Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018 Ran by Gary_Linda (27-01-2018 21:01:56) Running from C:\Users\Gary_Linda\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2013-08-14 18:54:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3615104535-3221751416-1031096358-500 - Administrator - Disabled) Gary_Linda (S-1-5-21-3615104535-3221751416-1031096358-1001 - Administrator - Enabled) => C:\Users\Gary_Linda Guest (S-1-5-21-3615104535-3221751416-1031096358-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3615104535-3221751416-1031096358-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden . . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) AutoHotkey 1.1.23.01 (HKLM\...\AutoHotkey) (Version: 1.1.23.01 - Lexikos) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Box Tools (HKLM-x32\...\{3772CE68-55C8-46C9-8AFC-F5B888E7903E}) (Version: 3.5.3.383 - Box) Bride Box (HKLM-x32\...\{79C58877-EE8D-4C64-BDA9-CAD3D7D4FD11}) (Version: 8.7.4546 - Digilabs) Cardo Updater (HKLM-x32\...\Cardo Updater_is1) (Version: - Cardo Systems, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{1B706C33-57B3-411B-BB6E-C4A2CF38AF35}) (Version: 3.4.1002.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell) Dell System Detect (HKU\S-1-5-21-3615104535-3221751416-1031096358-1001\...\d24084d039586cae) (Version: 8.5.0.4 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.27.6 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 42.4.114 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.37 - Dropbox, Inc.) Hidden eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.) Edraw Max 7 (HKLM-x32\...\Edraw Max_is1) (Version: - EdrawSoft) f.lux (HKU\S-1-5-21-3615104535-3221751416-1031096358-1001\...\Flux) (Version: - ) ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech) HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6426.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation) Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1024 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation) Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation) Intel(R) Wireless Music device driver (HKLM\...\{4169B8AC-D144-4E38-A9CA-637EA44129ED}) (Version: 1.5.5323.0 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel) Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.0.5.3 - PandoraTV) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Linksys AE6000 Driver (HKLM-x32\...\{1AAA5D39-9E81-4B3E-923B-9309B2B5A7E8}) (Version: 1.1.0.8 - Linksys, LLC) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 56.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla) Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - ) PDF reDirect (remove only) (HKLM-x32\...\PDF reDirect) (Version: v2.5.2 - EXP Systems LLC) Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Inc.) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.) Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - ) Scrivener (HKLM-x32\...\Scrivener 1900) (Version: 1900 - Literature and Latte) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Web Plugin (HKLM-x32\...\{D116C78B-2A53-4BF9-A089-5BE0E132C10C}) (Version: 7.25.0.32 - Skype Technologies S.A.) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VPN Unlimited 4.1 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.1 - KeepSolid Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WORDsearch 10 (HKLM-x32\...\{4420F521-D5EC-487D-9AAB-AD30AF903A52}) (Version: 10 - WORDsearch Corp) Hidden WORDsearch 10 (HKLM-x32\...\WORDsearch 10) (Version: - LifeWay) XMind 7 (Update 1) (v3.6.1) (HKLM-x32\...\XMind_is1) (Version: 3.6.1.201512240104 - XMind Ltd.) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3615104535-3221751416-1031096358-1001_Classes\CLSID\{1233A989-8A71-4FED-9712-C4F07707E209}\InprocServer32 -> C:\Users\Gary_Linda\AppData\Local\SkypePlugin\7.25.0.32\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3615104535-3221751416-1031096358-1001_Classes\CLSID\{13C484D6-AD2C-46D9-9581-1E03CBED164C}\localserver32 -> C:\Users\Gary_Linda\AppData\Local\SkypePlugin\7.25.0.32\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3615104535-3221751416-1031096358-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Gary_Linda\AppData\Local\SkypePlugin\7.25.0.32\EdgeCalling.exe (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-23] () ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-22] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-27] (Intel Corporation) ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-01-23] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {149D65EB-0831-464E-BC36-65413D41D362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-26] (Google Inc.) Task: {1DFE65CF-020D-48EE-B8BA-D2F02370969F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {24C6951A-87A4-430C-A920-0B81153CD61B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe Task: {25C55FE6-8D47-4F92-AB09-ED585FEF03E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {2D38E994-B273-4471-827C-CABAF0880F23} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\WiFi\bin\CCDashServer.exe [2012-03-29] (Intel® Corporation) Task: {4032E8AB-E16D-4460-AE5D-BE200843FA0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-26] (Google Inc.) Task: {46007236-FCC7-46B1-98D0-76BC509641F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: {54DD6625-D0E1-42B4-8D1F-3A5265B43EE5} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-03-27] (Intel) Task: {55C0197A-0AB0-4BC5-9638-701B7D611069} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {6FFAA8C6-7E12-478B-85E3-0BD206783AEF} - System32\Tasks\SmartDraw Validation Service => C:\Program Files (x86)\SmartDraw CI\SmartDraw.exe Task: {75F293C8-E54F-4E28-9C75-131EC4603E9F} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {91A309DE-FA9F-485E-A06E-1E012BC82AE0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-27] (Dropbox, Inc.) Task: {B191C22C-51CA-4D92-9BCB-E5AF3D219666} - System32\Tasks\Logon_Trigger_WPS_Mon_Task => C:\Program Files (x86)\Linksys AE6000\WPS_Mon.exe [2015-07-01] (Linksys, LLC) Task: {C968F419-885B-4292-A40C-A892759339B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {E1970AAB-5582-421C-A9D8-BA351624AA10} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {E8D4FEE5-108B-45EA-9DDA-6925DB237F73} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.) Task: {F833BC37-2FD8-4F89-82EF-E5E7208904CB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-27] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2010-06-06 09:20 - 2010-06-06 09:20 - 000065344 _____ () C:\Windows\System32\PDFreDirectMon64.dll 2016-06-08 17:04 - 2016-06-08 17:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe 2013-08-06 13:56 - 2012-01-26 21:49 - 002751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2018-01-22 12:12 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-01-22 12:12 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2013-08-06 14:49 - 2012-02-28 02:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-10-16 17:31 - 2012-11-27 14:12 - 001210256 ____N () C:\Program Files (x86)\Linksys AE6000\RaWLAPI.dll 2016-10-24 20:21 - 2017-05-16 18:25 - 000111448 _____ () C:\Program Files (x86)\VPN Unlimited\enc.dll 2018-01-25 07:12 - 2018-01-22 06:19 - 000733000 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-01-25 07:12 - 2018-01-22 06:19 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-01-25 07:12 - 2018-01-22 06:19 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2018-01-25 07:12 - 2018-01-22 06:19 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2018-01-25 07:12 - 2018-01-22 06:22 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 001796928 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 001956160 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000050512 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000042312 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000218960 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000024416 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2018-01-25 07:12 - 2018-01-22 06:22 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-01-25 07:12 - 2018-01-22 06:19 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-01-25 07:12 - 2018-01-22 06:22 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-01-25 07:12 - 2018-01-22 06:22 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-01-25 07:12 - 2018-01-22 06:21 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-01-25 07:12 - 2018-01-22 06:22 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000545096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000359232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2018-01-25 07:12 - 2018-01-22 06:21 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2017-09-22 14:28 - 2017-09-22 14:28 - 000140664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-11-21 13:50 - 2017-11-21 13:50 - 000134016 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll 2013-08-06 13:44 - 2012-03-06 14:27 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Gary_Linda\Documents\urDrive.exe:BDU [1] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3615104535-3221751416-1031096358-1001\...\dell.com -> dell.com IE trusted site: HKU\S-1-5-21-3615104535-3221751416-1031096358-1001\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2017-07-13 18:25 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3615104535-3221751416-1031096358-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gary_Linda\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp DNS Servers: 208.67.220.220 - 208.67.222.222 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" MSCONFIG\startupreg: IntelMyWiFiDashboard => C:\Program Files\Intel\WiFi\bin\CCDashServer.exe /startup MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0529942E-D761-4D07-A8B9-E7DD9D91159C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [TCP Query User{4E2828C8-FDD0-4EF7-9868-3AD4200766CD}C:\program files (x86)\cardo updater\cardoupdater.exe] => (Allow) C:\program files (x86)\cardo updater\cardoupdater.exe FirewallRules: [UDP Query User{8BE79BCA-7ABB-4787-896E-07C5DE875F23}C:\program files (x86)\cardo updater\cardoupdater.exe] => (Allow) C:\program files (x86)\cardo updater\cardoupdater.exe FirewallRules: [{8E924227-C080-4054-B7BD-4E69CA0B9B6C}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe FirewallRules: [{BD480D5B-68C2-4E15-B1EF-633B8E0BE2BC}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe FirewallRules: [{E67FD6A4-69C3-4981-A2B6-AEECD16E7F92}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe FirewallRules: [{1C38FF46-4FD2-4B1E-BC05-6D83204E80BA}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe FirewallRules: [{B10CC8F9-EC28-4EB4-8BBE-1CE2BC10EF2D}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe FirewallRules: [{5C5FD67A-DCFA-4AC5-9E54-6FD0C3650D4A}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{FC390786-D2FB-40CF-9289-289BDCAB9E1C}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe FirewallRules: [{A34FC8A4-AB4A-4226-9E44-B013A2E41761}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe FirewallRules: [TCP Query User{A91264C6-50AB-48CE-AC05-0589C38AC2A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{279BD11F-FD82-4B1A-BF79-16FC25214C8B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{59F4B3B3-B088-481D-A011-53C6D33006ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C3D6D2D3-40E0-4660-8735-5CECB6C25507}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{90AD250C-7F3C-4CC8-BD8D-96B74C8C3EC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6012AD1E-82ED-4D8A-9958-610E24AD7C94}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{03553176-C148-4815-A66C-54170CEF25DD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{36F8FF72-EE4F-4005-A754-DC02008AD884}] => (Allow) LPort=2869 FirewallRules: [{9951B1E2-D228-4AE0-99CB-C4F13EEA6D12}] => (Allow) LPort=1900 FirewallRules: [{1825217E-7577-40BC-BC35-42791123C27F}] => (Allow) C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe FirewallRules: [{CD2A7EAD-9194-495A-9997-9ADCB45BFA21}] => (Allow) C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe FirewallRules: [{C1FE455A-9BDD-41F0-B541-D4DEBA6344CF}] => (Allow) C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe FirewallRules: [{14C16908-3A83-4CF2-83CB-4BE4226D020B}] => (Allow) C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe FirewallRules: [{DC1F3616-3C2B-4519-A1F7-7CB32C0A9A57}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe FirewallRules: [{89AB9BCE-09E7-4EE1-AA91-C473465B66A9}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\LDrvSvc.dll FirewallRules: [{0F10D992-FF3D-447F-97F7-B0EBC4888324}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe FirewallRules: [{0307A579-8C72-4A2F-8B1F-138AFDDD30A5}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe FirewallRules: [TCP Query User{6D3F4E94-A150-48BD-A4AA-9CCCA69220CF}C:\users\gary_linda\appdata\local\skypeplugin\7.12.0.55\pluginhost.exe] => (Allow) C:\users\gary_linda\appdata\local\skypeplugin\7.12.0.55\pluginhost.exe FirewallRules: [UDP Query User{2011DCA4-4719-428B-B08D-5DDA6F878478}C:\users\gary_linda\appdata\local\skypeplugin\7.12.0.55\pluginhost.exe] => (Allow) C:\users\gary_linda\appdata\local\skypeplugin\7.12.0.55\pluginhost.exe FirewallRules: [{CBFDBCCC-3BB2-49FC-B25F-C0F5279C59C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DDB4F118-58FF-4B53-B84B-8176BC8C1ECC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9755F55E-9BA9-417A-ABEB-1054D4166B29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{51EC9722-224D-439C-8848-C8A91E2577FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D27E93A4-EADA-4886-840D-D50BECD5F149}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{0F6FA5F4-7CF9-4218-9BCF-CC073475C105}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe FirewallRules: [UDP Query User{F21EB611-BBC5-48BA-9956-CB213B076C5F}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe FirewallRules: [{EE4B696B-1D06-4A15-A552-6E902484D045}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{88466FA1-CFB6-467D-BB8C-AE222F39BD3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{0466DAB7-EE5B-406D-93D0-46EAD9744EB2}C:\users\gary_linda\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\gary_linda\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [UDP Query User{E2D32376-69E8-49F1-8284-14757A47DB87}C:\users\gary_linda\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\gary_linda\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [{0B2D5C77-D7D4-4955-8B13-84038E9882CE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{49F2A83D-96F5-4E3A-BB71-855BD116EE4D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{0892EEB7-341E-4FA2-B548-8E00DD2CE07B}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe FirewallRules: [{E7CA4C03-DE20-4BB9-8034-49393B3F6072}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe FirewallRules: [{FB4B17C4-7ECA-44A5-BB2B-396C487B1B0F}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe FirewallRules: [{507DB912-6BEE-411D-B933-72A31B566BEC}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe FirewallRules: [{A895749C-C570-4C43-844C-CCEB360DA0B6}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDashServer.exe FirewallRules: [{15112BA8-6A50-48EF-AE77-3AAA39845AD7}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDashServer.exe FirewallRules: [{07A6BC2D-A16A-4245-895F-74783B013010}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDash.exe FirewallRules: [{C1B63D25-F184-461A-8957-C4E73341FE17}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDash.exe FirewallRules: [{35DCA1EE-D9C2-40A2-AEB7-027B01F90308}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3532F7D7-9F86-4219-B70F-B7FE9090DF31}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6C3F47DD-9EE1-4BAF-8030-5DCBCEE0A9FB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [TCP Query User{F58BDE02-1F5C-46DD-8939-77921491F600}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [UDP Query User{BE77FB31-C8DD-4ABC-8EDE-19DD83AD0077}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [{07DC7E61-0F6B-40E9-B1D7-E9432E9432EE}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [{67FBD643-7A51-44AA-950C-FF7D0BAE43AE}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe FirewallRules: [{A0A1B318-F671-46DE-85A4-C09B62921317}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{81AEA384-DBD9-4742-9549-4162CCB57677}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 31-10-2017 01:47:31 Windows Update 03-11-2017 01:49:08 Windows Update 10-11-2017 02:47:32 Windows Update 14-11-2017 02:49:24 Windows Update 15-11-2017 06:25:14 Windows Update 21-11-2017 05:54:44 Windows Update 28-11-2017 03:31:39 Windows Update 29-11-2017 06:32:03 Windows Update 02-12-2017 14:15:47 Windows Update 07-12-2017 08:44:44 Removed Visual Studio 2012 x64 Redistributables 07-12-2017 08:45:46 Removed Visual Studio 2012 x64 Redistributables 07-12-2017 08:46:16 Removed Visual Studio 2012 x64 Redistributables 07-12-2017 08:47:49 Removed Visual Studio 2012 x86 Redistributables 08-12-2017 03:40:16 Windows Update 12-12-2017 03:40:14 Windows Update 13-12-2017 13:18:38 Windows Update 20-12-2017 06:39:06 Windows Update 26-12-2017 02:05:10 Windows Update 29-12-2017 07:59:46 Removed Apple Application Support (32-bit) 29-12-2017 08:21:11 Removed Apple Mobile Device Support 29-12-2017 08:22:16 Removed iTunes 29-12-2017 08:24:18 Removed Apple Application Support (64-bit) 29-12-2017 08:25:20 Removed Apple Application Support (32-bit) 01-01-2018 07:53:46 Windows Update 05-01-2018 05:52:58 Windows Update 05-01-2018 22:54:45 Windows Update 09-01-2018 02:06:34 Windows Update 10-01-2018 07:19:19 Windows Update 16-01-2018 03:22:59 Windows Update 19-01-2018 09:12:56 Windows Update 23-01-2018 05:27:30 Windows Update 23-01-2018 14:14:02 Checkpoint by HitmanPro 23-01-2018 14:16:40 Checkpoint by HitmanPro 23-01-2018 17:49:22 Zemana AntiMalware 1/23/2018 5:48:56 PM ==================== Faulty Device Manager Devices ============= Name: Microsoft Teredo Tunneling Adapter Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/27/2018 08:53:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (01/27/2018 08:51:09 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Percentage of memory in use: 62% Total physical RAM: 6010.46 MB Available physical RAM: 2248.62 MB Total Virtual: 12019.08 MB Available Virtual: 8098.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:438.05 GB) (Free:158.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: ED1FD6CC) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=27.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=438.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 8 GB) (Disk ID: ED1FCA62) Partition 1: (Not Active) - (Size=8 GB) - (Type=84) ==================== End of Addition.txt ============================