In Progress Very frustrated- virus? malware? ISP?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
Hello

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+, AMD64 Family 15 Model 107 Stepping 2
Processor Count: 2
RAM: 4094 Mb
Graphics Card: NVIDIA GeForce G100, 512 Mb
Hard Drives: C: 297 GB (8 GB Free);
Motherboard: BIOSTAR Group, N61PC-M2S
Antivirus: None - supposed to have Kaspersky

My computer has issues. Firefox - my preferred - is always slow and or crashing. It was down for two weeks before I decided to reboot it so that I can use it. I sometimes use Chrome but prefer FF and dont use IE.

Sometimes undesired and alternative sites will pop up in my browzer that I will just have to shut down. My computer keeps saying that my memory is full. Yet I have at least 8-10 GB available.
Recently ran Malware Bytes but it came back virus free.

I have had Kaspersky installed and active but according to above I have no antivirus.

Oftentimes in my gmail I get error message stating that my computer is having trouble connecting despite all green lights on my DSL modem. Or as now, while in yahoo email it keeps spinning and I cant access an email despite rebooting. It said I have no internet connection.

Thank you for your help! Im so frustrated.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
Ran by joe (24-02-2018 15:46:21)
Running from C:\Users\joe\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-03-17 13:57:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2397833457-972378470-3137472123-500 - Administrator - Enabled) => C:\Users\Administrator.joe-PC
Guest (S-1-5-21-2397833457-972378470-3137472123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2397833457-972378470-3137472123-1003 - Limited - Enabled)
joe (S-1-5-21-2397833457-972378470-3137472123-1000 - Administrator - Enabled) => C:\Users\joe
UpdatusUser (S-1-5-21-2397833457-972378470-3137472123-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArcSoft MediaImpression (HKLM-x32\...\{CCF38218-BD4A-4A4D-8EBE-735569BF89F5}) (Version: 1.2.33.353 - ArcSoft)
ArticleOptimizationCommando (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\d9e62058bf0f1ac0) (Version: 1.0.0.15 - ArticleOptimizationCommando)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BlasterSuite Manager (HKLM-x32\...\BlasterSuite Manager) (Version: 1.01 - BlasterSuite)
BlasterSuite Manager version 1.06 (HKLM-x32\...\{7E7B9A40-EF00-4253-B8AB-3360A2DC9328}_is1) (Version: 1.06 - Blaster Suite Soft SRL)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.276 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.9.40 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix)
CommandoHQ (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\78d56f4bc346f84a) (Version: 1.1.0.32 - Microsoft)
ContractorManagementSystem (HKLM-x32\...\{55B2DBF4-DB09-D300-4501-59BA3DB182F8}) (Version: 0.0.0 - UNKNOWN) Hidden
ContractorManagementSystem (HKLM-x32\...\ContractorManagementSystem) (Version: 0.0.0 - UNKNOWN)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.82 - NCH Software)
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 2.40 - NCH Software)
FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse)
Free File Shredder 5.6.2 (HKLM-x32\...\Free File Shredder_is1) (Version: - FreeFileShredder Co., Ltd.)
FreeScreenSharing (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\FreeScreenSharing) (Version: 0.58.75.0 - Free Conferencing Corporation)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.2.0.1084 - Citrix Online, a division of Citrix Systems, Inc.)
GoToMeeting 8.21.0.8404 (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\GoToMeeting) (Version: 8.21.0.8404 - LogMeIn, Inc.)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
IFTTT Backlink Commando (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\a3133e9c8c528059) (Version: 1.0.0.38 - Commando SEO Ltd.)
IMAPSize 0.3.7 (HKLM-x32\...\IMAPSize_is1) (Version: - Broobles)
IMHome Universe 3.0 (HKLM-x32\...\{D0CA6E45-2ED6-4DE5-BC84-D556105EF51D}_is1) (Version: 3.0 - Interactive Metronome, Inc.)
Instant Local Leads (HKLM-x32\...\{D3E26594-B74A-DA3A-6902-0D1991B14554}) (Version: 1.0.4 - UNKNOWN) Hidden
Instant Local Leads (HKLM-x32\...\InstantLocalLeads) (Version: 1.0.4 - UNKNOWN)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Keyword Tool (HKLM-x32\...\{8C2B49AD-7009-EB32-0352-51492A653EC6}) (Version: 1.0.3 - Yellowbird Publishing LLC) Hidden
Keyword Tool (HKLM-x32\...\KeywordTool) (Version: 1.0.3 - Yellowbird Publishing LLC)
Lead Finder Jack (HKLM-x32\...\{1E42CB5A-56D9-4616-B1DA-AA6C9FE0E63D}) (Version: 1.4.5 - GuideTrade LLC)
Live Stream Genius Basic (HKLM\...\{7E0B0C2C-2755-4719-AE0D-1CAFC85B74B9}) (Version: 2.13 - The Thomas Project Ltd)
Live Stream Genius Pro Edition (HKLM-x32\...\{435F13A1-1B79-4B0B-B688-271DEBF2594E}) (Version: 1.00 - The Thomas Project Ltd)
Local Buyer Leads Machine (HKLM-x32\...\{70C371A3-AB66-6D19-5AF2-55004027D59C}) (Version: 1.5.0 - UNKNOWN) Hidden
Local Buyer Leads Machine (HKLM-x32\...\VALPACK) (Version: 1.5.0 - UNKNOWN)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobilizer (HKLM-x32\...\{5AC54C83-060F-9610-CC29-9310CBDF80CB}) (Version: 0.9.5 - UNKNOWN) Hidden
Mobilizer (HKLM-x32\...\com.springbox.mobilizer) (Version: 0.9.5 - UNKNOWN)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 en-US)) (Version: 52.5.2 - Mozilla)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Offline Reputation Magma (HKLM-x32\...\OfflineReputationMagma) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
OpenSSL 1.0.1c Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team)
Orion 1.0.20 (HKLM-x32\...\{800C11F0-FC96-4016-A2AF-8DBFA87BBF79}) (Version: 1.0.0 - Orion LLC)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
PicAnimate (HKLM-x32\...\{FAA7AA22-DD30-4C59-AA0E-1F1B5690A05D}_is1) (Version: - Explaindio LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)
PlayMemories Home (HKLM-x32\...\{4F95DC94-A29D-41F6-AF34-15AA0D666186}) (Version: 5.4.02.06120 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{2CA3C685-339C-4C61-B12C-FAD81A872651}) (Version: 10.4.02 - Sony Corporation) Hidden
Prelaunch Gift IFTTT (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\69092872522f2d02) (Version: 1.0.0.9 - Commando SEO Ltd.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rep Management Lead Gen Software 1.0 (HKLM-x32\...\Rep_Deploy_0) (Version: 1.0 - DavidCisneros.com)
Reputation Scanner (HKLM-x32\...\{311CA526-E32E-DD78-7FC8-1EBF77A90521}) (Version: 1.2.5 - UNKNOWN) Hidden
Reputation Scanner (HKLM-x32\...\Reputation) (Version: 1.2.5 - UNKNOWN)
RPICheck (HKLM-x32\...\{8C2CABEB-88C1-415E-96A9-7AF9BB3BD148}) (Version: 2.0.0.0 - )
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.102.1 - Seagate)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SocialRobot (HKLM-x32\...\{05FBE066-ABB1-4CC2-B6D5-BD736E3D95FF}) (Version: 1.1.7 - Mibasoft Ltd.)
The Scriptures (HKLM-x32\...\The Scriptures_is1) (Version: - Institute for Scripture Research)
Trader Workstation (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\5889-6375-8446-2021) (Version: latest (969.2f) 20180213 12:38:50 - Interactive Brokers LLC)
Transfer Utility LE (HKLM-x32\...\{F2C2709B-FB3D-458C-B12E-9AAA5EDCA670}) (Version: 1.02.128 - PIXELA)
Tube Hero (HKLM-x32\...\{24A3EEFB-2C5C-4FF4-12A0-D9D4C429F969}) (Version: 2.1 - UNKNOWN) Hidden
Tube Hero (HKLM-x32\...\com.winsonprivate.TubeHero) (Version: 2.1 - UNKNOWN)
USIM Editor 1.0.25.0 (HKLM-x32\...\Card Reader Driver and USIM Editor Program_is1) (Version: - )
Video Lead Studio (HKLM-x32\...\{28816244-C5D5-4C63-A432-094C49E5611E}) (Version: 1.0.810 - BlasterSuite)
Video Spinn 1.0.20160606 (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\{5BABAFEC-DE1D-4727-A578-75D8F4F7AE72}_is1) (Version: 1.0.20160606 - Real Deal Productions)
Video Synd Alpha (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\7dbc469ac8c70c7f) (Version: 1.15.0.3 - Kiss Internet Marketing)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.1 - Nikon)
Vinci3D version 1.028 (HKLM-x32\...\{3E0FA624-2513-4615-9153-AAE8F997B55B}_is1) (Version: 1.028 - Explaindio LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
vRankChecker (HKLM-x32\...\{DA91E26B-667A-42C0-966A-3AF97C49DAEE}) (Version: 2.0.0.0 - Locustware.com)
vWhammyClonePro (HKLM-x32\...\{C10B9B25-9A47-48F8-A603-6EA6F23165D8}) (Version: 2.5.0.0 - Locustware.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
WinZip Courier (HKLM-x32\...\{D011655B-0753-4C2A-B870-946C5B02F54E}) (Version: 6.5.11568 - WinZip Computing, S.L. )
Wirecast (HKLM-x32\...\{37C5DF8F-C877-4B87-AEF8-7771749B4A3D}) (Version: 5.0.3 - Telestream, Inc.)
YoutubeLiveCommando (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\c926c8877468b571) (Version: 1.1.0.30 - YoutubeLiveCommando)
Zoom (HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-2397833457-972378470-3137472123-1000\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\joe\AppData\Local\GoToMeeting\8199\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\joe\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2397833457-972378470-3137472123-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [0BB] -> {BC7D00C5-9CDE-4F36-99EA-F759F01A9F87} => -> No File
ShellIconOverlayIdentifiers: [1BB] -> {A325B20C-FE16-4F1D-9385-DA3D2F4C4D1A} => -> No File
ShellIconOverlayIdentifiers: [2BB] -> {44A21A60-4225-4E0F-A189-98AED6F43B05} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2015-12-23] ()
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-09-23] (AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2016-04-28] (WinZip Computing, S.L.)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-09-23] (AO Kaspersky Lab)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-09-23] (AO Kaspersky Lab)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2016-04-28] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2015-12-23] ()
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2017-09-23] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2016-04-28] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0300978E-3ED5-4D04-9983-DC0DE199DF42} - System32\Tasks\joe2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {03085686-18D2-447D-B75D-5CB2E76F813B} - System32\Tasks\{5C73FF4B-2E30-4064-B547-AD0599D445A3} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {03283BEA-55E9-4381-B2F3-D0AC75AB2670} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe
Task: {0379353F-40E5-48D6-A582-871F042D8A73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {05138087-EA0B-4E7B-B88B-0E7660AA7D08} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-01] (AVAST Software)
Task: {063A2F11-4648-46ED-8C7E-45AF6F36CBB6} - System32\Tasks\{4B964368-D091-4701-8F03-B519BE202E99} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.158&LastError=404
Task: {1433B06D-C3CE-4DD6-87E5-C1C1B47D643C} - System32\Tasks\{4AE14A88-AF97-4A1E-BCCF-085759089CC3} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {146C238A-8A51-47BF-8B46-6F1427BCE205} - System32\Tasks\{1E6D3933-0D9F-4020-8BAA-DADEFCA20347} => C:\Windows\system32\pcalua.exe -a C:\Users\joe\Downloads\tws40_upgrade_latest.exe -d C:\Users\joe\Downloads
Task: {1D16E086-E236-4488-8A55-7D1DE8E2D740} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1F1A9C09-0434-4730-957A-A9B2F5A2633D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000UA => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {25C632AD-393A-48ED-935F-0D47816BD448} - System32\Tasks\joe4 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {29B16DD3-D9CF-4383-AB09-FF5FB70262A3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000Core1cfff4e33e32590 => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2FE70B5D-0196-4E65-9D72-662121729B45} - System32\Tasks\{050E891D-D7D2-4F4D-AE33-2F9689C123A3} => C:\Windows\system32\pcalua.exe -a C:\Users\joe\Downloads\Wirecast_for_YouTube_5.0.3.exe -d C:\Users\joe\Downloads
Task: {32E7DE43-8929-473F-B82E-3221B32CA27E} - System32\Tasks\joe3 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {3324A5C8-CF67-4317-B660-F5B34E04DCE7} - System32\Tasks\{49C78EE8-34D3-4588-8EC6-61483E9BF9BA} => C:\Windows\system32\pcalua.exe -a C:\Users\joe\AppData\Local\Temp\install\setup.exe -d C:\Users\joe\AppData\Local\Temp\install <==== ATTENTION
Task: {38A86A02-AFE5-4E3E-81F4-4FED4027E1E1} - System32\Tasks\{48242D68-1301-4A28-9289-C8558EBB1BF6} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {3E50315F-A0A7-4F01-9F88-0FD1603D743C} - System32\Tasks\{D87FF278-6146-40C1-828A-A076FE1ED56F} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {3E6D72CD-33D8-458A-9481-2638E427DDA0} - System32\Tasks\joe4 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {41162D94-E905-4C37-B831-7051698362D7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000Core => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4AD0A481-B37C-4A6B-9339-D84C1E1B63FD} - System32\Tasks\G2MUpdateTask-S-1-5-21-2397833457-972378470-3137472123-1000 => C:\Users\joe\AppData\Local\GoToMeeting\8404\g2mupdate.exe [2018-02-21] (LogMeIn, Inc.)
Task: {4E77AB59-687A-4B17-81AD-CA1C608E21DA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {53275629-FD98-45AE-91EE-5738004D9561} - System32\Tasks\G2MUploadTask-S-1-5-21-2397833457-972378470-3137472123-500 => C:\Program Files (x86)\GoToMeeting\7495\g2mupload.exe [2017-08-27] (LogMeIn, Inc.)
Task: {535A733D-91D2-4F52-AC14-48318D238DD3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000UA1cfff4e3530db40 => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {59B778D8-A3BD-4588-9A0B-552F2B737BD2} - System32\Tasks\joe1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {5F6EC468-A539-48A8-9A4F-614EB3B500CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {6D607185-1208-4978-9E2E-65DF3A474763} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000UA1d1eadaa68408c0 => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6D630A09-6145-4EF2-9262-8161A4BEB2B7} - System32\Tasks\{5A14B2CC-BF6A-4E81-A1DC-B03C1FFC39FA} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {72BE3D52-F986-45FE-B1CE-6B555F005B0E} - System32\Tasks\{47DC5571-CB8D-4820-B39A-F1674034C5E4} => C:\Windows\system32\pcalua.exe -a C:\Users\joe\Downloads\jxpiinstall(2).exe -d C:\Users\joe\Downloads
Task: {7476FE17-FAF2-426E-B46B-C9426C15E0BB} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2017-09-23] (AO Kaspersky Lab)
Task: {774F6A10-936F-43FA-A864-A28B41926D4C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {78FF9DBA-D52D-4399-91AF-43355EB21B19} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-29] (Dropbox, Inc.)
Task: {79FFE66B-CC89-431E-A356-D41FF1AE391B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-29] (Dropbox, Inc.)
Task: {84B2E628-511B-400A-9DAD-C3871EC41F5A} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {891FE43E-C32E-4550-B955-F061B80BD1AE} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {8A2E4952-9364-4666-B855-D521BDF5140F} - \CheckUpdates1234 -> No File <==== ATTENTION
Task: {8D680990-BCD8-4811-BC0F-0A03B773FF89} - System32\Tasks\{D75E2DF0-C2D2-4507-AD4B-19B6B9AD7AD1} => C:\Windows\system32\pcalua.exe -a D:\fscommand\setup.exe -d D:\fscommand
Task: {97C1FD46-A3AB-48C4-8F3B-9DD49F2E8E67} - \CheckUpdates -> No File <==== ATTENTION
Task: {97CE96D7-C09A-4BF5-BA2E-8CCD872BFB9A} - System32\Tasks\{5CA478D4-119F-4379-9DF5-9DBA73C3E471} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {9F3DBC34-A362-4CE8-BD31-BDC0369DA03F} - System32\Tasks\joe => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {A1EC1F39-E317-45AA-A7DB-59EF03D03DDC} - System32\Tasks\joe2 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {AB5FB011-4F4F-434A-9EA5-ED1DCD74CBAA} - System32\Tasks\{AEB9A65F-ED40-449C-AE0D-E1F5E9834FB4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {AC051E48-4654-4D05-83AF-B98B855265ED} - System32\Tasks\{CB662047-4391-4AD3-BF75-DE3525CDF0E0} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {B1BAFBF9-8B1C-41C7-9364-BA6E6D335411} - System32\Tasks\{A8EF78C2-9CB0-4F95-9A75-D9D8AA90D534} => C:\Windows\system32\pcalua.exe -a C:\Jts\WiseUpdt.exe
Task: {BB47F910-EF0D-47E8-A4D8-C952E0C12C30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {BDB56F5F-36B3-4B8B-B93C-BA2C0A20C967} - System32\Tasks\{256100E0-524F-4AE4-AF56-DD609AC3B129} => C:\Windows\system32\pcalua.exe -a E:\autorun\installer.exe -d E:\autorun
Task: {CDD62F41-58CF-4752-AF89-2B01A06D608A} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2397833457-972378470-3137472123-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2018-01-19] (Mega Limited)
Task: {D0B1435F-8536-4F7D-8C02-AEBED4E1C9DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {D69F3974-C973-455C-9B8C-0899871BD8C2} - System32\Tasks\joe3 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {D6AEABEA-5070-42C1-8C65-C131A06CABA1} - System32\Tasks\G2MUpdateTask-S-1-5-21-2397833457-972378470-3137472123-500 => C:\Program Files (x86)\GoToMeeting\7495\g2mupdate.exe [2017-08-27] (LogMeIn, Inc.)
Task: {D76F6376-F004-4B56-B332-28A7796A96FB} - System32\Tasks\joe5 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {D87C3E75-EA9D-45DB-B7C1-61C19EC5ECDA} - System32\Tasks\{AEFE273C-D490-44F4-AFCD-2546B13E31F8} => C:\Windows\system32\pcalua.exe -a C:\Users\joe\Downloads\PMHOME_5402DL.exe -d C:\Users\joe\Downloads
Task: {D9EA5418-2317-4C9B-81A7-743DDE4704B1} - System32\Tasks\AdobeGCInvoker-1.0-joe-PC-joe => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {EFEF9DA3-DD65-4ED7-A016-9B7F8DFC4219} - System32\Tasks\joe5 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {F23E818D-2D1A-402F-8015-EB827E3314D5} - System32\Tasks\joe1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {FF8B12CA-838F-415C-8457-4E7CB6B6FFA2} - System32\Tasks\G2MUploadTask-S-1-5-21-2397833457-972378470-3137472123-1000 => C:\Users\joe\AppData\Local\GoToMeeting\8404\g2mupload.exe [2018-02-21] (LogMeIn, Inc.)
Task: {FFE91683-4E10-4763-9F76-3184FC0D3698} - System32\Tasks\joe Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2397833457-972378470-3137472123-1000.job => C:\Users\joe\AppData\Local\GoToMeeting\8404\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2397833457-972378470-3137472123-500.job => C:\Program Files (x86)\GoToMeeting\7495\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2397833457-972378470-3137472123-1000.job => C:\Users\joe\AppData\Local\GoToMeeting\8404\g2mupload.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2397833457-972378470-3137472123-500.job => C:\Program Files (x86)\GoToMeeting\7495\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000Core.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000UA.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397833457-972378470-3137472123-1000UA1cfff4e3530db40.job => C:\Users\joe\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\joe\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

ShortcutWithArgument: C:\Users\joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl

==================== Loaded Modules (Whitelisted) ==============

2013-03-17 06:35 - 2013-01-18 08:00 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-08 19:40 - 2013-05-08 20:09 - 000073728 _____ () C:\Windows\SysWOW64\afasrv64.exe
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-05-01 07:13 - 2014-05-01 07:13 - 000470016 _____ () C:\Users\joe\AppData\Local\MEGAsync\ShellExtX64.dll
2016-02-29 03:23 - 2016-02-29 03:23 - 000052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-12-23 15:21 - 2015-12-23 15:21 - 000105984 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2017-11-11 23:25 - 2017-12-13 20:49 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2013-05-08 20:16 - 2013-05-08 20:16 - 005124608 _____ () C:\Program Files (x86)\USIM Editor\iconcs1483413.exe
2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2014-06-05 01:16 - 2014-06-05 01:16 - 004046328 _____ () C:\Users\joe\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe
2012-09-12 23:38 - 2012-09-12 23:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2017-09-23 08:43 - 2017-09-23 08:43 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\kpcengine.2.3.dll
2017-05-10 15:02 - 2017-05-10 15:02 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2015-03-05 15:44 - 2015-03-05 15:44 - 000190976 _____ () C:\Program Files (x86)\GuideTrade LLC\Lead Finder Jack\libzmq.dll
2017-12-08 01:49 - 2017-12-08 01:49 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:49 - 2017-12-08 01:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2018-01-05 20:26 - 2018-01-05 20:26 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2018-02-08 21:25 - 2018-02-08 13:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-02-08 21:25 - 2018-02-08 13:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-02-08 21:25 - 2018-02-08 13:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-02-08 21:25 - 2018-02-08 13:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-02-08 21:25 - 2018-02-08 13:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-02-08 21:25 - 2018-02-08 13:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-08 21:25 - 2018-02-08 13:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-02-08 21:25 - 2018-02-08 13:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-02-08 21:25 - 2018-02-08 13:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-02-08 21:25 - 2018-02-08 13:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-02-08 21:25 - 2018-02-08 13:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000545096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000359232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-02-08 21:25 - 2018-02-08 13:12 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2012-09-12 23:39 - 2012-09-12 23:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09 [103]
AlternateDataStreams: C:\Users\joe\Documents\downloadSm.gif:BDU [34]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service" <==== ATTENTION

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2397833457-972378470-3137472123-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\joe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0AE7D99B-4776-4F1F-BE63-B5BD9B5BA60C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{67889479-FDBE-480F-80D9-3741A474294F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{938B048A-605C-4EFE-8357-A5A112379DA2}] => (Allow) C:\Users\joe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{99EEC7EA-8E91-421A-9F02-501D99F2D2F3}] => (Allow) C:\Users\joe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C6DFEC4E-0070-4B67-A4F0-DA824A468A14}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2B34711D-C3F2-44E5-8B3B-A2449F682C55}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{6C04075C-6E44-4E1F-B297-058F67E5B669}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{4E91F656-DF82-4373-A015-660C565CF266}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{F177BA4B-A73D-495F-989F-30E857905AEB}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{A98BC79A-8680-4D54-8142-081E4E8E1A2E}] => (Allow) LPort=8888
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{CBA19621-63C5-4984-AC8A-5ED8EB3293B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8170D9D-467F-4191-ADA0-AEEB99ECCF18}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{23FE3C3A-B4B2-43B6-B10E-C7CB38749A5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47406169-D6DE-4E37-BAF9-E932FA25B5F6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{4BF0AE1C-006F-4F80-9B9A-62545692CC1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0C03CEF0-DCEB-4DAE-AAE7-D1D6DA850633}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CADBC49-5DDA-45F1-9C71-09351456623C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{596D1CE4-DFDD-402A-9E88-44C74E082942}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ADA5E37A-69E9-42FF-907A-D1375B92E2D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2293E10D-A290-4FC3-B521-3E79B6D4EEAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE324DBD-A2D4-4484-AA8F-906D79EC3DA7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7EA84E84-D63D-4D82-A171-BC68E51A0EF4}] => (Allow) LPort=2869
FirewallRules: [{3B3DB6A6-B631-438D-BCD7-B376506B5504}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{DF612C62-3B2F-4170-8A2B-6D1F23CBE539}C:\program files (x86)\socialrobot.exe] => (Block) C:\program files (x86)\socialrobot.exe
FirewallRules: [UDP Query User{BDC0E27D-7BF8-4D12-8EBD-3936EA3C9347}C:\program files (x86)\socialrobot.exe] => (Block) C:\program files (x86)\socialrobot.exe
FirewallRules: [TCP Query User{38263931-C3E2-48DA-A0F3-707078E17F94}C:\users\joe\appdata\local\freescreensharing\freescreensharing.exe] => (Allow) C:\users\joe\appdata\local\freescreensharing\freescreensharing.exe
FirewallRules: [UDP Query User{F09D72FF-54A2-4E5C-A168-0F23F6C3B411}C:\users\joe\appdata\local\freescreensharing\freescreensharing.exe] => (Allow) C:\users\joe\appdata\local\freescreensharing\freescreensharing.exe
FirewallRules: [{041172DE-BA8F-4002-B635-021FB4998D8B}] => (Allow) LPort=8888
FirewallRules: [{659DCAD8-C7A3-414F-9BD7-D80166D3653A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4CDF3BD5-3CC6-424A-AC94-DCAC19206CE1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{25694ED9-1B13-4C65-876A-8B396300D012}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C56D24BC-6013-422C-B68F-DA9E541AE379}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2018 09:19:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avp.exe, version: 18.0.0.405, time stamp: 0x5887698a
Faulting module name: prcore.dll, version: 1.8.145.0, time stamp: 0x587e1a4e
Exception code: 0xc0000005
Fault offset: 0x00010893
Faulting process id: 0x794
Faulting application start time: 0x01d3ac43946994d0
Faulting application path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
Faulting module path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\prcore.dll
Report Id: c13ed190-1850-11e8-9653-00e04db87439

Error: (02/22/2018 09:01:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (8616) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\joe\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (02/22/2018 09:01:59 PM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (8616) WebCacheLocal: An attempt to open the file "C:\Users\joe\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (02/22/2018 08:13:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: ntdll.dll, version: 6.1.7601.24024, time stamp: 0x5a58e571
Exception code: 0xc0000005
Fault offset: 0x0000000000032964
Faulting process id: 0x23e4
Faulting application start time: 0x01d3ac52e549c870
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 8942c840-1847-11e8-9653-00e04db87439

Error: (02/22/2018 07:55:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.9600.18921, time stamp: 0x5a7e99eb
Exception code: 0xc000041d
Fault offset: 0x0000000000011c94
Faulting process id: 0x13d0
Faulting application start time: 0x01d3ac4b82ce28f0
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\system32\jscript.dll
Report Id: 00749310-1845-11e8-9653-00e04db87439

Error: (02/22/2018 07:54:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.9600.18921, time stamp: 0x5a7e99eb
Exception code: 0xc0000005
Fault offset: 0x0000000000011c94
Faulting process id: 0x13d0
Faulting application start time: 0x01d3ac4b82ce28f0
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\system32\jscript.dll
Report Id: d3592e40-1844-11e8-9653-00e04db87439

Error: (02/22/2018 07:44:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: ntdll.dll, version: 6.1.7601.24024, time stamp: 0x5a58e571
Exception code: 0xc0000005
Fault offset: 0x0000000000032964
Faulting process id: 0x13d0
Faulting application start time: 0x01d3ac4b82ce28f0
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 7c2eafb0-1843-11e8-9653-00e04db87439

Error: (02/21/2018 11:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: jscript.dll, version: 5.8.9600.18921, time stamp: 0x5a7e99eb
Exception code: 0xc000041d
Fault offset: 0x0000000000011c94
Faulting process id: 0x203c
Faulting application start time: 0x01d3aba03c369ef0
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\system32\jscript.dll
Report Id: 34af48a0-1796-11e8-915e-00e04db87439


System errors:
=============
Error: (02/24/2018 12:29:50 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.

Error: (02/24/2018 12:28:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/24/2018 12:21:25 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (02/24/2018 12:21:19 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (02/24/2018 12:21:18 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xffffffffc000001d, 0xfffff88005e79f9d, 0xfffff88004d68398, 0xfffff88004d67c00). A dump was saved in: C:\Windows\Minidump\022418-30966-01.dmp. Report Id: 022418-30966-01.

Error: (02/24/2018 12:21:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:16:58 PM on ‎2/‎24/‎2018 was unexpected.

Error: (02/24/2018 11:18:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Blue Coat K9 Web Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/24/2018 07:52:24 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.


Windows Defender:
===================================
Date: 2013-10-13 16:31:31.902
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D1ABCE0B-88EA-4D8C-8CAA-45F9A98A777D}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2013-10-12 23:18:17.097
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{7B9BBC2F-E70B-4DC7-B12D-9E44D180A4E0}
Scan Type:AntiSpyware
Scan Parameters:Full Scan

Date: 2013-10-04 16:41:04.288
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{E9632200-2FC0-40B6-8BDA-426AFD79CE36}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-02-15 18:58:20.909
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.261.1260.0
Previous Signature Version:1.261.1097.0
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.14500.5
Previous Engine Version:1.1.14500.5
Error code:0x80508007
Error description:Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.

Date: 2018-01-16 21:02:35.563
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2018-01-16 21:02:35.531
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.259.1507.0
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Full
Current Engine Version:1.1.14306.0
Previous Engine Version:
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2018-01-16 21:02:35.374
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.14306.0
Previous Engine Version:
Update Source:Signature Update Folder
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2018-01-12 19:13:11.002
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2014-10-08 10:50:20.969
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\chamisaStage2\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-08 10:50:20.790
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\chamisaStage2\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-22 23:32:24.615
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 23:32:24.214
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 23:32:23.819
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 23:15:41.616
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 23:15:41.089
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 23:15:40.651
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
Percentage of memory in use: 74%
Total physical RAM: 4094.49 MB
Available physical RAM: 1047.09 MB
Total Virtual: 5992.66 MB
Available Virtual: 1455.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:8.51 GB) NTFS

\\?\Volume{364b36c3-8f0a-11e2-96ad-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 2E132E12)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,593
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+, AMD64 Family 15 Model 107 Stepping 2
Processor Count: 2
RAM: 4094 Mb
Graphics Card: NVIDIA GeForce G100, 512 Mb
Hard Drives: C: 297 GB (8 GB Free);
Motherboard: BIOSTAR Group, N61PC-M2S
That appears to be a 2005 - 2008 era computer, so please do the following in it:

Download MGADiag and save it to your desktop.
Double-click on MGADiag.exe to launch the program.
Click "Continue".
Ensure that the "Windows" tab is selected (it should be by default).
Click the "Copy" button, then leave the report window open.
Paste the report back here in your next reply.
My computer keeps saying that my memory is full. Yet I have at least 8-10 GB available.
Your computer's motherboard is maxed out with 4 GB(4096 MB) of RAM, so there's no option to add more to it.
And its 297 GB capacity hard drive is about 97% full.

The lack of RAM and the lack of free space in the hard drive is why you're having memory issues.

---------------------------------------------------------------
 
Last edited:

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
Hello Flavalee

Thank you for your reply. Here is what you suggested I believe:


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
Windows Product ID: 00426-OEM-8992662-00006
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {F4469745-88FF-4232-B8D0-CD50C883E352}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_ldr.180112-0600
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F4469745-88FF-4232-B8D0-CD50C883E352}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-2397833457-972378470-3137472123</SID><SYSTEM><Manufacturer>BIOSTAR Group</Manufacturer><Model>N61PC-M2S</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>6.00 PG</Version><SMBIOSVersion major="2" minor="5"/><Date>20081125000000.000000+000</Date></BIOS><HWID>EC963A07018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Mountain Standard Time(GMT-07:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600006-02-1033-7601.0000-3492013
Installation ID: 016782636245455614757816984300622811384932022765061685
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: HYRR2
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 2/25/2018 1:07:46 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x80072F8F
HealthStatus: 0x0000000000000000
Event Time Stamp: 3:6:2018 21:45
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: NAAAAAEAAgABAAEAAQADAAAAAgABAAEA6GEsNsCESNGSAIqqKKZMfxrfUHkwAexdBgPI9A==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC Nvidia NVDAACPI
FACP Nvidia NVDAACPI
HPET Nvidia NVDAACPI
MCFG Nvidia NVDAACPI
SSDT PTLTD POWERNOW
SLIC ACRSYS ACRPRDCT


thank you
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,593
Thanks for submitting the MGA Diagnostic Report - which shows an issue with the Windows 7 Ultimate 64-bit operating system.

A Malware Specialist and/or a Moderator will need to assist you from here on.

--------------------------------------------------------------
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,075
The last report shows that the opoerating system is not genuine. We only provide assistance on genuine systems.
 

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
Are you saying that my version of Windows is not legit?

If so, than I have been ripped off by a vendor who promised otherwise.
 

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
I just checked my computer with Microsoft and it said my windows is genuine.

upload_2018-3-2_19-38-48.png
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,075
What's the make and model of the computer?
 

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
Hi Cookiegal.

The computer was built for me in 2008 (?) by a private party/local home biz that is now out of business.

He said he could get me a better deal and parts vs. going to a box store.

It is a tower PC of unknown origin - maybe an Acer. Im not sure. If you know of a way to get more info that you need please let me know.

Thank you
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,593
Capture1.JPG
Capture2.JPG

The above 2 entries in your log shows your copy of Windows 7 Ultimate 64-bit is an Original Equipment Manufacturer System Locked Pre-installation copy that was pre-installed in a name brand computer before it was sold brand new.

Capture3.JPG

If I'm correct, the above entry in your log shows it was originally installed in an Acer brand computer.

Cookiegal is one of the log experts here, so you need to wait for her to reply back to you.

---------------------------------------------------------------
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,075
If it was custom built for you then it can't be an Acer and if it were it would have Acer written on the tower in large letters somewhere, probably right on the front.

Anyway, the report supports the fact that the PC was originally manufactured in 2008 and Windows 7 didn't get released until July 2009 so that means it wasn't the original operating system so an OEM license cannot be used because they are only used preloaded with the original system as it left the store. Any subsequent upgrade from a previous operating system to Windows 7 or a fresh installation would have to be under a retail license.

So unfortunately, we cannot assist with this system due to the breach of the licensing terms. The only option we could assist with is to revert to whatever operating system it came loaded with using the COA license which should be on a sticker underneath or on the back of the tower.
 

wombatz

Thread Starter
Joined
Feb 24, 2018
Messages
7
Hi Cookiegal.


You are correct. I did not have Win 7 originally on the computer. It was upgraded by a tech while doing some repairs / virus removal. He told me it was a legal copy of Win 7. I trusted him.

Im not sure where the original OS software is now. If I get a legit copy of Win 7 installed and it has similar issues as Im currently having will I be eligible for possible assistance?

Thank you
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,075
If I get a legit copy of Win 7 installed and it has similar issues as Im currently having will I be eligible for possible assistance?
Yes but I doubt you will have the issues once you do a fresh installation of Windows. Be sure you back up anything you need to keep like documents, photos, music, emails, etc. before as everything you every downloaded, saved or installed will be lost.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top