Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Myriam (04-04-2018 17:14:04)
Running from C:\Users\Myriam\Downloads
Windows 8 (X64) (2013-06-16 17:41:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2870124582-2670056687-1688047813-500 - Administrator - Disabled)
Guest (S-1-5-21-2870124582-2670056687-1688047813-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2870124582-2670056687-1688047813-1003 - Limited - Enabled)
Myriam (S-1-5-21-2870124582-2670056687-1688047813-1001 - Administrator - Enabled) => C:\Users\Myriam
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
123 Free Solitaire v10.3 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (HKLM-x32\...\{25e2ab6e-0bb9-479e-947c-5dd5f6a309a6}) (Version: 4.0.7800.0 - Box Inc.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 46.4.65 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
e5 Secure Download Manager (HKLM-x32\...\{6A979889-133D-4E64-99BB-1DA983CDCE75}) (Version: 3.2.262.0 - Kivuto Solutions Inc.)
Easy Photo Scan (HKLM-x32\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-420 Series Printer Uninstall (HKLM\...\EPSON XP-420 Series) (Version: - SEIKO EPSON Corporation)
Epson XP-420_424 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-420_424 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{DF5200AB-5AE6-4598-846B-8ABC3AE121B1}) (Version: 3.0.2.0 - SEIKO EPSON Corporation)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (HKLM\...\{E59CEF5A-DD72-4EE5-98D2-62FE1265941B}) (Version: 3.1.34907 - Juniper Networks) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.34907 - Juniper Networks, Inc.)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2116 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2116 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29031 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6625.6402 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 1.0.0.5C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Trend Micro OfficeScan Agent (HKLM-x32\...\OfficeScanNT) (Version: 11.0.1028 - Trend Micro Inc.)
Umbrella Roaming Client (HKLM-x32\...\{47904E32-6950-4AF8-8F86-7DEA7F51EB56}) (Version: 2.1.0.0 - OpenDNS)
Update for Skype for Business 2015 (KB4018290) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{84C8E536-D7E9-4C97-8477-F56848459A05}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018290) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{84C8E536-D7E9-4C97-8477-F56848459A05}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018290) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{84C8E536-D7E9-4C97-8477-F56848459A05}) (Version: - Microsoft)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.1 - Compal) Hidden
WD Backup (HKLM-x32\...\{4AACAFC7-951A-4215-B430-3DFCFF2E6CED}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{a8c9535a-ecd9-4172-a330-0cb5ff9dbed9}) (Version: 1.5.5953.19614 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Myriam\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-28] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-10-24] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16BD5795-6BCC-4BE2-BABA-F3863D6542F9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {1E4034C9-F27F-42CD-9F56-4CD675860005} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {358B225D-9180-4198-B4CF-CC3FCF041A20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {368FCF03-7D08-4E0D-8CF0-8E62F92032D6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {3F2ADA94-AD3A-4888-8AD6-BD748EDF9B58} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)
Task: {5F91E9AC-65DE-48D6-9C8E-CAF711915E8E} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {60ED562A-9AAB-46A5-BFE2-9A134BCBC1FC} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {7096CB5A-E8C5-4DB1-9262-E0DBE560424A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {75501669-22A7-4B7A-B445-5FEBA4CE9865} - System32\Tasks\EPSON XP-420 Series Update {CBC51009-C0F1-4B68-93C8-C3317DDE4B46} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {77770830-8886-4FA2-B3D1-54EAAF9323E7} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {8E7CB33A-A093-4773-BB05-57CF44CFEE48} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {9B87DD21-09F6-4AC2-80DE-8AD9FBB5F199} - System32\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {9E1F6F82-181A-491D-A86B-BEB2242D46BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A8850237-EBE8-4FC9-B44A-E08BF153C3D9} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe [2014-02-05] ()
Task: {A92D8F5C-B552-4A5B-8653-F2E7D3916328} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-30] (Microsoft Corporation)
Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST
Task: {AF711E7E-2FB4-4361-AC09-DB15D43A66DF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-18] (Adobe Systems Incorporated)
Task: {BEFC95F3-BF2B-4EA9-8A63-85A8326C1C1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BF1E62E2-FFE9-4644-B716-878B3F48BD8F} - System32\Tasks\Driver Booster SkipUAC (Myriam) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {C772D868-20AA-486B-9279-F62850BD871D} - System32\Tasks\{7A4FCD95-FFBF-464C-B5B8-1BB5836C4EB6} => C:\windows\system32\pcalua.exe -a F:\msert.exe -d F:\
Task: {C8A68697-E7BB-4FE9-97AD-362141F3F755} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {CBDABD43-0EA1-4668-86D9-F8ADD8A822C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-30] (Microsoft Corporation)
Task: {D96EBD61-F23A-4F04-B185-A962DB97F5DD} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe [2014-02-05] ()
Task: {DCBC3E2C-F360-4BBE-BB47-52004834554C} - System32\Tasks\EPSON XP-420 Series Update {EE36AA76-8C02-452D-AA01-97A485E70511} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {DEA0CD22-6315-4156-BBBF-379E19D52D4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DF34FF18-02C7-4293-87DD-945DF34EE050} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-19] (Dropbox, Inc.)
Task: {EE0FFC22-B822-4E76-9181-C3C73427F350} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-30] (Microsoft Corporation)
Task: {F4879460-98A3-4059-95A3-F8ABBC47C89A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-24] (Microsoft Corporation)
Task: {FABA927C-6F55-4E10-A056-61F9D91A9AFE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {FCDB6C27-CE10-4CAC-9BD1-D02C1E1FE8F1} - System32\Tasks\AV_PWB => C:\Program Files (x86)\AVG SafeGuard toolbar\BundleInstall.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\windows\Tasks\AV_PWB.job => C:\Program Files (x86)\AVG SafeGuard toolbar\BundleInstall.exeĢ/HP=hxxp:/mysearch.avg.com
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\EPSON XP-420 Series Update {7506ED29-D2B3-408F-9C39-C6870A815C91}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSNAE.EXE:/EXE:{7506ED29-D2B3-408F-9C39-C6870A815C91} /F:UpdateWORKGROUP\MYMI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 14:55 - 2011-08-31 14:55 - 000801792 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\sqlite3.dll
2014-02-05 18:37 - 2014-02-05 18:37 - 002606616 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
2007-05-16 12:42 - 2007-05-16 12:42 - 000089088 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\zlibwapi.dll
2012-12-19 05:06 - 2012-12-19 05:06 - 001300480 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\libprotobuf.dll
2018-03-30 13:09 - 2018-02-05 14:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-30 13:08 - 2018-03-01 10:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-07-26 02:58 - 2012-07-26 02:53 - 000170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-16 10:19 - 2013-01-16 10:19 - 000048128 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_date_time-vc110-mt-1_49.dll
2013-04-02 12:25 - 2013-04-02 12:25 - 000675840 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\sqlite3.dll
2013-01-16 10:23 - 2013-01-16 10:23 - 000058368 _____ () C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\boost_thread-vc110-mt-1_49.dll
2012-10-24 01:44 - 2012-10-24 01:44 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-30 16:34 - 2012-08-30 16:34 - 002609064 _____ () C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 000018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll
2012-08-04 17:01 - 2012-08-04 17:01 - 000213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2017-05-09 03:05 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2011-08-12 16:57 - 2011-08-12 16:57 - 000437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-07-25 15:44 - 2012-07-25 15:35 - 000129024 _____ () C:\windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000036864 _____ () C:\windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 000022016 _____ () C:\windows\system32\WinMetadata\Windows.Foundation.winmd
2011-10-15 07:31 - 2011-10-15 07:31 - 000431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2017-07-19 16:30 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2017-07-19 16:30 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2017-07-19 16:30 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2017-07-19 16:30 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2017-07-19 16:30 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-29 18:04 - 2018-03-28 09:31 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-29 18:04 - 2018-03-28 09:31 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-03-29 18:04 - 2018-03-28 09:30 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-02-10 08:49 - 2018-03-28 09:33 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-29 18:04 - 2018-03-28 09:31 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-02-10 08:49 - 2018-03-28 09:30 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-29 18:04 - 2018-03-28 09:31 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-03-29 18:04 - 2018-03-28 09:30 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-02-10 08:49 - 2018-03-28 09:33 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-10 08:49 - 2018-03-28 09:30 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-03-29 18:04 - 2018-03-28 09:30 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-03-29 18:04 - 2018-03-28 09:33 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-29 18:04 - 2018-03-28 09:31 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-03-29 18:04 - 2018-03-28 09:33 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-03-29 18:04 - 2018-03-28 09:33 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-29 18:04 - 2018-03-28 09:32 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-03-29 18:04 - 2018-03-28 09:33 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-29 18:04 - 2018-03-28 09:32 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-06-12 13:41 - 2017-06-12 13:41 - 001037688 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libldns-1.dll
2017-06-12 13:42 - 2017-06-12 13:42 - 000047952 _____ () C:\Program Files (x86)\OpenDNS\Umbrella Roaming Client\libdcplugin_erc.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Umbrella_RC => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\...\sharepoint.com -> hxxps://wavetulane.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 00:26 - 2015-07-16 20:03 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 127.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8C631FDE-265F-4413-B795-C37E3304894B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{460AA8CF-B166-45B3-939B-BBE591AD603D}] => (Allow) LPort=2869
FirewallRules: [{CEC0AD45-93DC-424E-99A2-AC85F9BA8C2C}] => (Allow) LPort=1900
FirewallRules: [{A91F71E6-AE00-489D-BA4F-2D81706F3849}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EB2D8515-0D1A-4244-B9E8-18B61BD9B067}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5EC79733-02E8-4007-8B87-F0684EB91E4B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{816BA1D5-48D6-4A23-9251-AB5AC3E070FB}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{36E4F7A8-C4BE-4D97-BFE5-D2F855E6BD1D}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{DD353AB8-174A-4770-8C8E-0EEEFEC603A7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{F266E0A6-7C72-4625-8114-E17805615B13}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B9F3856E-B474-4FFD-9654-AF13E9810797}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{EFEC3005-747B-477B-88C3-EE09EBA0148E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{112D68F8-6889-4D4C-81A6-6A3848FE1334}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{E8996EC8-2971-4F07-B4FC-3FBF21C87B03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{38930CD3-E080-4F92-99BA-17422BFA3626}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{051ACE53-830E-4782-B126-536B3412AD3C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39D4E517-272D-4572-8491-1452E4BDFA2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EAB0BB4-8B60-47B1-8C21-7B87A17D08DE}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6E8B4FB5-C79A-4945-8C71-47894B0F6EAD}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5E65BE58-918E-48D4-9951-9AE950007AB3}] => (Allow) C:\Users\Myriam\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7020F699-236B-486F-A9F9-F1DD681ABDDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AF9DC13-2540-4EF6-98BB-4C69378A1293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5C3A11F2-E0AE-47E4-9C43-3733B0F7BB19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B8A3FB0-3360-4DB9-A294-7902293D456E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5A8B45EA-A736-45F1-9E24-A30EAF8E60D9}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B1498BD8-A57E-4846-9D14-9CCA426613B1}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{7808E7A1-C5B0-4116-987E-4E94667DD1DC}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{01D9D0A1-F735-4665-AA48-3D053E1FB675}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{25249221-0EED-480D-8306-F101B7C21BAA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{29763E86-D5F1-4301-89A4-25E81BB993FC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2320B5E8-93BC-4943-AFD5-286B1184AA69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E82DDF3-2648-495B-BC4F-3F7B09349C27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1AC58D3D-8399-4802-8C65-2102FAC89161}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88AAFA3E-53B2-496C-8BA3-167110B58CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C7EB92-8886-4F71-813F-D32CEBE47C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FEED4B2F-E743-4242-AEE4-7C21C95B1FE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A5ED18-9F65-4170-B325-E7912180B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6DF3BB91-B359-461E-9D96-93F7F139FEDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CE942A9-91FD-4F52-9D21-D8BC7927750B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{7089CB11-6B33-4847-8377-1C8EFD96122E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{737D3152-B17C-44B9-AA1A-39EFD62E81C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE339300-7A1E-48C4-942D-AAC7D1F312AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{09FA5353-09CE-401B-8960-E97D2CA77182}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2F933BA3-5231-4F72-A2F7-CAAE9F5AF23D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04A64927-F9F6-4F80-BEEE-70F40FE7F01C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{AA62DBE2-BDD1-4BAB-AE40-716719A72661}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3600B74B-1573-42F4-BE65-38B63FFFF908}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0B1B2B6D-B12F-47AE-AD8B-3205067D9B9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4C3362D5-D221-47E2-A95A-FDDC3B80C659}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{83D67A63-F8AF-4DC5-B042-B97005D123BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{8F1FB95C-E62D-46B6-A5CC-A4B9BFC6DEDB}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BF606A8D-7838-4472-B2FB-6D217D2669D7}C:\users\myriam\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\myriam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0610831C-40A5-4712-B382-E9E66F2A092A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9D7E90B9-603F-4F1C-94E4-E9E629B947CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{221ABCF0-02C6-4509-BD66-A93DFD7C03FD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{84FCA9E6-6DDA-451A-922E-CE22F6805766}] => (Allow) LPort=35188
==================== Restore Points =========================
31-03-2018 12:27:15 PROPLUSR
02-04-2018 02:56:11 Windows Backup
03-04-2018 17:44:48 18-04-03_Before Modification
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2018 04:15:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/04/2018 03:15:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MYMI)
Description: Activation of app SymantecCorporation.NortonStudio_v68kp9n051hdp!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (04/04/2018 02:47:57 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/04/2018 02:39:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a994
Faulting module name: ntdll.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0x060c201e
Fault offset: 0x0009cfcf
Faulting process id: 0x3e98
Faulting application start time: 0x01d3cc4c68f6894e
Faulting application path: C:\windows\syswow64\backgroundTaskHost.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: d957b9e9-383f-11e8-845d-b888e31f69d2
Faulting package full name: SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp
Faulting package-relative application ID: App
Error: (04/04/2018 06:35:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a994
Faulting module name: ntdll.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0x060c201e
Fault offset: 0x0009cfcf
Faulting process id: 0x38e0
Faulting application start time: 0x01d3cc082e587525
Faulting application path: C:\windows\syswow64\backgroundTaskHost.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: 57f4c453-37fc-11e8-845d-b888e31f69d2
Faulting package full name: SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp
Faulting package-relative application ID: App
Error: (04/03/2018 03:58:16 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/02/2018 03:53:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/02/2018 03:43:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
System errors:
=============
Error: (04/03/2018 05:59:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (04/03/2018 05:59:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (04/03/2018 05:48:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (04/03/2018 05:48:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
Error: (04/03/2018 05:48:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (04/03/2018 05:48:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (04/02/2018 03:54:38 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume21'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Error: (04/02/2018 03:54:26 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume19'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.
Windows Defender:
===================================
Date: 2015-08-26 21:27:39.607
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A04ADA9C-F7F3-486A-B07C-AAC75ACCEBF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-24 20:26:43.326
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F461CD8C-E934-4A19-8EE8-F81A83E7B50D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 12:23:35.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {3E3BD3DF-60D4-4691-B9C7-B66562A8A83B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:54:38.352
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {704B85F8-6E1B-40EC-B34E-80757DDBABCF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-23 11:23:19.772
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8242F810-20EE-49D9-ADD0-BDE6903B0F5D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2015-08-27 20:51:23.134
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-27 20:51:23.133
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-24 21:06:29.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2015-08-23 21:12:57.447
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.2410.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11903.0
Error code: 0x800704c7
Error description: The operation was canceled by the user.
CodeIntegrity:
===================================
Date: 2018-04-04 14:39:09.898
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-04-04 06:35:56.696
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\Settings.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-30 16:38:37.003
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-29 15:12:36.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-25 20:17:48.269
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-24 11:19:20.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-18 18:27:17.956
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
Date: 2018-03-10 09:20:56.814
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\SymantecCorporation.NortonStudio_1.0.0.98_x86__v68kp9n051hdp\diStTask.dll with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 58%
Total physical RAM: 6033.95 MB
Available physical RAM: 2478.66 MB
Total Virtual: 12177.95 MB
Available Virtual: 7747.63 MB
==================== Drives ================================
Drive c: (TI10658800D) (Fixed) (Total:687.39 GB) (Free:417.94 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:428.33 GB) NTFS
Drive g: (HD-GDU3) (Fixed) (Total:2794.52 GB) (Free:274.71 GB) NTFS
\\?\Volume{8c37a611-60fa-11e2-b77c-b888e3139d3f}\ (System) (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{066ae605-4bc9-405f-a6f8-534e3fb93882}\ (Recovery) (Fixed) (Total:10.43 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 356187B6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================