HKU\S-1-5-21-1435351782-728466632-1125761908-1001\...\MountPoints2: E - "E:\SETUP.EXE" 
Startup: C:\Users\REEDEMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MindManager.exe.lnk [2018-09-12]
ShortcutTarget: MindManager.exe.lnk -> C:\Program Files\Mindjet\MindManager 17\MindManager.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [X]
2018-09-18 00:15 - 2018-09-18 00:15 - 043110256 _____ (IObit ) C:\Users\REEDEMER\Downloads\IObit-Malware-Fighter-Setup.exe
2018-09-17 23:39 - 2018-09-18 11:46 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-09-17 23:39 - 2018-09-17 23:39 - 035522848 _____ (SUPERAntiSpyware) C:\Users\REEDEMER\Downloads\SUPERAntiSpyware.exe
2018-09-17 16:25 - 2018-09-17 23:07 - 000000000 ___HD C:\Program Files (x86)\Dwelled
2018-09-17 16:25 - 2018-09-17 23:07 - 000000000 ____D C:\Program Files (x86)\xpress
2018-09-17 16:25 - 2018-09-17 23:06 - 000000000 ____D C:\Program Files (x86)\Parapsychology
2018-09-17 16:25 - 2018-09-17 23:06 - 000000000 ____D C:\Program Files (x86)\hie
2018-09-17 16:25 - 2018-09-17 23:05 - 000000000 ___HD C:\Program Files (x86)\exhibit
2018-09-17 16:25 - 2018-09-17 16:25 - 000004084 _____ C:\WINDOWS\System32\Tasks\spigots
2018-09-17 16:25 - 2018-09-17 16:25 - 000003954 _____ C:\WINDOWS\System32\Tasks\spigotsspigots
2018-09-17 16:25 - 2018-09-17 16:25 - 000000012 _____ C:\WINDOWS\b72280663
2018-09-19 20:06 - 2016-05-03 00:42 - 000000000 ____D C:\Program Files (x86)\IObit
2018-09-19 09:52 - 2016-05-03 00:42 - 000000000 ____D C:\Users\REEDEMER\AppData\Roaming\IObit
2018-09-19 09:52 - 2016-05-03 00:42 - 000000000 ____D C:\ProgramData\IObit
2018-09-18 11:46 - 2016-04-14 12:07 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-18 11:04 - 2016-04-14 12:07 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-18 00:16 - 2016-05-03 00:42 - 000000000 ____D C:\Users\REEDEMER\AppData\LocalLow\IObit
2018-09-18 00:10 - 2018-04-01 11:53 - 000000160 _____ () C:\ProgramData\fddbs.dll
2018-09-11 02:45 - 2018-05-28 04:59 - 006860752 _____ (NeoSoft Tools                                               ) C:\Users\REEDEMER\AppData\Roaming\cexplorer.exe
CustomCLSID: HKU\S-1-5-21-1435351782-728466632-1125761908-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\REEDEMER\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
Task: {1B45DBB1-8278-4325-B7F7-A257D7803F60} - System32\Tasks\{E1EBF11D-7D83-432D-AD43-85B4AE545229} => C:\WINDOWS\system32\pcalua.exe -a E:\autorun.exe -d E:\
Task: {53C84FA6-5E4F-4395-A183-A1549C001F90} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {53FB63AA-C4EA-410D-AE4D-AD33E9D96433} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2B81A547-5E13-4E87-814D-FD45EA9E0B45} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {4B1FC2CB-1F3B-45CD-8A3C-FF0A8E828D54} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1435351782-728466632-1125761908-1001 => C:\Users\REEDEMER\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6D8A5EDC-7FDD-42FF-B6B1-83F505A5742B} - System32\Tasks\spigotsspigots => C:\Program Files (x86)\Scopes\nurturing.exe
Task: {B1D58A07-183D-488A-BE0E-03F8D7873925} - System32\Tasks\spigots => C:\Program Files (x86)\Scopes\nurturing.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-1435351782-728466632-1125761908-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1435351782-728466632-1125761908-1001\...\StartupApproved\Run: => "C:\Users\REEDEMER\AppData\Roaming\mssert\tmlaunches.exe"
HKU\S-1-5-21-1435351782-728466632-1125761908-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_460135EADECDC1D5A773F6C311571A96"
HKLM\...\StartupApproved\Run32: => "SDTray"
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
irewallRules: [{2E364A0B-E1A9-4692-9AF7-D0290BB6F100}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{DDA8E28D-9DE9-42AD-8E81-AC7ADEA81AB5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{4D7AB4F7-BB3E-4E05-8ABC-29CE470C9D30}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{EE6E1595-5585-44FC-92D3-70251A2B39CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{93A30807-8654-4C58-A822-BF2614890327}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{D60FE39B-C1E2-4852-BA9B-F9A0CA27A717}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{C5AB895C-DB26-496B-99DE-FDC44E1A6E24}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{CCB50623-FA69-4FFC-9591-E03F5ABFA2F9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
S2 postgresql-x64-9.5; "C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.5" -D "C:\Program Files\PostgreSQL\9.5\data" -w
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"