1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Slow Computer

Discussion in 'Virus & Other Malware Removal' started by robertphtx2, Nov 6, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. robertphtx2

    robertphtx2 Thread Starter

    Joined:
    Aug 8, 2018
    Messages:
    5
    My desktop computer has gotten where it takes for ever to do the simplist things.

    I have ZoneAlarm antivirus & firewall working on this system. Recently did a disk clean up, defraged on O.S. disk partition. All files are backed up daily in background.

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz, Intel64 Family 6 Model 60 Stepping 3
    Processor Count: 8
    RAM: 8143 Mb
    Graphics Card: NVIDIA GeForce GT 720, 1024 Mb
    Hard Drives: C: 468 GB (279 GB Free); D: 623 GB (621 GB Free); J: 619 GB (513 GB Free); K: 619 GB (480 GB Free); R: 931 GB (716 GB Free); X: 218 GB (218 GB Free); Z: 220 GB (220 GB Free);
    Motherboard: Dell Inc., 0KWVT8
    Antivirus: ZoneAlarm Antivirus, Enabled and Updated
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi robertphtx2,
    Let's do a couple things to get at the issues here:
    ----------------------------------------------
    Download and Run Temp File Cleaner (TFC.exe)
    Download Temp File Cleaner and save it to your desktop.
    You might want to Save any unsaved work. TFC will close ALL open programs... including your browser.
    Right click the TFC icon and choose Run as administrator.
    If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
    When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
    After Restart, log back in to your usual account.
    You can keep TFC on your desktop and run it every week or two to clean out excessive temporary files. It does sometimes require a restart.

    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
    Last edited: Nov 7, 2018
  3. robertphtx2

    robertphtx2 Thread Starter

    Joined:
    Aug 8, 2018
    Messages:
    5
    Thanks for the reply.

    All task completed.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07.11.2018
    Ran by Robert (administrator) on ROBERT-PC (07-11-2018 18:12:22)
    Running from C:\Users\Robert\Desktop\Computer Cleanup
    Loaded Profiles: Robert (Available Profiles: Robert)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
    (Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (Dr. Hanewinkel -- www.haneWIN.de) C:\Program Files\nfsd\pmapd.exe
    (Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
    (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
    () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    (Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
    (Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
    (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
    (Microsoft Corporation) C:\Windows\System32\vds.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
    (Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\3.42.7\LogiOptionsMgr.exe
    (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHCA.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Dropbox, Inc.) C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    (Sling Media Inc.) C:\Program Files (x86)\DishAnywherePlayer\DishAnywherePlayer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe
    (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-11] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1553528 2015-11-13] (Logitech, Inc.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
    HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [RunPUTasktray] => "C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe" --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM
    HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-03-24] (Check Point Software Technologies Ltd.)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-03-17] (Intuit Inc. All rights reserved.)
    HKLM-x32\...\Command Processor: <==== ATTENTION
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation)
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Autodesk Sync] => [X]
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Dropbox Update] => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-12] (Dropbox, Inc.)
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHCA.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc.)
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Policies\Explorer: []
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => [X]
    HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
    SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
    SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
    ShellExecuteHooks-x32: No Name - {56F9679E-7826-4C84-81F3-532071A8BCC5} - -> No File
    ShellExecuteHooks-x32: No Name - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - -> No File
    Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DishAnywherePlayerShortcut.lnk [2018-08-23]
    ShortcutTarget: DishAnywherePlayerShortcut.lnk -> C:\Program Files (x86)\DishAnywherePlayer\DishAnywherePlayer.exe (Sling Media Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyEnable: [.DEFAULT] => Proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:50379;https=127.0.0.1:50379
    Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
    Tcpip\..\Interfaces\{1812DA89-3450-4F01-8773-2E883606A598}: [DhcpNameServer] 192.168.88.1
    Tcpip\..\Interfaces\{6ED38090-D7EE-44BA-A5F3-BDABD1FCD81B}: [DhcpNameServer] 192.168.88.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_captaind_14_39_ff&cd=2XzuyEtN2Y1L1Qzu0Fzz0BtCyDyC0CyCyCyDzzyCyC0ByBtAtN0D0Tzu0StCtDtDtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByD0E0CzyyByD0BtG0C0DtCtAtG0C0EtBtBtGzz0B0E0CtGyE0A0EtByBtA0EzyyDtAtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyEtC0Bzz0FyD0DtG0CzzzytAtGyEyCzy0FtG0AtAyD0FtGtCtA0DtA0DyEtDtD0A0B0Dzz2Q&cr=835376251&ir=
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=3ad77a43-366f-4a17-8d9e-5eb911d07fe1&SearchSource=58&CUI=&UM=6&UP=SPEB24C814-02C7-4CBC-93B9-5E5340E5374F&q={searchTerms}&SSPV=
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {87168959-2121-4FBF-BBEF-F2050886D89A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGHP_enUS489
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {9662402C-1272-4BEB-8414-9B948E47A358} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=0eb23b56c60844e18e566e1fe8c4f449&tu=10G9z00AB2B0Ca0&sku=&tstsId=&ver=&&r=734
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {B0F82BDE-2611-4656-BDAE-D0A5CE89A09B} URL = hxxp://www.bing.com/search?q={searchTerms}&r=437
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {EA17BA04-8546-419B-8CEB-50C712BFBDD5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=231195&p={searchTerms}
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-07] (Oracle Corporation)
    BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-27] (Atheros Commnucations)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-07] (Oracle Corporation)
    DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1343067445343
    DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
    DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll [2009-12-11] (Hewlett-Packard Company)
    Handler-x32: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2009-12-11] (Hewlett-Packard Company)
    Handler-x32: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2009-12-11] (Hewlett-Packard Company)
    Handler-x32: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2009-12-11] (Hewlett-Packard Company)
    Handler-x32: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} - C:\Program Files (x86)\Intuit\QuickBooks 2015\HelpAsyncPluggableProtocol.dll [2018-02-28] (Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default [2018-11-07]
    FF user.js: detected! => C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\user.js [2014-10-22]
    FF Homepage: Mozilla\Firefox\Profiles\f0nn3d0i.default -> hxxps://www.google.com/
    FF Extension: (Grammarly for Firefox) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\Extensions\[email protected] [2018-10-30]
    FF Extension: (Enhancer for YouTube™) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\Extensions\[email protected] [2018-11-01]
    FF Extension: (MozBar) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\Extensions\[email protected] [2015-09-27] [Legacy]
    FF Extension: (EPUBReader) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2017-08-01]
    FF Extension: (Video DownloadHelper) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\ask-search.xml [2014-09-27]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\ask-web-search.xml [2014-09-21]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\Astromenda.xml [2014-09-27]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\trovi-search.xml [2014-09-22]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\zonealarm.xml [2014-10-22]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] => not found
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\CheckPoint\Install\dntme-firefox.xpi => not found
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-21] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-21] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-07] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-07] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: @talk.google.com/O1DPlugin -> C:\Users\Robert\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Robert\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-09-19] (Zoom Video Communications, Inc.)
    FF Plugin HKU\S-1-5-21-6484575-2889197964-3099999064-1001: DISH Anywhere.com/DISH Anywhere Video Player -> C:\Users\Robert\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll [2015-11-23] (Nagravision)
    FF Plugin ProgramFiles/Appdata: C:\Users\Robert\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Robert\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.crx <not found>
    CHR crx: C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\default_apps\search.crx [2015-11-06]
    CHR crx: C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\default_apps\search.crx [2015-10-20]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
    S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
    S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
    R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [204928 2012-12-27] (Atheros Commnucations) [File not signed]
    S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
    R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
    S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2012-06-19] (Macrovision Europe Ltd.) [File not signed]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-11] (NVIDIA Corporation)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
    R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
    R3 Netman; C:\Windows\SysWOW64\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
    S2 NFSserver; C:\Program Files\nfsd\nfsd.exe [225792 2014-12-09] (Dr. Hanewinkel -- www.haneWIN.net) [File not signed]
    S3 Nla; C:\Windows\System32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation)
    S3 Nla; C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-11] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-11] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-11] (NVIDIA Corporation)
    R2 PMAPDaemon; C:\Program Files\nfsd\pmapd.exe [124416 2013-11-12] (Dr. Hanewinkel -- www.haneWIN.de) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2018-02-28] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2014-09-29] (Intuit Inc.) [File not signed]
    R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2014-09-29] (Intuit Inc.) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
    R3 TermService; C:\Windows\SysWOW64\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
    R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-03-24] (Check Point Software Technologies Ltd.)
    R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.)
    R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-04] (Microsoft Corporation)
    R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation)
    S2 WZCSVC; C:\Windows\SysWOW64\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
    S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Atheros) [File not signed]
    R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-25] (Atheros) [File not signed]
    R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-03-24] (Check Point Software Technologies Ltd.)
    S2 70e6ca8c; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",ENT
    S2 FoxitCloudUpdateService; "C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe" [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] ()
    R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2017-03-22] (AO Kaspersky Lab)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [188648 2017-03-22] (AO Kaspersky Lab)
    R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2017-03-22] (AO Kaspersky Lab)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1026280 2017-03-22] (AO Kaspersky Lab)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-22] (AO Kaspersky Lab)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
    R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2015-05-12] (CACE Technologies, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-11] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
    R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2014-02-13] (O&O Software GmbH)
    R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2014-02-13] (O&O Software GmbH)
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-04] (SlimWare Utilities, Inc.)
    R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2017-03-24] (Check Point Software Technologies Ltd.)
    R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
    S3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation)
    R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation)
    U3 iswSvc; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-07 18:12 - 2018-11-07 18:12 - 000000000 ____D C:\FRST
    2018-11-07 17:53 - 2018-11-07 18:12 - 000000000 ____D C:\Users\Robert\Desktop\Computer Cleanup
    2018-11-07 17:51 - 2018-11-07 17:51 - 000448512 _____ (OldTimer Tools) C:\Users\Robert\Downloads\TFC.exe
    2018-11-07 14:53 - 2018-11-07 14:53 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2018-11-06 04:22 - 2018-11-06 04:22 - 000748192 _____ (TechGuy, Inc.) C:\Users\Robert\Downloads\SysInfo.exe
    2018-11-06 03:45 - 2018-11-06 09:20 - 000010887 _____ C:\Users\Robert\Desktop\Sub_Contractor_List_11-2018.xlsx
    2018-11-04 05:34 - 2018-11-04 05:34 - 000449534 _____ C:\Users\Robert\Downloads\1722-085.dwg
    2018-11-02 09:04 - 2018-11-02 09:04 - 000001749 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-11-02 09:04 - 2018-11-02 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-11-02 09:04 - 2018-11-02 09:04 - 000000000 ____D C:\Program Files\iTunes
    2018-11-02 09:04 - 2018-11-02 09:04 - 000000000 ____D C:\Program Files\iPod
    2018-11-02 08:58 - 2018-11-02 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2018-10-29 14:16 - 2018-10-29 14:16 - 000564058 _____ C:\Users\Robert\Downloads\ASM5PDH_D.dwg
    2018-10-25 16:08 - 2018-11-02 08:55 - 000011392 _____ C:\Users\Robert\Desktop\Book2.xlsx
    2018-10-24 11:28 - 2018-10-24 11:28 - 000033680 _____ C:\Users\Robert\AppData\Local\recently-used.xbel
    2018-10-24 10:26 - 2018-10-24 10:26 - 000000000 ____D C:\Windows\System32\Tasks\Apple
    2018-10-24 10:26 - 2018-10-24 10:26 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2018-10-24 09:46 - 2018-08-27 21:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
    2018-10-24 09:46 - 2018-08-27 21:48 - 000419608 _____ C:\Windows\system32\locale.nls
    2018-10-24 08:09 - 2018-11-07 17:49 - 000013717 _____ C:\Users\Robert\Desktop\Bills.xlsx
    2018-10-21 09:40 - 2018-10-21 09:40 - 006947096 _____ C:\Users\Robert\Desktop\01-2015-BuildBlock-Technical-Installation-Manual-small-20151007.pdf
    2018-10-18 14:17 - 2018-10-18 14:17 - 000064614 _____ C:\Users\Robert\Documents\Project_Planning_Pack_Cover-300x300.xcf
    2018-10-18 14:09 - 2018-10-18 14:09 - 000194073 _____ C:\Users\Robert\Documents\Project_Planning_Pack_Cover.xcf
    2018-10-16 12:02 - 2018-10-16 12:02 - 000000000 ____D C:\Users\Robert\Documents\Zoom
    2018-10-10 16:45 - 2018-10-10 16:45 - 000000000 ____D C:\Users\Robert\.cache
    2018-10-10 16:44 - 2018-10-25 16:10 - 000000000 ____D C:\Users\Robert\AppData\Local\babl-0.1
    2018-10-10 16:44 - 2018-10-10 16:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\GIMP
    2018-10-10 16:44 - 2018-10-10 16:44 - 000000000 ____D C:\Users\Robert\AppData\Local\GIMP
    2018-10-10 16:44 - 2018-10-10 16:44 - 000000000 ____D C:\Users\Robert\AppData\Local\gegl-0.4
    2018-10-10 16:35 - 2018-10-10 16:35 - 000000901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.6.lnk
    2018-10-10 16:18 - 2018-10-10 16:30 - 178086712 _____ (The GIMP Team ) C:\Users\Robert\Downloads\gimp-2.10.6-setup.exe
    2018-10-10 02:48 - 2018-09-19 02:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
    2018-10-10 02:48 - 2018-09-18 13:08 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2018-10-10 02:48 - 2018-09-18 12:10 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2018-10-10 02:48 - 2018-09-17 23:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2018-10-10 02:48 - 2018-09-17 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2018-10-10 02:48 - 2018-09-17 23:38 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2018-10-10 02:48 - 2018-09-17 23:27 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2018-10-10 02:48 - 2018-09-17 23:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2018-10-10 02:48 - 2018-09-17 23:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2018-10-10 02:48 - 2018-09-17 23:25 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2018-10-10 02:48 - 2018-09-17 23:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2018-10-10 02:48 - 2018-09-17 23:25 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2018-10-10 02:48 - 2018-09-17 23:19 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2018-10-10 02:48 - 2018-09-17 23:18 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2018-10-10 02:48 - 2018-09-17 23:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2018-10-10 02:48 - 2018-09-17 23:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2018-10-10 02:48 - 2018-09-17 23:15 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2018-10-10 02:48 - 2018-09-17 23:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2018-10-10 02:48 - 2018-09-17 23:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2018-10-10 02:48 - 2018-09-17 23:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2018-10-10 02:48 - 2018-09-17 23:09 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2018-10-10 02:48 - 2018-09-17 23:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2018-10-10 02:48 - 2018-09-17 23:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2018-10-10 02:48 - 2018-09-17 23:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2018-10-10 02:48 - 2018-09-17 23:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2018-10-10 02:48 - 2018-09-17 22:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2018-10-10 02:48 - 2018-09-17 22:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2018-10-10 02:48 - 2018-09-17 22:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2018-10-10 02:48 - 2018-09-17 22:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2018-10-10 02:48 - 2018-09-17 22:45 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2018-10-10 02:48 - 2018-09-17 22:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2018-10-10 02:48 - 2018-09-17 22:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2018-10-10 02:48 - 2018-09-17 22:41 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2018-10-10 02:48 - 2018-09-17 22:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2018-10-10 02:48 - 2018-09-17 22:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2018-10-10 02:48 - 2018-09-17 22:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2018-10-10 02:48 - 2018-09-17 22:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2018-10-10 02:48 - 2018-09-17 22:31 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2018-10-10 02:48 - 2018-09-17 22:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2018-10-10 02:48 - 2018-09-17 22:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2018-10-10 02:48 - 2018-09-17 22:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2018-10-10 02:48 - 2018-09-17 22:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2018-10-10 02:48 - 2018-09-17 22:20 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2018-10-10 02:48 - 2018-09-17 22:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2018-10-10 02:48 - 2018-09-17 22:18 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2018-10-10 02:48 - 2018-09-17 22:15 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2018-10-10 02:48 - 2018-09-17 22:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2018-10-10 02:48 - 2018-09-17 22:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2018-10-10 02:48 - 2018-09-17 22:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2018-10-10 02:48 - 2018-09-17 22:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2018-10-10 02:48 - 2018-09-17 22:12 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2018-10-10 02:48 - 2018-09-17 22:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2018-10-10 02:48 - 2018-09-17 22:06 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2018-10-10 02:48 - 2018-09-17 22:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-10-10 02:48 - 2018-09-17 22:02 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2018-10-10 02:48 - 2018-09-17 22:02 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2018-10-10 02:48 - 2018-09-17 22:00 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2018-10-10 02:48 - 2018-09-17 21:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2018-10-10 02:48 - 2018-09-17 21:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2018-10-10 02:48 - 2018-09-17 21:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2018-10-10 02:48 - 2018-09-17 21:57 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2018-10-10 02:48 - 2018-09-17 21:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2018-10-10 02:48 - 2018-09-17 21:52 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2018-10-10 02:48 - 2018-09-17 21:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2018-10-10 02:48 - 2018-09-17 21:50 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2018-10-10 02:48 - 2018-09-17 21:50 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2018-10-10 02:48 - 2018-09-17 21:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2018-10-10 02:48 - 2018-09-17 21:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2018-10-10 02:48 - 2018-09-17 21:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2018-10-10 02:48 - 2018-09-11 12:28 - 003227136 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2018-10-10 02:48 - 2018-09-11 12:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2018-10-10 02:48 - 2018-09-11 12:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2018-10-10 02:48 - 2018-09-08 19:02 - 005552328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2018-10-10 02:48 - 2018-09-08 19:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2018-10-10 02:48 - 2018-09-08 19:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2018-10-10 02:48 - 2018-09-08 19:02 - 000708296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2018-10-10 02:48 - 2018-09-08 19:02 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2018-10-10 02:48 - 2018-09-08 19:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2018-10-10 02:48 - 2018-09-08 19:02 - 000262344 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2018-10-10 02:48 - 2018-09-08 19:02 - 000154824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2018-10-10 02:48 - 2018-09-08 19:02 - 000095432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2018-10-10 02:48 - 2018-09-08 19:01 - 001664320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2018-10-10 02:48 - 2018-09-08 18:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2018-10-10 02:48 - 2018-09-08 18:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:46 - 004054216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2018-10-10 02:48 - 2018-09-08 18:46 - 003959496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2018-10-10 02:48 - 2018-09-08 18:46 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2018-10-10 02:48 - 2018-09-08 18:44 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2018-10-10 02:48 - 2018-09-08 18:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2018-10-10 02:48 - 2018-09-08 18:25 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2018-10-10 02:48 - 2018-09-08 18:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2018-10-10 02:48 - 2018-09-08 18:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2018-10-10 02:48 - 2018-09-08 18:21 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2018-10-10 02:48 - 2018-09-08 18:21 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
    2018-10-10 02:48 - 2018-09-08 18:20 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2018-10-10 02:48 - 2018-09-08 18:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2018-10-10 02:48 - 2018-09-08 18:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2018-10-10 02:48 - 2018-09-08 18:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2018-10-10 02:48 - 2018-09-08 18:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
    2018-10-10 02:48 - 2018-09-08 18:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
    2018-10-10 02:48 - 2018-09-08 18:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
    2018-10-10 02:48 - 2018-09-08 18:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
    2018-10-10 02:48 - 2018-09-08 18:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2018-10-10 02:48 - 2018-09-08 18:13 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2018-10-10 02:48 - 2018-09-08 18:13 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2018-10-10 02:48 - 2018-09-08 18:13 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2018-10-10 02:48 - 2018-09-08 18:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2018-10-10 02:48 - 2018-09-08 18:12 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2018-10-10 02:48 - 2018-09-08 18:12 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:12 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2018-10-10 02:48 - 2018-09-08 18:12 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2018-10-10 02:48 - 2018-08-28 00:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2018-10-10 02:48 - 2018-08-28 00:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2018-10-10 02:48 - 2018-08-28 00:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2018-10-10 02:48 - 2018-08-28 00:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2018-10-10 02:48 - 2018-08-28 00:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2018-10-10 02:48 - 2018-08-28 00:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2018-10-10 02:48 - 2018-08-28 00:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2018-10-10 02:48 - 2018-08-27 23:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2018-10-10 02:48 - 2018-08-27 23:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2018-10-10 02:48 - 2018-08-27 23:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2018-10-10 02:48 - 2018-08-15 20:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2018-10-10 02:48 - 2018-08-13 15:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2018-10-10 02:48 - 2018-08-13 09:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2018-10-10 02:48 - 2018-08-12 14:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2018-10-10 02:48 - 2018-08-12 14:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2018-10-10 02:48 - 2018-08-08 09:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
    2018-10-10 02:48 - 2018-08-08 09:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
    2018-10-10 02:48 - 2018-08-08 09:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
    2018-10-10 02:48 - 2018-08-08 09:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-07 18:12 - 2017-12-27 13:44 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
    2018-11-07 18:09 - 2014-06-04 13:22 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-11-07 18:09 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-11-07 18:08 - 2009-07-13 22:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2018-11-07 18:08 - 2009-07-13 22:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2018-11-07 18:00 - 2014-09-27 08:41 - 000000296 _____ C:\Windows\Tasks\WSE_Astromenda.job
    2018-11-07 17:56 - 2014-10-05 12:10 - 000000000 ____D C:\Users\Robert\Documents\Outlook Files
    2018-11-07 17:55 - 2018-02-08 15:00 - 000000000 ____D C:\Users\Robert\AppData\Local\6F653145-B00A-44AF-B366-9B566DB87B64.aplzod
    2018-11-07 17:55 - 2015-12-30 09:07 - 000000853 _____ C:\Windows\Brpfx04a.ini
    2018-11-07 17:48 - 2016-02-12 06:06 - 000000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001UA.job
    2018-11-07 17:30 - 2014-09-30 17:02 - 000000544 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001.job
    2018-11-07 17:05 - 2015-06-02 16:14 - 000000640 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-6484575-2889197964-3099999064-1001.job
    2018-11-07 14:56 - 2015-08-04 13:56 - 000000368 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job
    2018-11-07 14:54 - 2015-11-28 21:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Dropbox
    2018-11-07 08:20 - 2009-07-13 23:32 - 000000000 ____D C:\Windows\system32\FxsTmp
    2018-11-07 00:48 - 2016-02-12 06:06 - 000000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001Core.job
    2018-11-06 19:58 - 2014-08-26 08:40 - 000303732 _____ C:\IFRToolLog.txt
    2018-11-06 04:19 - 2016-11-28 14:02 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Mozilla
    2018-11-06 04:14 - 2014-08-02 19:23 - 000000000 ____D C:\Users\Robert
    2018-11-05 11:51 - 2015-11-28 11:23 - 000000000 ____D C:\Temp
    2018-11-05 11:48 - 2009-07-13 23:13 - 000802222 _____ C:\Windows\system32\PerfStringBackup.INI
    2018-11-05 11:48 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
    2018-11-04 13:35 - 2015-11-28 16:07 - 000000000 ____D C:\Users\Robert\AppData\Local\CutePDF Writer
    2018-11-03 06:42 - 2017-07-08 02:32 - 000000000 ____D C:\Users\Robert\AppData\Local\GoToMeeting
    2018-11-03 06:42 - 2015-06-02 16:14 - 000003670 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-6484575-2889197964-3099999064-1001
    2018-11-03 06:42 - 2014-09-30 17:02 - 000003574 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001
    2018-11-03 05:49 - 2017-06-14 02:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2018-11-03 05:49 - 2014-08-03 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-11-02 09:11 - 2015-08-26 13:47 - 000000000 ____D C:\Program Files\nfsd
    2018-11-01 03:02 - 2014-08-02 19:31 - 000003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
    2018-10-31 10:50 - 2018-08-09 14:33 - 000000000 ____D C:\ProgramData\pdf995
    2018-10-29 04:49 - 2014-12-21 17:30 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Apple Computer
    2018-10-24 13:15 - 2012-12-15 15:06 - 000055635 _____ C:\Users\Robert\Desktop\PASSWORDS.xlsx
    2018-10-24 11:28 - 2017-01-05 16:24 - 000000000 ____D C:\Users\Robert\AppData\Local\gtk-2.0
    2018-10-24 10:26 - 2016-10-05 08:25 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2018-10-24 09:52 - 2011-02-10 08:33 - 000794344 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2018-10-22 18:00 - 2015-12-05 06:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2018-10-21 10:41 - 2009-07-13 21:20 - 000000000 ____D C:\PerfLogs
    2018-10-21 10:20 - 2018-03-13 04:27 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2018-10-21 10:20 - 2014-08-04 02:20 - 000000000 ____D C:\Users\Robert\AppData\Local\Adobe
    2018-10-21 10:20 - 2014-06-03 22:28 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2018-10-21 10:20 - 2014-06-03 22:28 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2018-10-21 10:20 - 2014-06-03 22:28 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2018-10-21 10:20 - 2014-06-03 22:28 - 000000000 ____D C:\Windows\system32\Macromed
    2018-10-21 10:19 - 2014-06-03 22:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2018-10-21 10:14 - 2009-07-13 22:45 - 000766584 _____ C:\Windows\system32\FNTCACHE.DAT
    2018-10-21 09:51 - 2009-07-13 20:34 - 000000510 _____ C:\Windows\win.ini
    2018-10-21 09:50 - 2014-08-02 20:03 - 000000000 ____D C:\Windows\system32\MRT
    2018-10-21 09:46 - 2014-08-02 20:03 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2018-10-16 08:06 - 2018-04-11 11:48 - 000000000 ____D C:\Users\Robert\Desktop\TYs COMP
    2018-10-15 15:48 - 2010-11-20 21:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2018-10-10 16:33 - 2017-01-05 16:10 - 000000000 ____D C:\Program Files\GIMP 2

    ==================== Files in the root of some directories =======

    2013-03-20 15:14 - 2013-03-20 15:43 - 000000220 _____ () C:\Users\Robert\AppData\Roaming\.pref
    2015-05-21 08:04 - 2015-05-21 09:11 - 000000115 _____ () C:\Users\Robert\AppData\Roaming\LogFile.txt
    2011-08-13 18:48 - 2011-08-13 18:48 - 000000760 _____ () C:\Users\Robert\AppData\Roaming\setup_ldm.iss
    2011-08-01 00:04 - 2014-12-09 16:00 - 000134144 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-06-07 07:57 - 2012-06-07 07:58 - 000052942 _____ () C:\Users\Robert\AppData\Local\FASTWiz.log
    2016-02-01 09:03 - 2016-02-01 09:03 - 000000094 _____ () C:\Users\Robert\AppData\Local\fusioncache.dat
    2017-09-12 14:14 - 2017-09-12 14:14 - 000004096 ____H () C:\Users\Robert\AppData\Local\keyfile3.drm
    2018-10-24 11:28 - 2018-10-24 11:28 - 000033680 _____ () C:\Users\Robert\AppData\Local\recently-used.xbel
    2015-12-30 08:52 - 2015-12-30 08:52 - 000000000 _____ () C:\Users\Robert\AppData\Local\{0406B865-0334-468B-A0E8-7E3A6C5066FE}

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2015-12-30 00:52

    ==================== End of FRST.txt ============================
     
  4. robertphtx2

    robertphtx2 Thread Starter

    Joined:
    Aug 8, 2018
    Messages:
    5
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07.11.2018
    Ran by Robert (07-11-2018 18:17:11)
    Running from C:\Users\Robert\Desktop\Computer Cleanup
    Windows 7 Professional Service Pack 1 (X64) (2014-08-03 01:23:23)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-6484575-2889197964-3099999064-500 - Administrator - Disabled)
    ASPNET (S-1-5-21-6484575-2889197964-3099999064-1004 - Limited - Enabled)
    Guest (S-1-5-21-6484575-2889197964-3099999064-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-6484575-2889197964-3099999064-1007 - Limited - Enabled)
    Robert (S-1-5-21-6484575-2889197964-3099999064-1001 - Administrator - Enabled) => C:\Users\Robert

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
    AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (HKLM\...\{615C9088-E58C-448A-B5F3-AB5F51F29082}) (Version: 7.2.1 - Hewlett-Packard) Hidden
    64 Bit HP CIO Components Installer (HKLM\...\{FD868C71-6CCF-42E2-B90D-0504AB0036FE}) (Version: 13.2.1 - Hewlett-Packard) Hidden
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
    A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
    Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
    Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.134 - Adobe Systems Incorporated)
    Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
    Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_1) (Version: 19.1.1 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
    AutoCAD LT 2016 - English (HKLM\...\{5783F2D7-F009-0000-0102-0060B0CE6BBA}) (Version: 20.1.107.0 - Autodesk) Hidden
    AutoCAD LT 2016 - English (HKLM\...\{5783F2D7-F009-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
    AutoCAD LT 2016 Language Pack - English (HKLM\...\{5783F2D7-F009-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
    Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
    Autodesk AutoCAD LT 2016 - English (HKLM\...\AutoCAD LT 2016 - English) (Version: 20.1.49.0 - Autodesk)
    Autodesk AutoCAD LT 2016 - English SP 1 (HKLM\...\AutoCAD LT 2016 - English SP1) (Version: 20.1.107.0 - Autodesk)
    Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
    Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
    Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
    Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
    Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
    Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Brother MFL-Pro Suite MFC-8480DN (HKLM-x32\...\{004B8D14-7E3A-490A-ABB3-753535E169E3}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
    Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
    Crowd Force Pro (HKLM-x32\...\{FE57C4ED-840E-E3D1-33AF-5CF12AC01969}) (Version: 0.50.0 - UNKNOWN) Hidden
    Crowd Force Pro (HKLM-x32\...\CrowdForce) (Version: 0.50.0 - UNKNOWN)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    CutePDF Writer 3.0 (HKLM-x32\...\CutePDF Writer Installation) (Version: - )
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
    Dell System Detect (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
    DISH Anywhere Player Installer (HKLM-x32\...\{50CFCCE7-F224-45B4-AB00-4565917DD991}) (Version: 2.1.6.429 - Sling Media) Hidden
    DISH Anywhere Video Player (HKLM-x32\...\{19A59152-3EA7-4631-9A11-5D2DBEF29780}) (Version: 2.29.3 - DISH Anywhere)
    DishAnywherePlayer (HKLM-x32\...\{24f1791c-8ea2-4330-bd4e-38fc77ae3931}) (Version: 2.1.6.429 - Sling Media)
    Dropbox (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
    DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
    EaseUS Todo Backup Home 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
    Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
    Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EPSON WF-7510 Series Printer Uninstall (HKLM\...\EPSON WF-7510 Series) (Version: - SEIKO EPSON Corporation)
    FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
    Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
    Foxit PhantomPDF Business (HKLM-x32\...\{71809EF3-0674-4FBF-8DBB-CE9ABA80B640}) (Version: 7.2.2.929 - Foxit Software Inc.)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
    Free Video Editor 7.3.0 (HKLM-x32\...\{c23a3d87-c9c5-49cd-9632-42d7491c17a2}_is1) (Version: 7.3.0 - ThunderSoft International LLC.)
    GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
    Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
    Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
    GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
    GoToMeeting 8.37.0.10996 (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\GoToMeeting) (Version: 8.37.0.10996 - LogMeIn, Inc.)
    Grammarly (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\GrammarlyForWindows) (Version: 1.5.34 - Grammarly)
    haneWIN NFS Server 1.2.16 (HKLM\...\haneWIN NFS Server_is1) (Version: - Dr. Hanewinkel)
    HP Designjet T770 and T1200 Printer Series (HKLM-x32\...\HPDesignjetT770-T1200) (Version: - Hewlett-Packard Co.)
    HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Hewlett-Packard)
    HP Utility (HKLM-x32\...\{D7F7F548-6A39-4853-9D18-5FE696E66808}) (Version: 1.11.0.3 - Hewlett-Packard)
    iCloud (HKLM\...\{5FEE6A85-BB93-49AB-8927-F1D780BB6727}) (Version: 7.8.0.7 - Apple Inc.)
    Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    iTunes (HKLM\...\{3F702C1B-628F-46FB-A094-56D5404CEE63}) (Version: 12.9.1.4 - Apple Inc.)
    Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
    JPEGCrops 0.7.5 beta (HKLM-x32\...\{DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1) (Version: - )
    Laplink DiskImage Professional (HKLM\...\{56F8EF3C-D9A0-4728-95D5-DC05A72931F5}) (Version: 7.81.11 - Laplink Software, Inc)
    Laplink PCmover Home (HKLM-x32\...\{ECCA515A-3A3F-4C27-B495-26C15EE41831}) (Version: 10.00.639 - Laplink Software, Inc.)
    Logitech Options (HKLM\...\LogiOptions) (Version: - Logitech)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
    Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
    NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
    NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.4 - OBS Project)
    Pdf995 (HKLM-x32\...\Pdf995) (Version: 18.0s - )
    Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
    QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
    QuickBooks (HKLM-x32\...\{604FB1E3-84F2-45E2-AD26-49422B021393}) (Version: 25.0.4017.2506 - Intuit Inc.) Hidden
    QuickBooks Premier: Accountant Edition 2015 (HKLM-x32\...\{D58E14D8-963A-4CCD-852E-065655D45004}) (Version: 25.0.4017.2506 - Intuit Inc.)
    QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
    SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
    Slack (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\slack) (Version: 3.0.5 - Slack Technologies)
    Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
    Speedtest by Ookla (HKLM\...\{CFF1450F-71E9-4286-82AE-99E6D797CAD3}) (Version: 1.1.23.001 - Ookla)
    SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
    TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
    TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
    TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)
    VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.)
    VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.)
    Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
    Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
    WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
    WD SmartWare (HKLM\...\{232EB8E6-9B8C-4785-A994-B1E5E2376CDC}) (Version: 2.2.0.8 - Western Digital Technologies, Inc.)
    ZoneAlarm Antivirus (HKLM-x32\...\{D457D6C7-C040-40CB-8BF8-D8ECC8FDDACE}) (Version: 15.1.501.17249 - Check Point Software Technologies Ltd.) Hidden
    ZoneAlarm Antivirus (HKLM-x32\...\ZoneAlarm Antivirus) (Version: 15.1.501.17249 - Check Point)
    ZoneAlarm Firewall (HKLM-x32\...\{902E1EFE-94FC-4209-9409-EBB2CA9E8DA6}) (Version: 15.1.501.17249 - Check Point Software Technologies Ltd.) Hidden
    ZoneAlarm Security (HKLM-x32\...\{9F5DAD59-9A81-44E4-A075-0C943932FD10}) (Version: 15.1.501.17249 - Check Point Software Technologies Ltd.) Hidden
    Zoom (HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2016\acadlt.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2016\en-US\acadltficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
    ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\Laplink\DiskImage\oodishi.dll [2014-02-13] (O&O Software GmbH)
    ShellIconOverlayIdentifiers-x32: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => -> No File
    ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers1-x32: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
    ContextMenuHandlers1-x32: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk)
    ContextMenuHandlers1-x32: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2012-12-27] (Atheros Commnucations)
    ContextMenuHandlers1-x32: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-08-31] (Foxit Software Inc.)
    ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-04-24] (Foxit Software Inc.)
    ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc.)
    ContextMenuHandlers1-x32: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
    ContextMenuHandlers1-x32: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2013-08-14] (Western Digital Technologies, Inc.)
    ContextMenuHandlers1-x32: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2017-03-24] (Check Point Software Technologies Ltd.)
    ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2013-08-14] (Western Digital Technologies, Inc.)
    ContextMenuHandlers2: [OODIDismount] -> {5B036813-4E35-4421-ADCB-E06925C7A7ED} => C:\Program Files\Laplink\DiskImage\oodishd.dll [2014-02-13] (O&O Software GmbH)
    ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
    ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-12-27] (Atheros Commnucations)
    ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers4-x32: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-22] (NVIDIA Corporation)
    ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
    ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2013-08-14] (Western Digital Technologies, Inc.)
    ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2017-03-24] (Check Point Software Technologies Ltd.)
    ContextMenuHandlers1_S-1-5-21-6484575-2889197964-3099999064-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers4_S-1-5-21-6484575-2889197964-3099999064-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers5_S-1-5-21-6484575-2889197964-3099999064-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Robert\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01349FD4-C455-4A17-8AD7-078E84C000EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
    Task: {06892EAE-736E-40A0-B3E1-A7CEA60F6F69} - System32\Tasks\G2MUploadTask-S-1-5-21-6484575-2889197964-3099999064-1001 => C:\Users\Robert\AppData\Local\GoToMeeting\10996\g2mupload.exe [2018-11-03] (LogMeIn, Inc.)
    Task: {0C227CCC-5DDE-4DCE-AAD6-FB483B0CD340} - System32\Tasks\AdobeAAMUpdater-1.0-Robert-PC-Robert => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
    Task: {112D99F7-B53A-4CD5-AAFD-93FE044AA4FC} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Robert) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {18796D85-0FAE-4776-93CA-86EAEC8F06A8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001Core => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-02-12] (Dropbox, Inc.)
    Task: {2CEFBC14-3D49-405E-B370-45B31A7B2BAF} - System32\Tasks\Western Digital\SmartWare\____Volume_6f2a27fc_56f4_11e4_9635_90489a07ff62______Volume_6f2a27d4_56f4_11e4_9635_90489a07ff62__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2013-08-14] (Western Digital Technologies, Inc.)
    Task: {368793E0-F0A4-4AF6-B7B3-13BAD22BCE11} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
    Task: {3A58C5CE-B52C-4EC9-93C6-9FFC2B4EFEC9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {4348EE45-4907-4B02-A795-6E314D0AFA96} - \SystemToolsDailyTest -> No File <==== ATTENTION
    Task: {45A884A6-2AF0-4039-BEA1-591D7D07097F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001UA => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-02-12] (Dropbox, Inc.)
    Task: {684FC696-4B28-493A-9827-46B5F46F5389} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-21] (Adobe Systems Incorporated)
    Task: {68D0FC76-8A9C-4AA6-8322-C680F824CF68} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {6D5AE7F4-B702-48BE-86F7-BF4032DEF09F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
    Task: {883777EC-EFE3-4B72-B6C4-DBCD5382A3F3} - System32\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001 => C:\Users\Robert\AppData\Local\GoToMeeting\10996\g2mupdate.exe [2018-11-03] (LogMeIn, Inc.)
    Task: {88C34A8E-9FAA-457B-9821-C55794FD275B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
    Task: {8980F2ED-9504-493A-9436-BBD8EC16E9A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
    Task: {C4A4066D-55E9-41F7-92B3-BC414D879EB8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
    Task: {E6C35764-64D2-4A3F-A74B-B701C3F65309} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
    Task: {EB49F9C5-A21E-4C76-8D4C-BA6B01A83D36} - \WSE_Astromenda -> No File <==== ATTENTION
    Task: {EF6C6EA9-3577-4DE6-8838-7917706BF2A7} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-06-22] (Adobe Systems Incorporated)
    Task: {F0A68829-E75B-488A-A696-2BE600E37E83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
    Task: {F190C556-48DC-4E55-98B3-83D5DE32A16E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-21] (Adobe Systems Incorporated)
    Task: {F3E85E18-E04E-436B-A326-FA7652FD93BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {FED45450-25B2-4311-B760-81EDD648B7A4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001Core.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-6484575-2889197964-3099999064-1001UA.job => C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001.job => C:\Users\Robert\AppData\Local\GoToMeeting\10996\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-6484575-2889197964-3099999064-1001.job => C:\Users\Robert\AppData\Local\GoToMeeting\10996\g2mupload.exe
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Robert\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
    WMI:subscription\__EventFilter->BVTFilter:
    WMI:subscription\CommandLineEventConsumer->BVTConsumer:

    ==================== Loaded Modules (Whitelisted) ==============

    2014-06-04 13:22 - 2015-07-22 19:31 - 000116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-12-20 11:17 - 2013-10-23 14:24 - 000087600 _____ () C:\Windows\System32\cpwmon64.dll
    2018-08-09 14:33 - 2015-11-06 10:32 - 000040448 _____ () C:\Windows\System32\pdf995mon64.dll
    2018-02-27 19:08 - 2018-02-27 19:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
    2018-10-21 01:17 - 2018-10-21 01:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-03-12 06:55 - 2016-01-11 22:43 - 000291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2018-02-22 10:59 - 2017-08-30 12:29 - 000260752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    2018-10-22 12:59 - 2018-10-22 12:59 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
    2018-10-22 12:59 - 2018-10-22 12:59 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
    2017-03-22 08:06 - 2017-03-22 08:06 - 000865232 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll
    2015-08-04 15:00 - 2016-01-11 22:43 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2018-02-22 10:59 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
    2018-02-22 10:59 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
    2018-02-22 10:59 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
    2018-02-22 10:59 - 2017-08-30 12:25 - 000183440 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
    2018-02-22 10:59 - 2017-08-30 12:27 - 000055952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
    2018-02-22 10:59 - 2017-08-30 12:25 - 000061072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
    2018-02-22 10:59 - 2017-09-04 17:39 - 000699024 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000487568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
    2018-02-22 10:59 - 2017-08-30 12:26 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000085648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000032912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000070800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000160400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000296592 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000305808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
    2018-02-22 10:59 - 2017-09-11 14:28 - 000085136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000844944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000162448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000034448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
    2018-02-22 10:59 - 2017-08-30 12:25 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
    2018-02-22 10:59 - 2017-08-30 12:26 - 000072848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
    2018-02-22 10:59 - 2017-08-30 12:25 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
    2018-02-22 10:59 - 2016-12-06 02:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
    2018-02-22 10:59 - 2017-08-30 12:27 - 000074896 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll
    2018-02-22 10:59 - 2017-08-30 12:27 - 000585872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
    2018-02-22 10:59 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
    2018-10-21 01:17 - 2018-10-21 01:17 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-12-08 01:49 - 2017-12-08 01:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2018-10-21 01:17 - 2018-10-21 01:17 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
    2016-08-11 18:44 - 2016-08-11 18:44 - 040578048 _____ () C:\Program Files (x86)\DishAnywherePlayer\libcef.dll
    2015-12-30 09:06 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
    2016-08-11 18:44 - 2016-08-11 18:44 - 001920000 _____ () C:\Program Files (x86)\DishAnywherePlayer\ffmpegsumo.dll
    2018-10-21 10:20 - 2018-10-21 10:20 - 019904512 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll
    2017-10-30 09:11 - 2017-10-30 09:11 - 017470888 _____ () C:\Program Files (x86)\DishAnywherePlayer\plugins\WBSPPluginManager.dll
    2017-10-30 09:11 - 2017-10-30 09:11 - 000079784 _____ () C:\Program Files (x86)\DishAnywherePlayer\plugins\zlib1.dll
    2017-10-30 09:11 - 2017-10-30 09:11 - 000036264 _____ () C:\Program Files (x86)\DishAnywherePlayer\plugins\MediaSampleManager.dll
    2017-10-30 09:11 - 2017-10-30 09:11 - 000129448 _____ () C:\Program Files (x86)\DishAnywherePlayer\plugins\PlaybackControl.dll
    2014-04-10 13:30 - 2014-04-10 13:30 - 000134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
    2014-02-19 04:51 - 2014-02-19 04:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-02-28 10:32 - 2014-02-28 10:32 - 000174368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    2014-01-16 20:06 - 2014-01-16 20:06 - 000041248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000059680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
    2014-01-16 20:06 - 2014-01-16 20:06 - 000119072 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
    2014-02-28 10:33 - 2014-02-28 10:33 - 000020256 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000025376 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000022816 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000018208 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000027424 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000277280 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000113952 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000016672 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000040736 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000023328 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000020256 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000018720 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000042784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
    2014-02-28 10:33 - 2014-02-28 10:33 - 000336160 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000023328 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32evtlog.pyd
    2014-01-16 20:06 - 2014-01-16 20:06 - 000024864 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
    2014-02-28 10:32 - 2014-02-28 10:32 - 000021280 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll
    2014-02-28 10:33 - 2014-02-28 10:33 - 000188704 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\unicodedata.pyd

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\dell.com -> dell.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 20:34 - 2015-02-27 08:26 - 000000849 _____ C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.88.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> h323.tsp (No File)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: AdAppMgrSvc => 2
    MSCONFIG\Services: AdobeActiveFileMonitor7.0 => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AdobeUpdateService => 2
    MSCONFIG\Services: AGSService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DishAnywherePlayerShortcut.lnk => C:\Windows\pss\DishAnywherePlayerShortcut.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe"
    MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe"
    MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
    MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
    MSCONFIG\startupreg: com.squirrel.slack.slack => "C:\Users\Robert\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup"
    MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
    MSCONFIG\startupreg: Dropbox Update => "C:\Users\Robert\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
    MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
    MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
    MSCONFIG\startupreg: Google Update => C:\Users\Robert\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
    MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    MSCONFIG\startupreg: iCloudPhotos => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
    MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
    MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    MSCONFIG\startupreg: OODITRAY.EXE => C:\Program Files\Laplink\DiskImage\ooditray.exe
    MSCONFIG\startupreg: PUStarter => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe
    MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
    MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
    MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{74602B5E-6B8A-4A94-8824-3F2096420ECD}] => (Allow) C:\Users\Robert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{538B6708-BA58-451D-81CD-72E17A2CE05B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CA0EFE2B-E4C2-4107-A700-1E953286AF6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{C0F6CD34-9F29-4759-9946-8A4D828AFCF5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{3952B176-CBCD-4419-A60E-B6253359CED2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{2E120A90-E41C-4384-AD7F-6BB54E309D75}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\robert\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{B437AE5D-04CE-429C-A24E-9910E2EBD236}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\robert\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{65A1A991-17C3-404B-A41D-59CDC586CA62}] => (Allow) LPort=50248
    FirewallRules: [TCP Query User{5598C75B-4EB4-4FD3-8334-D2BECDA9CFB3}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\robert\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{5070633D-1B83-4CFE-93DC-84519BF75B2F}C:\users\robert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\robert\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{60A5C6A0-3020-4543-84E4-A7CBD40F9EF5}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
    FirewallRules: [UDP Query User{ED20CD42-04D0-4771-AFAA-9C8A20DC88C5}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
    FirewallRules: [{58A63AE1-5EC7-419F-A660-5EE3DD1C14AF}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
    FirewallRules: [{2531DFBA-020E-4DCD-957C-7D30EE80D518}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
    FirewallRules: [{9458F890-5EC7-4CD6-9AD2-2724CF4A5C55}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{50CCD950-1599-4AEB-B3AD-0E833E81B20B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{05ECAD2D-ABF2-4793-A412-3536C789925C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{49962822-FB2D-4254-906F-96BD6C7D712D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{7C011DCA-597C-41A3-B4C1-487A7ACC4138}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{8F4C246B-C486-45F5-AA55-09696FA05709}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{27ADDC90-8530-48D1-8A8C-E4951D364322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{E864252B-432F-4E53-AE93-9773F562D601}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{15AFB21C-9599-44FF-AB37-F951AD67B005}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{9A117AFF-8F27-4E09-BE84-B023585F32C0}] => (Allow) C:\Program Files (x86)\Laplink\PCmover\pcmover.exe
    FirewallRules: [TCP Query User{3638F4C3-BDE4-4355-A581-364B93FDD0C6}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{D6DD645D-96D9-4CF7-88D1-4A6060BEDE1B}C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\robert\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{D237AB7A-178D-4693-8C97-0797A7A04D9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AB5AA242-A522-41D6-8C84-4421E3F1FAB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{3726DD40-140D-47AC-88FB-6E5E240CC157}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{A0CDF4CD-2D9F-4492-9443-80A8BFB21181}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{35FE7F52-9B49-472E-B48B-6BD15195275A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
    FirewallRules: [{C7E3CB04-62D2-41A7-AB32-6D1E84DF926C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    FirewallRules: [{60C9076E-88C1-4E3C-8C67-CAEF76CAA5DC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    FirewallRules: [{7750928E-23C6-4A8C-966B-A96DDE66B657}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    FirewallRules: [{19B245F5-B878-4AF2-95F4-5EFEF5311D26}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    FirewallRules: [{4A3DE1F5-8B73-411E-8A9A-750FD578E9DC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    FirewallRules: [{A0FC3A8C-BF76-4ADC-8823-8B7D0B242810}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    FirewallRules: [{3E906C5F-85DF-4FFE-AB33-019A1EBF4EC7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    FirewallRules: [{A9946772-B2E2-4A65-94F2-1925ABBAE0DB}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    FirewallRules: [{D8571DFD-EF42-4DB3-8006-DA0707C44FC2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    FirewallRules: [{FC64BC40-4858-4284-8898-C2F0F3938E7C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{ADF6CE3D-666E-4D33-9FDF-A8BE2DFFAB53}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
    FirewallRules: [{A9B00DAB-90DB-4F98-9C84-833D96068AD0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
    FirewallRules: [{F1690CB1-F286-404A-922A-6F0B964E8D73}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
    FirewallRules: [{565DEF29-0FA8-4CEB-8572-410256DF2D64}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
    FirewallRules: [{D377DC23-92AF-41B4-82DA-515782855889}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    FirewallRules: [{A7C8546C-0C87-44B8-B910-5C6457DB90CF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    FirewallRules: [{8A4E7B47-A9DE-40CA-A007-5BA229C63A3E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    FirewallRules: [{E4A967FF-C5B3-4C7A-A28F-683AD84E28BF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    FirewallRules: [{D109B387-9532-4E72-BC84-E7B9F2A37AE9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun

    ==================== Restore Points =========================

    05-11-2018 11:46:53 Windows Update

    ==================== Faulty Device Manager Devices =============

    Name: Dell Wireless 1703 802.11b/g/n (2.4GHz)
    Description: Dell Wireless 1703 802.11b/g/n (2.4GHz)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Atheros Communications Inc.
    Service: athr
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Dell Wireless 1703 Bluetooth
    Description: Dell Wireless 1703 Bluetooth
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: Atheros Communications
    Service: BTHUSB
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/07/2018 06:16:19 PM) (Source: Python Service) (EventID: 255) (User: )
    Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Read timed out. (read timeout=60)

    Error: (11/07/2018 06:11:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (11/07/2018 06:11:34 PM) (Source: NFSserver) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (11/07/2018 06:06:54 PM) (Source: Python Service) (EventID: 255) (User: )
    Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Read timed out. (read timeout=60)

    Error: (11/07/2018 06:01:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (11/07/2018 06:01:48 PM) (Source: NFSserver) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (11/06/2018 07:59:06 PM) (Source: iumsvc) (EventID: 255) (User: )
    Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] No connection could be made because the target machine actively refused it.',),))

    Error: (11/06/2018 07:59:03 PM) (Source: iumsvc) (EventID: 255) (User: )
    Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] No connection could be made because the target machine actively refused it.',),))


    System errors:
    =============
    Error: (11/07/2018 06:12:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 70. The internal error state is 105.

    Error: (11/07/2018 06:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Foxit Cloud Safe Update Service service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (11/07/2018 06:10:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Autodesk Content Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (11/07/2018 06:10:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Autodesk Content Service service to connect.

    Error: (11/07/2018 06:10:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.

    Error: (11/07/2018 06:09:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Wireless Zero Configuration service failed to start due to the following error:
    The executable program that this service is configured to run in does not implement the service.

    Error: (11/07/2018 06:08:32 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk5\DR5.

    Error: (11/07/2018 06:08:32 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk4\DR4.


    Windows Defender:
    ===================================
    Date: 2018-07-12 11:16:07.303
    Description:
    Windows Defender has encountered an error trying to update signatures.
    New Signature Version:1.271.751.0
    Previous Signature Version:1.269.1075.0
    Update Source:User
    Signature Type:AntiSpyware
    Update Type:Delta
    Current Engine Version:1.1.15000.2
    Previous Engine Version:1.1.14901.4
    Error code:0x80070666
    Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

    Date: 2018-07-12 11:16:07.283
    Description:
    Windows Defender has encountered an error trying to update the engine.
    New Engine Version:1.1.15000.2
    Previous Engine Version:1.1.14901.4
    Update Source:User
    Error Code:0x80070666
    Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

    Date: 2017-02-21 12:11:54.581
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    CodeIntegrity:
    ===================================

    Date: 2014-09-22 03:05:16.461
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-22 03:05:16.460
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-22 03:05:16.432
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-22 03:05:16.431
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-22 03:04:36.170
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-09-22 03:04:35.170
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-16 03:04:26.875
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-16 03:04:26.875
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
    Percentage of memory in use: 37%
    Total physical RAM: 8143.23 MB
    Available physical RAM: 5116.47 MB
    Total Virtual: 16284.6 MB
    Available Virtual: 13408.08 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:468.13 GB) (Free:286.95 GB) NTFS
    Drive d: (SERVER) (Fixed) (Total:623.04 GB) (Free:621.82 GB) NTFS
    Drive j: (Jobs) (Fixed) (Total:619.99 GB) (Free:513.33 GB) NTFS
    Drive k: (Documents) (Fixed) (Total:619.99 GB) (Free:480.14 GB) NTFS
    Drive r: (External Backup 1) (Fixed) (Total:931.48 GB) (Free:716.28 GB) NTFS
    Drive x: (DOCS_2) (Fixed) (Total:218.75 GB) (Free:218.41 GB) NTFS
    Drive z: (Misc_3) (Fixed) (Total:220.37 GB) (Free:220.06 GB) NTFS

    \\?\Volume{46aa00c4-ec1d-11e3-80d8-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:24.22 GB) (Free:13.49 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 18271E2A)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=24.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=468.1 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=439.1 GB) - (Type=0F Extended)

    ========================================================
    Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E8C9ED2)
    Partition 1: (Not Active) - (Size=623 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=620 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=620 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 98AC7196)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  5. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hey Robert,
    I am assumimg here that the old Dell service agreements no longer apply with the computer age.
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    Complete Care Business Service Agreement
    Consumer In-Home Service Agreement
    My Dell
    Java 8 Update 151

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------

    REBOOT (RESTART) Your Machine

    --------------------------------------------------------
    Run A Fix With FRST
    Download attached Fixlist.txt file and save it to the Computer Cleanup folder.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the FIX button just once, and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    askey127
     

    Attached Files:

  6. robertphtx2

    robertphtx2 Thread Starter

    Joined:
    Aug 8, 2018
    Messages:
    5
    Thank you for the help. I did not know the first 3 programs was on my harddrive.

    Fix result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
    Ran by Robert (08-11-2018 14:59:20) Run:1
    Running from C:\Users\Robert\Desktop\Computer Cleanup
    Loaded Profiles: Robert (Available Profiles: Robert)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************

    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Command Processor: <==== ATTENTION
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Robert\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\...\Run: [Autodesk Sync] => [X]
    HKU\S-1-5-18\...\Run: [Autodesk Sync] => [X]
    ShellExecuteHooks-x32: No Name - {56F9679E-7826-4C84-81F3-532071A8BCC5} - -> No File
    ShellExecuteHooks-x32: No Name - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - -> No File
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_captaind_14_39_ff&cd=
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325892
    SearchScopes: HKU\S-1-5-21-6484575-2889197964-3099999064-1001 -> {EA17BA04-8546-419B-8CEB-50C712BFBDD5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=231195&p={searchTerms}
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\Astromenda.xml [2014-09-27]
    FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\trovi-search.xml [2014-09-22
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] => not found
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.crx <not found>
    S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-04] (SlimWare Utilities, Inc.)
    C:\Windows\System32\DRIVERS\SWDUMon.sys
    2018-11-07 18:00 - 2014-09-27 08:41 - 000000296 _____ C:\Windows\Tasks\WSE_Astromenda.job
    2018-11-07 14:56 - 2015-08-04 13:56 - 000000368 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job
    DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Robert\AppData\Local\GoToMeeting\8953\G2MOutlookAddin64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
    ShellIconOverlayIdentifiers-x32: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => -> No File
    ContextMenuHandlers1-x32: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
    Task: {112D99F7-B53A-4CD5-AAFD-93FE044AA4FC} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Robert) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: {4348EE45-4907-4B02-A795-6E314D0AFA96} - \SystemToolsDailyTest -> No File <==== ATTENTION
    Task: {68D0FC76-8A9C-4AA6-8322-C680F824CF68} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {883777EC-EFE3-4B72-B6C4-DBCD5382A3F3} - System32\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001 => C:\Users\Robert\AppData\Local\GoToMeeting\10996\g2mupdate.exe [2018-11-03] (LogMeIn, Inc.)
    Task: {C4A4066D-55E9-41F7-92B3-BC414D879EB8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
    Task: {E6C35764-64D2-4A3F-A74B-B701C3F65309} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
    Task: {EB49F9C5-A21E-4C76-8D4C-BA6B01A83D36} - \WSE_Astromenda -> No File <==== ATTENTION
    Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
    Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\Robert\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    EmptyTemp:
    Cmd: ipconfig /flushdns


    *****************

    Restore point was successfully created.
    Processes closed successfully.
    "HKLM\Software\Wow6432Node\Microsoft\Command Processor\\AutoRun" => removed successfully
    "HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => removed successfully
    "HKU\S-1-5-21-6484575-2889197964-3099999064-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => removed successfully
    "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => removed successfully
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{56F9679E-7826-4C84-81F3-532071A8BCC5}" => removed successfully
    HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{56F9679E-7826-4C84-81F3-532071A8BCC5} => not found
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972}" => removed successfully
    HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => not found
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
    HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => removed successfully
    HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => not found
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
    HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => removed successfully
    HKLM\Software\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => not found
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => removed successfully
    HKLM\Software\Classes\CLSID\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} => not found
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EA17BA04-8546-419B-8CEB-50C712BFBDD5} => removed successfully
    HKLM\Software\Classes\CLSID\{EA17BA04-8546-419B-8CEB-50C712BFBDD5} => not found
    C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\Astromenda.xml => moved successfully
    C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\f0nn3d0i.default\searchplugins\trovi-search.xml => moved successfully
    "HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
    HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph => removed successfully
    HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
    SWDUMon => service removed successfully
    C:\Windows\System32\DRIVERS\SWDUMon.sys => moved successfully
    C:\Windows\Tasks\WSE_Astromenda.job => moved successfully
    C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F7A70D00-F283-45C8-B163-49EC365D7E27}\\SystemComponent" => not found
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
    HKU\S-1-5-21-6484575-2889197964-3099999064-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files => removed successfully
    HKLM\Software\Wow6432Node\Classes\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03} => not found
    HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
    HKLM\Software\Wow6432Node\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
    HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
    HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
    HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
    HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{112D99F7-B53A-4CD5-AAFD-93FE044AA4FC}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{112D99F7-B53A-4CD5-AAFD-93FE044AA4FC}" => removed successfully
    C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Robert) => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SlimCleaner Plus (Scheduled Scan - Robert)" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4348EE45-4907-4B02-A795-6E314D0AFA96}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4348EE45-4907-4B02-A795-6E314D0AFA96}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68D0FC76-8A9C-4AA6-8322-C680F824CF68}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68D0FC76-8A9C-4AA6-8322-C680F824CF68}" => removed successfully
    C:\Windows\System32\Tasks\LaunchSignup => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{883777EC-EFE3-4B72-B6C4-DBCD5382A3F3}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{883777EC-EFE3-4B72-B6C4-DBCD5382A3F3}" => removed successfully
    C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001 => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\G2MUpdateTask-S-1-5-21-6484575-2889197964-3099999064-1001" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4A4066D-55E9-41F7-92B3-BC414D879EB8}" => not found
    "C:\Windows\System32\Tasks\PCDEventLauncherTask" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6C35764-64D2-4A3F-A74B-B701C3F65309}" => not found
    "C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => not found
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB49F9C5-A21E-4C76-8D4C-BA6B01A83D36}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB49F9C5-A21E-4C76-8D4C-BA6B01A83D36}" => removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Astromenda" => removed successfully
    "C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Robert).job" => not found
    "C:\Windows\Tasks\WSE_Astromenda.job" => not found

    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57343041 B
    Java, Flash, Steam htmlcache => 510 B
    Windows/system/drivers => 505625 B
    Edge => 0 B
    Chrome => 415757 B
    Firefox => 122867029 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 16674 B
    systemprofile32 => 33058 B
    LocalService => 0 B
    NetworkService => 1739536 B
    Robert => 33721533 B

    RecycleBin => 0 B
    EmptyTemp: => 214.6 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 15:01:27 ====
     
  7. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    What are you seeing now in the behavior of the machine ?
    Internet sites access from the browser(s) will speed up over the next day or so.
     
  8. robertphtx2

    robertphtx2 Thread Starter

    Joined:
    Aug 8, 2018
    Messages:
    5
    seems to be working fine. I would say you have fixed my problem. Thank you.
     
  9. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Glad to hear that. You are most welcome.
    Good Luck going forward!
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Tags:
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1218800

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice