\OfficeScan Client"
Task: {AD209C60-3A6C-4753-B87D-9C1227751EFB} - System32\Tasks\{B420C63D-A63E-403A-8350-25D8AFB18ABB} => C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe [2015-07-24] (Trend Micro Inc.)
Task: {B0FCCC24-9564-47F4-A59B-2F77A065E4B1} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {BDF6085D-35F8-4929-8976-A761C1BA4AE3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {C4A7ABFF-8EC1-4F67-95A8-D54250231BAF} - System32\Tasks\Norton Remove and Reinstall\Norton Remove and Reinstall => C:\Users\dstover\Downloads\NRnR.exe
Task: {D2C1BF38-3B61-4207-9CF5-D4B2B2E43371} - System32\Tasks\{A2EDA7C0-3150-4C8B-9BF6-D1AED35D7280} => C:\Windows\system32\pcalua.exe -a "C:\Users\dstover\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8UQEHXUJ\Trend Micro Ransomware Screen Unlocker.exe" -d C:\Users\dstover\Desktop
Task: {D5CEF3FF-F325-48BD-99D8-E6543D751C87} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-19] (Adobe Systems Incorporated)
Task: {E415469C-587B-4BBB-8171-150FFCC439EA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-22] (Dropbox, Inc.)
Task: {E943DA94-35F3-4629-86C8-DBE9F392FA63} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {EAF86FF1-CC56-4E70-ADF9-70E5D1986383} - System32\Tasks\{DD450393-95AD-43B0-8E04-300795712D08} => C:\Windows\system32\pcalua.exe -a C:\Users\dstover\Documents\WPAO_en_v1.4.exe -d C:\Users\dstover\Documents
Task: {FB347F1D-18CD-4388-B0AA-CA5EABC92A54} - System32\Tasks\{61BA6795-BEC1-4C2D-8E09-772AA3C1E985} => C:\Windows\system32\pcalua.exe -a C:\Dell\Drivers\K3TWC\install.exe -d C:\Dell\Drivers\K3TWC

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-10 10:38 - 2016-06-02 12:34 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-12-22 13:31 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2018-01-20 23:43 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-20 23:43 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-01-11 16:00 - 2018-01-08 15:15 - 000732480 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-01-11 16:00 - 2018-01-08 15:15 - 002061632 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-22 20:56 - 2018-01-08 15:15 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-09-22 20:56 - 2018-01-08 15:16 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-01-11 16:00 - 2018-01-08 15:15 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-01-11 16:00 - 2018-01-08 15:15 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-09-22 20:56 - 2018-01-08 15:15 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-22 20:56 - 2018-01-08 15:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000063296 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-01-11 16:00 - 2018-01-08 15:15 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-01-11 16:00 - 2018-01-08 15:15 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-09-22 20:56 - 2018-01-08 15:16 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-22 20:56 - 2018-01-08 15:16 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-22 20:56 - 2018-01-08 15:16 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-22 20:56 - 2018-01-08 15:16 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-22 20:56 - 2018-01-08 15:15 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-09-22 20:56 - 2018-01-08 15:17 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-01-11 16:00 - 2018-01-08 15:15 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 15:37 - 2018-01-08 15:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-22 20:56 - 2018-01-08 15:16 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-01-11 16:00 - 2018-01-08 15:16 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-09-22 20:56 - 2018-01-08 15:17 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-01-11 16:00 - 2018-01-08 15:16 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [464]
AlternateDataStreams: C:\Users\dstover\Documents\ADI Line Sheet 021617.doc:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507306\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3571793897-3695349560-1157639705-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526446\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-623538099-558311655-452798024-2129\Control Panel\Desktop\\Wallpaper -> C:\Users\dstover\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101507675\Control Panel\Desktop\\Wallpaper -> C:\Users\dstover\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-623538099-558311655-452798024-2129-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01212018101526828\Control Panel\Desktop\\Wallpaper -> C:\Users\dstover\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AppMgmt => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: ClickToRunSvc => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DDVCollectorSvcApi => 2
MSCONFIG\Services: DDVDataCollector => 2
MSCONFIG\Services: DDVRulesProcessor => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: hpqcxs08 => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Net Driver HPZ12 => 2
MSCONFIG\Services: Netlogon => 2
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ntrtscan => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: Pml Driver HPZ12 => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 2
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TMBMServer => 3
MSCONFIG\Services: tmlisten => 2
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wltrysvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^dstover^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Eagle Listener.lnk => C:\Windows\pss\Eagle Listener.lnk.Startup
MSCONFIG\startupfolder: C:^Users^dstover^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Eagle Scheduler.lnk => C:\Windows\pss\Eagle Scheduler.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: bankshares => "C:\Program Files (x86)\Bite\hotz.exe"
MSCONFIG\startupreg: banksharesbankshares => "C:\Program Files (x86)\Disarm\hotz.exe"
MSCONFIG\startupreg: banksharesconfiguration => "C:\Program Files (x86)\melds\ironically.exe"
MSCONFIG\startupreg: candlewood => "C:\Program Files (x86)\Bite\hotz.exe"
MSCONFIG\startupreg: candlewoodcandlewood => "C:\Program Files (x86)\Disarm\hotz.exe"
MSCONFIG\startupreg: candlewoodraul => "C:\Program Files (x86)\melds\ironically.exe"
MSCONFIG\startupreg: HP Officejet 6700 (NET) => "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN2623H00M05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NortonSupport => "C:\Program Files\Norton Security\Engine\22.11.0.41\symerr.exe" /supportreboot
MSCONFIG\startupreg: raulcandlewood => "C:\Program Files (x86)\melds\ironically.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F3F5F2E1-94E7-4D2B-8299-9C40EBAB169B}] => (Allow) C:\Users\dstover\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{457F88FC-0849-4110-BBC8-AE5CB720394E}] => (Allow) LPort=5900
FirewallRules: [{0DCD8598-CE8D-4D31-A551-14D7AAAF1E8D}] => (Allow) LPort=5800
FirewallRules: [{A626DB1C-662C-4A88-BA60-BBDA1E754579}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
FirewallRules: [{6B4B17F1-0C0E-4191-999B-5B7B85A23300}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe
FirewallRules: [{04534CBF-8DCA-4308-9CC3-2645DA183EBD}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
FirewallRules: [{389D4FF7-0E79-4DE1-9AB1-779317E01970}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
FirewallRules: [{6E9899E0-6E4E-4A38-944B-5425AA34FC0F}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFRouter.exe
FirewallRules: [{15F9B460-ED9B-4865-B593-6DCE993E5DD1}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFRouter.exe
FirewallRules: [{18074E04-CB56-44A6-83ED-5FC9D73E8FD7}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
FirewallRules: [{94EEFBAF-F8DA-42DB-BFB2-216C9378D9BD}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
FirewallRules: [{FE80AE5F-CF6C-402A-832A-2A25DE25376A}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GPDFDirect.exe
FirewallRules: [{316C3FF8-B631-4AEE-9A7C-E81B798460CB}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GPDFDirect.exe
FirewallRules: [{4E34C92A-21F4-4CDE-B6AB-2250FE1C23A6}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GaaihoDoc.exe
FirewallRules: [{9B37B3D9-C670-401E-B2F3-A6AC8F0646F3}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GaaihoDoc.exe
FirewallRules: [{BF91AC0B-0D2A-4B99-A0BE-E120D1943D03}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe
FirewallRules: [{B5B9552E-1DAF-48B5-9FF8-13454EC35AB4}] => (Allow) C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe
FirewallRules: [{614E9B2A-A976-43AE-A3FA-AD104C6CC190}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{BBE9E293-C7F6-4278-88B6-489F3C61E620}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{5F476C9F-45A4-4D0F-9718-4B68A409BF83}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{9E56DC44-8EFF-467D-B584-810744407220}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{9B83A1E5-D8F2-4BD2-B381-945D41FEE960}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EE03DE71-444A-4101-A883-DE5BD78F9521}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{D05121C1-61FC-4ED5-9E99-411B4AA4CFCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0BFF97FC-10F5-4C48-B55B-6818932BFC0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{65B57441-5F9C-4942-85B7-576E4809AAE3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{CDFA2716-6CB0-4654-930A-3F7EBB6148D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{897B4DFB-101F-4497-B9F0-2B612A45B6F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{153B3FED-1027-47BE-A97C-7A4CEF6C72DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CD7A145E-ED60-47F8-8A17-40A8B6F97F61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55106E8C-D4F0-46D3-A76C-6CBD519B3CE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5CB9912C-0F8B-4EF3-ABF0-C71800F5C9A3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{25F5A0D7-885F-4885-BA4C-1F1DF68DB5CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{4F52730A-F0E0-4073-92D5-C95728E7D359}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A4B7F324-FD41-4E6C-9F97-AA441F20739C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{8DB3CB3B-EE8B-4A36-9783-6D7F78CE289F}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{5140CA7E-3976-4CA7-B19F-78ABA32094B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60B4A3B7-6580-459B-978D-30A81D137CAD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{42C39BCF-C8A3-4851-AC5C-7D8EA5C3A97C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4B1087B-77FD-45BB-82FF-2AE2B295C41F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A67F3152-AC95-42C2-9211-BD52359E2C1F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8785010D-0242-470C-BD46-FAEBAB40415A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4A6074BD-F758-40FF-B11D-F5C99B8BDD75}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A5882310-1A14-43F4-AD5D-87262E804C2C}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8CFCA86F-6242-4368-8727-EC686012EB53}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{63B002F3-C349-428C-819D-92433720B84B}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C946E411-E6DA-4B15-B3EB-39D5C4951133}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94CC0955-875E-4694-A439-14327D86CE34}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C8D4A761-D569-475C-86E7-670F5C521891}] => (Allow) C:\Users\dstover\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9A46014-25B3-47B1-9766-80509A1E60BD}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{08ABCD47-0015-4EA4-A349-E671F8F7A7B4}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{D1EF1770-A95B-49EC-82AD-1D369CF82701}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [{4B829D09-360A-4A6A-9468-11DA56304437}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
FirewallRules: [{28A7C196-69A2-415E-BBCD-37B5D5A25AC7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{773DE16F-08D0-49FD-B585-9261FD13CEC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7E47E7F7-2AAC-4353-A9CC-06F0A0194D06}] => (Allow) C:\Program Files (x86)\Bite\hotz.exe
FirewallRules: [{1A881248-E8E7-4E19-AF7C-A69CFC5A0EDC}] => (Allow) C:\Program Files (x86)\Disarm\hotz.exe
FirewallRules: [{A3D5F671-FBFE-4AF1-BBDC-5C28DAB18652}] => (Allow) C:\Program Files (x86)\melds\ironically.exe
FirewallRules: [{EE321A36-6DD3-49AC-A63E-DEB5D089106E}] => (Allow) C:\Program Files (x86)\Disarm\ironically.exe
FirewallRules: [{C4029022-8921-487F-A2AC-6960BE3435F8}] => (Allow) LPort=49142

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6700
Description: Officejet 6700
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6700
Description: Officejet 6700
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2018 10:40:01 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="4W5KYW1" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A20" SMBIOSPresent="True" Rel_Date="20170508000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude E6530" Ident_Num="ADISA13" TimeZone="(UTC-06:00) Central Time (US & Canada)" OSName="Microsoft Windows 7 Professional"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.168</HostIP></Exception>

Error: (01/21/2018 10:40:01 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="4W5KYW1" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A20" SMBIOSPresent="True" Rel_Date="20170508000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude E6530" Ident_Num="ADISA13" TimeZone="(UTC-06:00) Central Time (US & Canada)" OSName="Microsoft Windows 7 Professional"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.168</HostIP></Exception>

Error: (01/21/2018 10:06:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2018 09:59:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2018 09:27:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2018 09:15:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2018 08:52:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2018 08:40:15 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="4W5KYW1" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A20" SMBIOSPresent="True" Rel_Date="20170508000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude E6530" Ident_Num="ADISA13" TimeZone="(UTC-06:00) Central Time (US & Canada)" OSName="Microsoft Windows 7 Professional"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.168</HostIP></Exception>

Error: (01/21/2018 08:40:14 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[The '/' character, hexadecimal value 0x2F, cannot be included in a name.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlDocument.CheckName(String name)
   at System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
   at System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
   at System.Xml.XmlDocument.CreateElement(String name)
   at eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="4W5KYW1" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A20" SMBIOSPresent="True" Rel_Date="20170508000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude E6530" Ident_Num="ADISA13" TimeZone="(UTC-06:00) Central Time (US & Canada)" OSName="Microsoft Windows 7 Professional"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.168</HostIP></Exception>

Error: (01/21/2018 08:24:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\EaseUS\EaseUS Partition Recovery 8.5\bin\MFC80.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (01/21/2018 12:13:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:13:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:13:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:12:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:12:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:12:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:08:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:08:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:06:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.

Error: (01/21/2018 12:06:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error: 
A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.


CodeIntegrity:
===================================
  Date: 2018-01-15 19:19:57.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 08:44:21.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 04:21:50.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 03:36:07.571
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 02:30:30.919
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 00:52:25.308
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 00:15:49.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2018-01-15 00:03:55.144
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3360M CPU @ 2.80GHz
Percentage of memory in use: 48%
Total physical RAM: 8097.07 MB
Available physical RAM: 4188.68 MB
Total Virtual: 16192.33 MB
Available Virtual: 12184.21 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:297.99 GB) (Free:116.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 27E8CABF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================