Solved PRODUC~1.EXE : What is it and how do I remove it?

[malsaurus]

If you're reading this I would like to thank you for taking the time as I am stating to get desperate. I'm not sure what it is, as far as I know it's some sort of Trojan virus? I tried using Microsoft Security Essentials to remove it for a while now by updating the definition and such, but it's still here bothering me and for some reason I can't seem to find the location file in my computer. Well whatever it is, if it's not good for my laptop how do I remove it and how do I do it quickly (without downloading anything if possible). Thank you for taking the time to read.

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[malsaurus]

That's excellent but what is it and what should I do?

 

[Broni]

You should do exactly what I said in my previous reply.
Possibly, re-read it, carefully.

 

[malsaurus]

Oh sorry, I will download FRST64.exe and provide logs as soon as possible. It's simply difficult with these alerts from what I assume is a virus, asking to make changes.

 

[Broni]

OK.

 

[malsaurus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Tom (ATTENTION: The user is not administrator) on TOMDELL (10-11-2018 10:51:51)
Running from C:\Users\Tom\Downloads
Loaded Profiles: jl & Tom (Available Profiles: jl & Tom)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> RtkAudioService64.exe
Failed to access process -> RAVBg64.exe
Failed to access process -> RAVBg64.exe
Failed to access process -> svchost.exe
Failed to access process -> WLTRYSVC.EXE
Failed to access process -> BCMWLTRY.EXE
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> AERTSr64.exe
Failed to access process -> btwdins.exe
Failed to access process -> svchost.exe
Failed to access process -> ijplmsvc.exe
Failed to access process -> HeciServer.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> svchost.exe
Failed to access process -> NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
Failed to access process -> WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe
Failed to access process -> SearchIndexer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
() C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
Failed to access process -> svchost.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
Failed to access process -> IAStorDataMgrSvc.exe
Failed to access process -> Jhi_service.exe
Failed to access process -> LMS.exe
Failed to access process -> SftService.exe
Failed to access process -> wmpnetwk.exe
Failed to access process -> svchost.exe
Failed to access process -> SeaPort.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Failed to access process -> SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Failed to access process -> rundll32.exe
Failed to access process -> VSSVC.exe
Failed to access process -> svchost.exe
Failed to access process -> OSPPSVC.EXE
Failed to access process -> dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_31_0_0_122_ActiveX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Failed to access process -> svchost.exe
Failed to access process -> DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google) C:\Users\Tom\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
Failed to access process -> wlanext.exe
Failed to access process -> conhost.exe
Failed to access process -> TrustedInstaller.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
Failed to access process -> svchost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-09-05] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
Winlogon\Notify\igfxcui: C:\Windows\System32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe [70168 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl64] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe [82456 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrlc] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3823128 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [BRS] => C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe [1173504 2014-08-08] ()
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C:\Users\Tom\AppData\Local\Chromium\Application\chrome.exe [663552 2015-06-28] (The Chromium Authors)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-11] (Valve Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [KakaoTalk] => "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup
HKU\S-1-5-18\...\RunOnce: [JavaInstallRetry] => RUNONCE=1 SPONSORS=0
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-252852572-1064671646-1800406956-1001\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131130558221447530&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131802431285607286&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
URLSearchHook: [S-1-5-21-252852572-1064671646-1800406956-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1797486999&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0BtA0AyD0CtDyEtG0AyByBtAtGzzyD0B0CtGyCtC0E0FtGtC0BtAtD0F0ByE0A0E0F0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1712688768&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=&systemid=&v=a15946-1205&apn_uid=4431050210474885&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1066&systemid=1&v=n13124-409&apn_uid=9434405932554208&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 [2018-11-10]
FF Homepage: Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 -> hxxps://id.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_44_orgnl&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Did%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB%26cr%3D1609883092%26a%3Dhdr_s_17_44_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858\searchplugins\yhs.xml [2018-01-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/O1DPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; c:\program files\my dell\pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \??\C:\Windows\system32\drivers\mmaennbv.sys [X]
S1 MpKsl9b5e44a7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06717DA4-6C54-415D-AA4E-217CE011D206}\MpKsl9b5e44a7.sys [X]
S1 niatpxbo; \??\C:\Windows\system32\drivers\niatpxbo.sys [X]
S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X] <==== ATTENTION
S1 spaltjok; \??\C:\Windows\system32\drivers\spaltjok.sys [X]
S1 szftsrbn; \??\C:\Windows\system32\drivers\szftsrbn.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Tom\Downloads\Titanfall Rap by JT Machinima, THK and Borderline Disaster - "
2018-11-10 10:51 - 2018-11-10 10:54 - 000025461 _____ C:\Users\Tom\Downloads\FRST.txt
2018-11-10 10:47 - 2018-11-10 10:47 - 000000000 ____D C:\Users\Tom\Downloads\FRST-OlderVersion
2018-11-10 10:46 - 2018-11-10 10:51 - 000000000 ____D C:\FRST
2018-11-10 10:45 - 2018-11-10 10:51 - 002415616 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-09 18:05 - 2018-11-09 18:05 - 000000000 ____D C:\Users\jl\AppData\Roaming\Dropbox
2018-11-09 18:03 - 2018-11-10 10:08 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-09 18:03 - 2018-11-09 18:08 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-09 18:02 - 2018-11-09 18:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-09 17:44 - 2018-11-09 18:14 - 000000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2018-11-09 17:44 - 2018-11-09 18:02 - 000696608 _____ (Dropbox, Inc.) C:\Users\Tom\Downloads\DropboxInstaller.exe
2018-11-09 17:44 - 2018-11-09 17:44 - 000000000 ____D C:\ProgramData\Dropbox
2018-11-06 20:06 - 2018-11-06 20:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-12 11:49 - 2018-10-12 11:49 - 000000020 _____ C:\Users\Tom\Desktop\SOUL.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 10:42 - 2017-11-05 07:06 - 000000266 _____ C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job
2018-11-10 10:42 - 2015-09-04 18:04 - 000000000 ____D C:\Users\Tom\AppData\Local\{357E0322-11D6-6F9A-7C4E-4A725826B6EA}
2018-11-10 10:24 - 2016-07-14 00:03 - 000000266 _____ C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
2018-11-10 09:03 - 2016-09-18 09:25 - 000000266 _____ C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
2018-11-10 09:03 - 2016-03-29 20:03 - 000000262 _____ C:\Windows\Tasks\Update_Task.job
2018-11-10 07:46 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\system32\NDF
2018-11-10 05:26 - 2016-11-19 05:51 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla
2018-11-10 05:26 - 2014-07-15 19:08 - 000000000 ____D C:\ProgramData\Datamngr
2018-11-10 05:11 - 2018-01-25 06:40 - 000000000 ____D C:\Users\Tom\AppData\Local\Direc
2018-11-09 19:42 - 2014-04-16 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-09 19:41 - 2017-12-04 05:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-09 19:39 - 2014-05-20 17:23 - 000000000 ____D C:\Users\Tom\AppData\Local\Unity
2018-11-09 19:37 - 2014-06-29 10:30 - 000000000 ____D C:\Users\Tom\AppData\Local\Rocket
2018-11-09 17:39 - 2017-04-16 16:55 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-09 15:10 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-09 15:10 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-16 04:48 - 2010-11-21 10:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-12 16:33 - 2016-11-06 21:35 - 000000000 ____D C:\Users\Tom\AppData\Local\CrossCode
2018-10-12 14:24 - 2017-04-16 12:44 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-12 07:20 - 2014-03-14 09:25 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-10-12 07:17 - 2009-07-14 12:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-11 18:50 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\rescache
2018-10-11 08:43 - 2014-04-16 06:09 - 000000000 ____D C:\Users\jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-11 03:19 - 2014-04-16 06:42 - 000000000 ____D C:\Windows\system32\MRT
2018-10-11 03:13 - 2014-04-16 06:42 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-11 03:08 - 2011-02-10 21:33 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-03-12 19:07 - 2015-01-11 19:07 - 000000032 ____R () C:\ProgramData\hash.dat
2016-10-21 18:39 - 2016-10-21 18:39 - 003187734 _____ () C:\Users\Tom\AppData\Roaming\sb195.dat
2016-12-13 08:55 - 2016-12-13 08:55 - 003634196 _____ () C:\Users\Tom\AppData\Roaming\sb476.dat
2014-07-31 08:47 - 2018-09-09 18:42 - 000000503 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG
2014-12-02 06:39 - 2014-12-18 00:39 - 000000001 _____ () C:\Users\Tom\AppData\Local\DSI.DAT
2014-12-02 06:39 - 2014-12-02 06:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup1488231282.exe
2014-12-18 00:39 - 2014-12-18 00:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup3359250182.exe
2018-03-25 21:59 - 2018-03-25 21:59 - 000040960 _____ () C:\Users\Tom\AppData\Local\Web Data
2018-03-25 21:59 - 2018-03-25 21:59 - 000000512 _____ () C:\Users\Tom\AppData\Local\Web Data-journal
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C:\Users\Tom\AppData\Local\xdt9m2fvbr

Files to move or delete:
====================
C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job


Some files in TEMP:
====================
2014-05-22 08:55 - 2014-05-22 08:55 - 002936832 _____ () C:\Users\Tom\AppData\Local\Temp\ffmpeg16.exe
2014-05-29 13:56 - 2014-05-29 13:57 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
2014-05-24 11:53 - 2014-05-24 11:54 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer.exe
2016-05-16 18:00 - 2016-05-16 18:01 - 000000000 _____ () C:\Users\Tom\AppData\Local\Temp\GUR280F.exe
2015-01-23 19:03 - 2015-01-21 06:32 - 002124520 _____ () C:\Users\Tom\AppData\Local\Temp\Helper.DLL
2015-03-12 19:08 - 2015-03-12 19:08 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-3012483557483484761.dll
2015-03-12 19:40 - 2015-03-12 19:40 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-7151043099465511510.dll
2013-06-18 23:53 - 2013-06-18 23:53 - 000865424 ____N (CANON INC.) C:\Users\Tom\AppData\Local\Temp\MSETUP4.EXE
2015-04-11 19:04 - 2015-03-23 07:33 - 001792744 _____ () C:\Users\Tom\AppData\Local\Temp\MusicAppHelper.DLL
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130822301.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130823619.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824152.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824917.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130832216.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130835050.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130851423.dll
2018-03-11 20:09 - 2018-03-11 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180314001435848.dll
2018-03-15 10:15 - 2018-03-15 10:15 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315031541953.dll
2018-03-15 13:17 - 2018-03-15 13:17 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315133218571.dll
2018-03-16 20:24 - 2018-03-16 20:24 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318130924025.dll
2018-03-21 07:16 - 2018-03-21 07:16 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321001604795.dll
2018-03-21 20:09 - 2018-03-21 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321130925214.dll
2018-03-22 20:09 - 2018-03-22 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180322130924714.dll
2018-03-23 20:09 - 2018-03-23 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323130924452.dll
2018-03-24 06:42 - 2018-03-24 06:42 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323234211738.dll
2018-03-24 20:09 - 2018-03-24 20:09 - 001857024 _____ (Opera Software)

 

[malsaurus]

C:\Users\Tom\AppData\Local\Temp\Opera_installer_180324130923461.dll
2018-03-25 10:03 - 2018-03-25 10:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325030314080.dll
2018-03-25 10:53 - 2018-03-25 10:53 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325035300424.dll
2018-03-25 12:03 - 2018-03-25 12:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325050354224.dll
2018-03-25 20:09 - 2018-03-25 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180328132717552.dll
2018-03-30 10:42 - 2018-03-30 10:42 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180330034228662.dll
2018-04-01 13:44 - 2018-04-01 13:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401064436791.dll
2018-04-01 15:08 - 2018-04-01 15:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401080822166.dll
2018-04-01 20:09 - 2018-04-01 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401130923017.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740502.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740656.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740791.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740894.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131743947.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131744097.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131746304.dll
2018-04-02 08:27 - 2018-04-02 08:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402012709675.dll
2018-04-02 20:17 - 2018-04-02 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402131757707.dll
2018-04-03 07:25 - 2018-04-03 07:25 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403030929327.dll
2018-04-03 20:18 - 2018-04-03 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403131800132.dll
2018-04-03 20:34 - 2018-04-03 20:34 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403133404920.dll
2018-04-03 20:43 - 2018-04-03 20:43 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403134330427.dll
2018-04-03 20:57 - 2018-04-03 20:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403135749671.dll
2018-04-04 09:52 - 2018-04-04 09:52 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404025254232.dll
2018-04-04 12:57 - 2018-04-04 12:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404055706841.dll
2018-04-04 13:26 - 2018-04-04 13:26 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404062609230.dll
2018-04-04 14:22 - 2018-04-04 14:22 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404072202784.dll
2018-04-04 15:27 - 2018-04-04 15:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404082704587.dll
2018-04-04 20:17 - 2018-04-04 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404131758871.dll
2018-04-05 20:17 - 2018-04-05 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180405131757452.dll
2018-04-06 08:32 - 2018-04-06 08:32 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406013230995.dll
2018-04-06 08:41 - 2018-04-06 08:41 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406014114698.dll
2018-04-06 09:49 - 2018-04-06 09:49 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406024955766.dll
2018-04-06 10:24 - 2018-04-06 10:24 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406032408588.dll
2018-04-06 12:55 - 2018-04-06 12:55 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406055544648.dll
2018-04-06 16:12 - 2018-04-06 16:12 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406091226749.dll
2018-04-06 20:18 - 2018-04-06 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406131817058.dll
2018-04-08 10:18 - 2018-04-08 10:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408031842534.dll
2018-04-08 13:00 - 2018-04-08 13:00 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408060008326.dll
2018-04-08 21:48 - 2018-04-08 21:48 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408144823767.dll
2018-04-09 20:17 - 2018-04-09 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180409131757781.dll
2018-04-10 20:07 - 2018-04-10 20:07 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410130749447.dll
2018-04-10 20:17 - 2018-04-10 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410131756831.dll
2018-04-11 20:17 - 2018-04-11 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180411131757785.dll
2018-04-12 20:18 - 2018-04-12 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414131757035.dll
2018-04-15 10:40 - 2018-04-15 10:40 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180415034011422.dll
2018-04-16 11:28 - 2018-04-16 11:28 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416042840055.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027562.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027760.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028264.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028576.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030541.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030662.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043033561.dll
2018-04-16 21:56 - 2018-04-16 21:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180417043044605.dll
2018-04-19 19:17 - 2018-04-19 19:17 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180419121751055.dll
2018-04-21 22:06 - 2018-04-21 22:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421150601262.dll
2018-04-21 22:10 - 2018-04-21 22:10 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421151056879.dll
2018-04-22 11:35 - 2018-04-22 11:36 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180422043556502.dll
2018-04-24 18:52 - 2018-04-24 18:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180424115249153.dll
2018-04-25 11:30 - 2018-04-25 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180426232851539.dll
2018-04-27 16:35 - 2018-04-27 16:35 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180427093543465.dll
2018-04-29 13:45 - 2018-04-29 13:45 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180429064526831.dll
2018-04-30 19:56 - 2018-04-30 19:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430133452682.dll
2018-05-01 11:30 - 2018-05-01 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180501043043811.dll
2018-05-02 11:30 - 2018-05-02 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180502043044900.dll
2018-05-03 19:13 - 2018-05-03 19:13 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180504070639579.dll
2018-05-06 11:30 - 2018-05-06 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043043856.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144039.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144356.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144547.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144637.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146347.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146786.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043150052.dll
2018-05-07 11:32 - 2018-05-07 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180507043205156.dll
2018-05-08 19:29 - 2018-05-08 19:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180508122912386.dll
2018-05-09 22:52 - 2018-05-09 22:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180509155237351.dll
2018-05-10 12:26 - 2018-05-10 12:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180511170608518.dll
2018-05-12 14:19 - 2018-05-12 14:19 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513020441684.dll
2018-05-13 12:44 - 2018-05-13 12:44 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513054444780.dll
2018-05-15 15:50 - 2018-05-15 15:50 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180515085051153.dll
2018-05-16 18:11 - 2018-05-16 18:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180519131135448.dll
2018-05-21 16:26 - 2018-05-21 16:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180521092620739.dll
2018-05-24 20:04 - 2018-05-24 20:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130434676.dll
2018-05-24 20:07 - 2018-05-24 20:07 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130758830.dll
2018-05-25 18:49 - 2018-05-25 18:49 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180525114936143.dll
2018-05-27 11:29 - 2018-05-27 11:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527042936482.dll
2018-05-27 11:32 - 2018-05-27 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527043203417.dll
2018-05-29 12:41 - 2018-05-29 12:41 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180529054151671.dll
2018-03-10 20:05 - 2018-03-10 20:05 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201831057556.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729926.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730337.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834737307.dll
2018-03-05 17:23 - 2018-03-05 17:23 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_2018352315820.dll
2018-03-06 17:07 - 2018-03-06 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201836753120.dll
2018-03-07 17:07 - 2018-03-07 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201837752761.dll
2018-03-09 17:07 - 2018-03-09 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
2014-06-26 10:41 - 2014-06-26 11:08 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
2014-06-26 10:39 - 2014-06-26 11:20 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[1].exe
2014-06-26 11:26 - 2014-06-26 11:29 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[2].exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD. The user is not administrator

==================== End of FRST.txt ============================

 

[malsaurus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Tom (10-11-2018 10:55:36)
Running from C:\Users\Tom\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-252852572-1064671646-1800406956-500 - Administrator - Disabled)
Guest (S-1-5-21-252852572-1064671646-1800406956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limited - Enabled)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Administrator - Enabled) => C:\Users\jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Limited - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM-x32\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Chromium (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Chromium) (Version: 45.0.2444.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Music Toolbar) (Version: 5.0.0.13124 - iMesh Inc) <==== ATTENTION
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.002 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Search the Web (Yahoo) (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\{95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD}) (Version: - ) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE Rocket) (Version: - WSE Rocket) <==== ATTENTION
WSE_Astromenda (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\System32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\System32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\Windows\Tasks\Update_Task.job => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============

2014-07-15 19:08 - 2014-06-25 21:24 - 000743960 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\apcrtldr.dll
2014-08-08 13:38 - 2014-08-08 13:38 - 001173504 _____ () C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
2018-09-01 09:09 - 2018-10-10 11:17 - 001056032 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 09:34 - 2016-10-30 20:27 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9CF7717F-2010-4253-AA16-19FE8EA4BF73}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{0329C6F4-9488-4E86-B17F-652092300CAE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C369BE56-42BB-4198-8F6A-DEE8959B9CAA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{93423788-362C-4F4A-B6BB-51CEDCE1C385}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6ECCA7FB-75BD-4713-80B1-2FFC52216413}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{B2DEE43C-9749-46D5-86D4-E1AD3BD0A8FA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{CA65F636-2E2F-4F5B-AD2A-B490809EBBAC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{27CA3358-D5E8-4834-8D76-FCC84D4BA9DD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{140A36C7-FE07-4F1D-8D04-8C47C4E25BB8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{40EE594F-8D7A-42A9-B720-F2E09FA6FE21}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A4BBE909-B388-423E-B16C-F9181DD98C95}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{FF29D758-A94E-4D27-88F6-46C07B2FC0C9}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{ABC85B0D-21C7-4F04-A0E9-73CBCC9579FB}C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe] => (Block) C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe
FirewallRules: [UDP Query User{691260CF-C60C-4A72-B467-8BCCEDD8BEAC}C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe] => (Block) C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe
FirewallRules: [TCP Query User{C12BA0B1-7FCE-4E94-A94A-C433F43CF2F4}C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe] => (Block) C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe
FirewallRules: [UDP Query User{B123AE5C-E5E9-4E4F-A9ED-DC7122223EE9}C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe] => (Block) C:\users\tom\downloads\sanicball_v0.6_win\sanicball_v0.6_win\sanicball_v0.6.exe
FirewallRules: [{9544AA84-BBBF-4862-87FD-D3EDE71B46AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D98D9AC-6662-4161-8560-57553E4BE5FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A551C88-8E94-4AEA-86D4-267D9DCDBC71}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AB5C3F76-1AC0-48EE-BA23-369B3EC6D64B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{966AB22D-A81F-4D4D-9B0A-1FE4A48AED24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{31266E60-E0DA-43B2-A2F7-E0C1F637A585}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{899C566A-4E1F-4723-B29F-F3AD6219AB9A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BDEDD58A-9786-4CB6-9379-401115664500}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{13F8CCDA-DA71-4C55-A80A-A8F6A8A7A873}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{0811523A-E7EE-41FA-AFAD-5A8407487C80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F466C83D-B9B2-4B4A-A6AB-8D26EEB3448A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{E8D1FA73-CD16-4BE8-874D-EEE4E22A0C0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{07B8C7E7-7C24-4730-84F1-41ACDAFA8D9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4561772C-C6C0-4F89-8BAF-2E22F7E9DA59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{DBE9FD3D-CDA6-4452-88FF-BB3799E15712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{61EA9457-CAE8-4C9A-8516-DC2A8CE9CC3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{116E7F9E-32CB-451C-9A0C-C9325E6FEF06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A5AFE814-6B45-442C-8E8B-340EFBDC709D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{75C5F4F6-4BD8-4DB9-8F51-D55D109A7770}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{124EBD45-35A6-4247-9FD1-81027B60141D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{21F7ECEB-4D4E-46E2-A628-9D1509B5526B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{991CBD67-A939-4295-A1DE-457D84DDDA63}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39F36880-57B5-4BA7-A8A8-9E6D9DC816F1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{759ABF36-1380-4746-BEE2-FA13F62EA111}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3A6369EA-B508-45CA-8B02-4441B9227327}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe
FirewallRules: [{6AB3B199-CF3B-487D-851D-6732F7D69F8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe
FirewallRules: [{3CEAAC27-3312-43C7-B3B2-B2404B3FF48B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{CE6AC79A-DE61-4A2F-AD07-4AD1C325CAF2}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{7BD6D826-12F5-4C3D-BEEA-B61760F2A720}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{438363F6-44B4-4BB6-9E56-33B1CEE4BADC}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [TCP Query User{407E310C-BF9E-43FB-A431-8E93C7D582AE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{B8B68F0E-1EFA-4E01-A7A7-53810ACFED05}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{C68529EF-3E1F-49DA-99F2-B2A8AF5DC1D7}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E6223ECF-FB37-404E-AAD2-66D98A2B8E42}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{D5FD7E3B-40F3-445C-AD9E-141E0B863133}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{CADA0BC2-A443-43B3-B488-B95197FE6284}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{6C44A193-369E-4449-980C-87F2C854501D}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{D059686E-9117-4959-A9E8-329735FF8C11}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{89C680E3-75B7-4046-8E80-AA558A7F84DE}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E0675414-597D-4CC4-A006-C814CE302696}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{88577415-100B-486A-9692-DAE1A77A3B19}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F59CEC88-3787-4796-A17D-92C9C03EB721}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{79A57D12-5B41-40EA-AD13-6BE4EAC6EED6}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{422F3BA7-BD30-4601-A022-4FF9CC9244CF}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{85D4BC88-B380-4851-9F07-3FB3A371656A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{30317279-5100-4A1F-9908-044DA05D3E03}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{05307826-6799-437B-AF8B-95212F52E1CE}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{36CAB5CE-4E65-47A0-8355-2B4B3023424E}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{0B5A8CA5-F85C-4D34-855E-0B7B51486247}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{A4228451-0672-47C2-9A0F-38550D85EAEC}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{80DB1D4A-2045-4A58-933E-A7263E56994A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{9F700929-D218-40C0-B5F0-E68516163DCA}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [TCP Query User{79F3AA94-CAD1-4DFB-B30A-0058EA5B15F5}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [UDP Query User{1B9E6C43-69DE-49DA-A9D1-7EDF3506F32B}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Block) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [{C27E4CED-FA85-4370-AB48-87FBDAAB0C49}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{9290E379-E4D9-4725-ADFC-CA7498735732}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{97BA10B5-8CC3-4EFC-9080-337BECF5CAAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70B1E7C2-08F8-4219-ADFC-9A792B97DDBA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1644AF7B-40F5-4EB0-BDBF-DB9F4DAE59B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B50B0672-109F-45CA-9BE9-D1F0526AE257}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6CDCD51A-C31D-4714-9752-BF3BFE1A7613}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: MpKsl9b5e44a7
Description: MpKsl9b5e44a7
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl9b5e44a7
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2018 05:56:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.1.7600.16385, time stamp: 0x4a5bcc33
Faulting module name: FunDisc.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bdf11
Exception code: 0xc0000005
Fault offset: 0x000007fef9272664
Faulting process id: 0x1238
Faulting application start time: 0x01d47818a52422ae
Faulting application path: C:\Windows\system32\WLANExt.exe
Faulting module path: FunDisc.dll
Report Id: 22e34cb7-e40e-11e8-ab34-342387de9750

Error: (10/12/2018 07:18:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/11/2018 11:06:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Pokemon.exe, version: 1.0.0.0, time stamp: 0x539d91b0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24260, time stamp: 0x5b946d85
Exception code: 0xe0434352
Fault offset: 0x0000c54f
Faulting process id: 0x16d0
Faulting application start time: 0x01d46117bf92f333
Faulting application path: C:\Users\Tom\Downloads\Pokemon\Pokemon.exe
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: fde2fc11-cd0a-11e8-af2f-342387de9750

Error: (10/11/2018 11:06:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Pokemon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at _2._5DHero.Program.Main(System.String[])

Error: (10/11/2018 08:41:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Pokemon.exe, version: 1.0.0.0, time stamp: 0x539d91b0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24260, time stamp: 0x5b946d85
Exception code: 0xe0434352
Fault offset: 0x0000c54f
Faulting process id: 0x9cc
Faulting application start time: 0x01d46103891c4173
Faulting application path: C:\Users\Tom\Downloads\Pokemon\Pokemon.exe
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: c6d31553-ccf6-11e8-af2f-342387de9750

Error: (10/11/2018 08:41:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Pokemon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at _2._5DHero.Program.Main(System.String[])

Error: (10/11/2018 08:41:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Pokemon.exe, version: 1.0.0.0, time stamp: 0x539d91b0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24260, time stamp: 0x5b946d85
Exception code: 0xe0434352
Fault offset: 0x0000c54f
Faulting process id: 0x1660
Faulting application start time: 0x01d461037f7fa29c
Faulting application path: C:\Users\Tom\Downloads\Pokemon\Pokemon.exe
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: bda53f7b-ccf6-11e8-af2f-342387de9750

Error: (10/11/2018 08:41:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Pokemon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at _2._5DHero.Program.Main(System.String[])


System errors:
=============
Error: (11/10/2018 10:05:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer9 service.

Error: (11/10/2018 07:21:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.

Error: (11/10/2018 06:19:52 AM) (Source: DCOM) (EventID: 10016) (User: TomDell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B77C4C36-0154-4C52-AB49-FAA03837E47F}
and APPID
{EA022610-0748-4C24-B229-6C507EBDFDBB}
to the user TomDell\Tom SID (S-1-5-21-252852572-1064671646-1800406956-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 05:43:13 AM) (Source: DCOM) (EventID: 10016) (User: TomDell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{B77C4C36-0154-4C52-AB49-FAA03837E47F}
and APPID
{EA022610-0748-4C24-B229-6C507EBDFDBB}
to the user TomDell\Tom SID (S-1-5-21-252852572-1064671646-1800406956-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/09/2018 07:54:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} did not register with DCOM within the required timeout.

Error: (11/09/2018 06:08:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DbxSvc service failed to start due to the following error:
The system cannot find the file specified.

Error: (11/09/2018 05:56:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (11/09/2018 02:50:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 78%
Total physical RAM: 3984.36 MB
Available physical RAM: 864.02 MB
Total Virtual: 7966.86 MB
Available Virtual: 2676.28 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:447.47 GB) (Free:323.2 GB) NTFS

\\?\Volume{85aa1dd8-ab1b-11e3-ad87-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:18.25 GB) (Free:8.74 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

 

[Broni]

According to the log:

Ran by Tom (ATTENTION: The user is not administrator)

You'll have to re-run FRST scan from administrative account.

 

[malsaurus]

Alright.

 

[malsaurus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Tom (administrator) on TOMDELL (10-11-2018 12:01:49)
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available Profiles: jl & Tom)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
() C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_31_0_0_122_ActiveX.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-09-05] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe [70168 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl64] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe [82456 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrlc] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3823128 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [BRS] => C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe [1173504 2014-08-08] ()
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C:\Users\Tom\AppData\Local\Chromium\Application\chrome.exe [663552 2015-06-28] (The Chromium Authors)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-09] (Valve Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [KakaoTalk] => "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup
HKU\S-1-5-18\...\RunOnce: [JavaInstallRetry] => RUNONCE=1 SPONSORS=0
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-252852572-1064671646-1800406956-1001\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131130558221447530&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131802431285607286&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1797486999&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0BtA0AyD0CtDyEtG0AyByBtAtGzzyD0B0CtGyCtC0E0FtGtC0BtAtD0F0ByE0A0E0F0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1712688768&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=&systemid=&v=a15946-1205&apn_uid=4431050210474885&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1066&systemid=1&v=n13124-409&apn_uid=9434405932554208&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 [2018-11-10]
FF Homepage: Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 -> hxxps://id.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_44_orgnl&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Did%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB%26cr%3D1609883092%26a%3Dhdr_s_17_44_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858\searchplugins\yhs.xml [2018-01-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/O1DPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; c:\program files\my dell\pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \??\C:\Windows\system32\drivers\mmaennbv.sys [X]
S1 MpKsl9b5e44a7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06717DA4-6C54-415D-AA4E-217CE011D206}\MpKsl9b5e44a7.sys [X]
S1 niatpxbo; \??\C:\Windows\system32\drivers\niatpxbo.sys [X]
S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X] <==== ATTENTION
S1 spaltjok; \??\C:\Windows\system32\drivers\spaltjok.sys [X]
S1 szftsrbn; \??\C:\Windows\system32\drivers\szftsrbn.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Tom\Downloads\Titanfall Rap by JT Machinima, THK and Borderline Disaster - "
2018-11-10 12:04 - 2018-11-10 12:05 - 000000000 ___RD C:\Users\Tom\Dropbox
2018-11-10 12:04 - 2018-11-10 12:04 - 000001228 _____ C:\Users\Tom\Desktop\Dropbox.lnk
2018-11-10 10:55 - 2018-11-10 10:57 - 000036871 _____ C:\Users\Tom\Downloads\Addition.txt
2018-11-10 10:51 - 2018-11-10 12:07 - 000023561 _____ C:\Users\Tom\Downloads\FRST.txt
2018-11-10 10:47 - 2018-11-10 10:47 - 000000000 ____D C:\Users\Tom\Downloads\FRST-OlderVersion
2018-11-10 10:46 - 2018-11-10 12:01 - 000000000 ____D C:\FRST
2018-11-10 10:45 - 2018-11-10 12:01 - 002415616 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-09 18:05 - 2018-11-09 18:05 - 000000000 ____D C:\Users\jl\AppData\Roaming\Dropbox
2018-11-09 18:03 - 2018-11-10 11:55 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-09 18:03 - 2018-11-10 11:08 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-09 18:03 - 2018-11-09 18:03 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-11-09 18:03 - 2018-11-09 18:03 - 000003644 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-11-09 18:02 - 2018-11-09 18:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-09 17:44 - 2018-11-10 12:04 - 000000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2018-11-09 17:44 - 2018-11-10 11:52 - 000000000 ____D C:\Users\jl\AppData\Local\Dropbox
2018-11-09 17:44 - 2018-11-09 18:02 - 000696608 _____ (Dropbox, Inc.) C:\Users\Tom\Downloads\DropboxInstaller.exe
2018-11-09 17:44 - 2018-11-09 17:44 - 000000000 ____D C:\ProgramData\Dropbox
2018-11-06 20:06 - 2018-11-06 20:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-12 11:49 - 2018-10-12 11:49 - 000000020 _____ C:\Users\Tom\Desktop\SOUL.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 12:06 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-10 12:06 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-10 12:05 - 2016-09-18 09:25 - 000000266 _____ C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
2018-11-10 12:04 - 2014-04-16 14:17 - 000000000 ____D C:\Users\Tom
2018-11-10 12:03 - 2016-03-29 20:03 - 000000262 _____ C:\Windows\Tasks\Update_Task.job
2018-11-10 12:03 - 2014-03-14 09:25 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-11-10 11:59 - 2017-04-16 12:44 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-10 11:56 - 2014-07-15 19:08 - 000000000 ____D C:\ProgramData\Datamngr
2018-11-10 11:55 - 2014-04-16 14:17 - 000003956 __RSH C:\Users\Tom\ntuser.pol
2018-11-10 11:54 - 2017-12-04 05:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-10 11:54 - 2014-04-16 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-10 11:54 - 2009-07-14 12:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-10 11:44 - 2014-04-16 06:14 - 000086072 _____ C:\Users\jl\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-10 11:42 - 2017-11-05 07:06 - 000000266 _____ C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job
2018-11-10 11:23 - 2016-07-14 00:03 - 000000266 _____ C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
2018-11-10 10:42 - 2015-09-04 18:04 - 000000000 ____D C:\Users\Tom\AppData\Local\{357E0322-11D6-6F9A-7C4E-4A725826B6EA}
2018-11-10 07:46 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\system32\NDF
2018-11-10 05:26 - 2016-11-19 05:51 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla
2018-11-10 05:11 - 2018-01-25 06:40 - 000000000 ____D C:\Users\Tom\AppData\Local\Direc
2018-11-09 19:39 - 2014-05-20 17:23 - 000000000 ____D C:\Users\Tom\AppData\Local\Unity
2018-11-09 19:37 - 2014-06-29 10:30 - 000000000 ____D C:\Users\Tom\AppData\Local\Rocket
2018-11-09 17:39 - 2017-04-16 16:55 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-16 04:48 - 2010-11-21 10:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-12 16:33 - 2016-11-06 21:35 - 000000000 ____D C:\Users\Tom\AppData\Local\CrossCode
2018-10-11 18:50 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\rescache
2018-10-11 08:43 - 2014-04-16 06:09 - 000000000 ____D C:\Users\jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-11 03:19 - 2014-04-16 06:42 - 000000000 ____D C:\Windows\system32\MRT
2018-10-11 03:13 - 2014-04-16 06:42 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-11 03:08 - 2011-02-10 21:33 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-03-12 19:07 - 2015-01-11 19:07 - 000000032 ____R () C:\ProgramData\hash.dat
2016-10-21 18:39 - 2016-10-21 18:39 - 003187734 _____ () C:\Users\Tom\AppData\Roaming\sb195.dat
2016-12-13 08:55 - 2016-12-13 08:55 - 003634196 _____ () C:\Users\Tom\AppData\Roaming\sb476.dat
2014-07-31 08:47 - 2018-09-09 18:42 - 000000503 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG
2014-12-02 06:39 - 2014-12-18 00:39 - 000000001 _____ () C:\Users\Tom\AppData\Local\DSI.DAT
2014-12-02 06:39 - 2014-12-02 06:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup1488231282.exe
2014-12-18 00:39 - 2014-12-18 00:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup3359250182.exe
2018-03-25 21:59 - 2018-03-25 21:59 - 000040960 _____ () C:\Users\Tom\AppData\Local\Web Data
2018-03-25 21:59 - 2018-03-25 21:59 - 000000512 _____ () C:\Users\Tom\AppData\Local\Web Data-journal
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C:\Users\Tom\AppData\Local\xdt9m2fvbr

Files to move or delete:
====================
C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job


Some files in TEMP:
====================
2015-06-25 07:53 - 2015-06-25 07:53 - 000026936 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\DseShExt-x64.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000028984 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\DseShExt-x86.dll
2013-06-18 23:53 - 2013-06-18 23:53 - 000865424 ____N (CANON INC.) C:\Users\jl\AppData\Local\Temp\MSETUP4.EXE
2011-03-14 19:31 - 2011-03-14 19:31 - 000149352 ____R (Microsoft Corporation) C:\Users\jl\AppData\Local\Temp\ose00000.exe
2015-06-25 07:53 - 2015-06-25 07:53 - 000032568 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\SDShelEx-win32.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000032056 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\SDShelEx-x64.dll
2014-05-22 08:55 - 2014-05-22 08:55 - 002936832 _____ () C:\Users\Tom\AppData\Local\Temp\ffmpeg16.exe
2014-05-29 13:56 - 2014-05-29 13:57 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
2014-05-24 11:53 - 2014-05-24 11:54 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer.exe
2016-05-16 18:00 - 2016-05-16 18:01 - 000000000 _____ () C:\Users\Tom\AppData\Local\Temp\GUR280F.exe
2015-01-23 19:03 - 2015-01-21 06:32 - 002124520 _____ () C:\Users\Tom\AppData\Local\Temp\Helper.DLL
2015-03-12 19:08 - 2015-03-12 19:08 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-3012483557483484761.dll
2015-03-12 19:40 - 2015-03-12 19:40 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-7151043099465511510.dll
2013-06-18 23:53 - 2013-06-18 23:53 - 000865424 ____N (CANON INC.) C:\Users\Tom\AppData\Local\Temp\MSETUP4.EXE
2015-04-11 19:04 - 2015-03-23 07:33 - 001792744 _____ () C:\Users\Tom\AppData\Local\Temp\MusicAppHelper.DLL
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130822301.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130823619.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824152.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824917.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130832216.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130835050.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130851423.dll
2018-03-11 20:09 - 2018-03-11 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180314001435848.dll
2018-03-15 10:15 - 2018-03-15 10:15 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315031541953.dll
2018-03-15 13:17 - 2018-03-15 13:17 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315133218571.dll
2018-03-16 20:24 - 2018-03-16 20:24 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318130924025.dll
2018-03-21 07:16 - 2018-03-21 07:16 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321001604795.dll
2018-03-21 20:09 - 2018-03-21 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321130925214.dll
2018-03-22 20:09 - 2018-03-22 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180322130924714.dll
2018-03-23 20:09 - 2018-03-23 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323130924452.dll
2018-03-24 06:42 - 2018-03-24 06:42 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323234211738.dll
2018-03-24 20:09 - 2018-03-24 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180324130923461.dll
2018-03-25 10:03 - 2018-03-25 10:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325030314080.dll
2018-03-25 10:53 - 2018-03-25 10:53 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325035300424.dll
2018-03-25 12:03 - 2018-03-25 12:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325050354224.dll
2018-03-25 20:09 - 2018-03-25 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180328132717552.dll
2018-03-30 10:42 - 2018-03-30 10:42 - 001857024 _____ (Opera Software)

 

[malsaurus]

C:\Users\Tom\AppData\Local\Temp\Opera_installer_180330034228662.dll
2018-04-01 13:44 - 2018-04-01 13:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401064436791.dll
2018-04-01 15:08 - 2018-04-01 15:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401080822166.dll
2018-04-01 20:09 - 2018-04-01 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401130923017.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740502.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740656.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740791.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740894.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131743947.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131744097.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131746304.dll
2018-04-02 08:27 - 2018-04-02 08:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402012709675.dll
2018-04-02 20:17 - 2018-04-02 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402131757707.dll
2018-04-03 07:25 - 2018-04-03 07:25 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403030929327.dll
2018-04-03 20:18 - 2018-04-03 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403131800132.dll
2018-04-03 20:34 - 2018-04-03 20:34 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403133404920.dll
2018-04-03 20:43 - 2018-04-03 20:43 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403134330427.dll
2018-04-03 20:57 - 2018-04-03 20:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403135749671.dll
2018-04-04 09:52 - 2018-04-04 09:52 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404025254232.dll
2018-04-04 12:57 - 2018-04-04 12:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404055706841.dll
2018-04-04 13:26 - 2018-04-04 13:26 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404062609230.dll
2018-04-04 14:22 - 2018-04-04 14:22 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404072202784.dll
2018-04-04 15:27 - 2018-04-04 15:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404082704587.dll
2018-04-04 20:17 - 2018-04-04 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404131758871.dll
2018-04-05 20:17 - 2018-04-05 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180405131757452.dll
2018-04-06 08:32 - 2018-04-06 08:32 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406013230995.dll
2018-04-06 08:41 - 2018-04-06 08:41 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406014114698.dll
2018-04-06 09:49 - 2018-04-06 09:49 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406024955766.dll
2018-04-06 10:24 - 2018-04-06 10:24 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406032408588.dll
2018-04-06 12:55 - 2018-04-06 12:55 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406055544648.dll
2018-04-06 16:12 - 2018-04-06 16:12 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406091226749.dll
2018-04-06 20:18 - 2018-04-06 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406131817058.dll
2018-04-08 10:18 - 2018-04-08 10:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408031842534.dll
2018-04-08 13:00 - 2018-04-08 13:00 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408060008326.dll
2018-04-08 21:48 - 2018-04-08 21:48 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408144823767.dll
2018-04-09 20:17 - 2018-04-09 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180409131757781.dll
2018-04-10 20:07 - 2018-04-10 20:07 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410130749447.dll
2018-04-10 20:17 - 2018-04-10 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410131756831.dll
2018-04-11 20:17 - 2018-04-11 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180411131757785.dll
2018-04-12 20:18 - 2018-04-12 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414131757035.dll
2018-04-15 10:40 - 2018-04-15 10:40 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180415034011422.dll
2018-04-16 11:28 - 2018-04-16 11:28 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416042840055.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027562.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027760.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028264.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028576.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030541.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030662.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043033561.dll
2018-04-16 21:56 - 2018-04-16 21:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180417043044605.dll
2018-04-19 19:17 - 2018-04-19 19:17 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180419121751055.dll
2018-04-21 22:06 - 2018-04-21 22:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421150601262.dll
2018-04-21 22:10 - 2018-04-21 22:10 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421151056879.dll
2018-04-22 11:35 - 2018-04-22 11:36 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180422043556502.dll
2018-04-24 18:52 - 2018-04-24 18:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180424115249153.dll
2018-04-25 11:30 - 2018-04-25 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180426232851539.dll
2018-04-27 16:35 - 2018-04-27 16:35 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180427093543465.dll
2018-04-29 13:45 - 2018-04-29 13:45 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180429064526831.dll
2018-04-30 19:56 - 2018-04-30 19:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430133452682.dll
2018-05-01 11:30 - 2018-05-01 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180501043043811.dll
2018-05-02 11:30 - 2018-05-02 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180502043044900.dll
2018-05-03 19:13 - 2018-05-03 19:13 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180504070639579.dll
2018-05-06 11:30 - 2018-05-06 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043043856.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144039.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144356.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144547.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144637.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146347.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146786.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043150052.dll
2018-05-07 11:32 - 2018-05-07 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180507043205156.dll
2018-05-08 19:29 - 2018-05-08 19:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180508122912386.dll
2018-05-09 22:52 - 2018-05-09 22:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180509155237351.dll
2018-05-10 12:26 - 2018-05-10 12:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180511170608518.dll
2018-05-12 14:19 - 2018-05-12 14:19 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513020441684.dll
2018-05-13 12:44 - 2018-05-13 12:44 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513054444780.dll
2018-05-15 15:50 - 2018-05-15 15:50 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180515085051153.dll
2018-05-16 18:11 - 2018-05-16 18:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180519131135448.dll
2018-05-21 16:26 - 2018-05-21 16:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180521092620739.dll
2018-05-24 20:04 - 2018-05-24 20:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130434676.dll
2018-05-24 20:07 - 2018-05-24 20:07 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130758830.dll
2018-05-25 18:49 - 2018-05-25 18:49 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180525114936143.dll
2018-05-27 11:29 - 2018-05-27 11:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527042936482.dll
2018-05-27 11:32 - 2018-05-27 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527043203417.dll
2018-05-29 12:41 - 2018-05-29 12:41 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180529054151671.dll
2018-03-10 20:05 - 2018-03-10 20:05 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201831057556.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729926.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730337.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834737307.dll
2018-03-05 17:23 - 2018-03-05 17:23 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_2018352315820.dll
2018-03-06 17:07 - 2018-03-06 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201836753120.dll
2018-03-07 17:07 - 2018-03-07 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201837752761.dll
2018-03-09 17:07 - 2018-03-09 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
2014-06-26 10:41 - 2014-06-26 11:08 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
2014-06-26 10:39 - 2014-06-26 11:20 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[1].exe
2014-06-26 11:26 - 2014-06-26 11:29 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[2].exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-09 17:00

==================== End of FRST.txt ============================

 

[malsaurus]

Can't post the addition, the site believes I'm spamming.

 

[malsaurus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Tom (administrator) on TOMDELL (10-11-2018 12:20:06)
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available Profiles: jl & Tom)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
() C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
(iMesh Inc) C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_31_0_0_122_ActiveX.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-09-05] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\sysctrl.exe [70168 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrl64] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\sysctrl.exe [82456 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [sysctrlc] => C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3823128 2014-06-25] (iMesh Inc)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [BRS] => C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe [1173504 2014-08-08] ()
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Google Update] => C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C:\Users\Tom\AppData\Local\Chromium\Application\chrome.exe [663552 2015-06-28] (The Chromium Authors)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-09] (Valve Corporation)
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Run: [KakaoTalk] => "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup
HKU\S-1-5-18\...\RunOnce: [JavaInstallRetry] => RUNONCE=1 SPONSORS=0
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-252852572-1064671646-1800406956-1001\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131130558221447530&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131802431285607286&GUID=DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1797486999&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_frmr_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFtCtCtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0BtA0AyD0CtDyEtG0AyByBtAtGzzyD0B0CtGyCtC0E0FtGtC0BtAtD0F0ByE0A0E0F0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q&cr=1712688768&ir=
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=&systemid=&v=a15946-1205&apn_uid=4431050210474885&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1066&systemid=1&v=n13124-409&apn_uid=9434405932554208&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 [2018-11-10]
FF Homepage: Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858 -> hxxps://id.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_44_orgnl&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Did%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB%26cr%3D1609883092%26a%3Dhdr_s_17_44_orgnl%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\6mnczrhu.default-1509552401858\searchplugins\yhs.xml [2018-01-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @talk.google.com/O1DPlugin -> C:\Users\Tom\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-252852572-1064671646-1800406956-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tom\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; c:\program files\my dell\pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \??\C:\Windows\system32\drivers\mmaennbv.sys [X]
S1 MpKsl9b5e44a7; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06717DA4-6C54-415D-AA4E-217CE011D206}\MpKsl9b5e44a7.sys [X]
S1 niatpxbo; \??\C:\Windows\system32\drivers\niatpxbo.sys [X]
S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X] <==== ATTENTION
S1 spaltjok; \??\C:\Windows\system32\drivers\spaltjok.sys [X]
S1 szftsrbn; \??\C:\Windows\system32\drivers\szftsrbn.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Tom\Downloads\Titanfall Rap by JT Machinima, THK and Borderline Disaster - "
2018-11-10 12:04 - 2018-11-10 12:05 - 000000000 ___RD C:\Users\Tom\Dropbox
2018-11-10 12:04 - 2018-11-10 12:04 - 000001228 _____ C:\Users\Tom\Desktop\Dropbox.lnk
2018-11-10 10:55 - 2018-11-10 12:10 - 000056434 _____ C:\Users\Tom\Downloads\Addition.txt
2018-11-10 10:51 - 2018-11-10 12:20 - 000023636 _____ C:\Users\Tom\Downloads\FRST.txt
2018-11-10 10:47 - 2018-11-10 10:47 - 000000000 ____D C:\Users\Tom\Downloads\FRST-OlderVersion
2018-11-10 10:46 - 2018-11-10 12:20 - 000000000 ____D C:\FRST
2018-11-10 10:45 - 2018-11-10 12:01 - 002415616 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-09 18:05 - 2018-11-09 18:05 - 000000000 ____D C:\Users\jl\AppData\Roaming\Dropbox
2018-11-09 18:03 - 2018-11-10 12:08 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-09 18:03 - 2018-11-10 11:55 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-09 18:03 - 2018-11-09 18:03 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-11-09 18:03 - 2018-11-09 18:03 - 000003644 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-11-09 18:02 - 2018-11-09 18:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-09 17:44 - 2018-11-10 12:04 - 000000000 ____D C:\Users\Tom\AppData\Local\Dropbox
2018-11-09 17:44 - 2018-11-10 11:52 - 000000000 ____D C:\Users\jl\AppData\Local\Dropbox
2018-11-09 17:44 - 2018-11-09 18:02 - 000696608 _____ (Dropbox, Inc.) C:\Users\Tom\Downloads\DropboxInstaller.exe
2018-11-09 17:44 - 2018-11-09 17:44 - 000000000 ____D C:\ProgramData\Dropbox
2018-11-06 20:06 - 2018-11-06 20:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 20:06 - 2018-11-06 20:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-12 11:49 - 2018-10-12 11:49 - 000000020 _____ C:\Users\Tom\Desktop\SOUL.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

 

[malsaurus]

2018-11-10 12:18 - 2014-03-14 09:25 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-11-10 12:06 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-10 12:06 - 2009-07-14 11:45 - 000030704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-10 12:05 - 2016-09-18 09:25 - 000000266 _____ C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
2018-11-10 12:04 - 2014-04-16 14:17 - 000000000 ____D C:\Users\Tom
2018-11-10 12:03 - 2016-03-29 20:03 - 000000262 _____ C:\Windows\Tasks\Update_Task.job
2018-11-10 11:59 - 2017-04-16 12:44 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-10 11:56 - 2014-07-15 19:08 - 000000000 ____D C:\ProgramData\Datamngr
2018-11-10 11:55 - 2014-04-16 14:17 - 000003956 __RSH C:\Users\Tom\ntuser.pol
2018-11-10 11:54 - 2017-12-04 05:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-10 11:54 - 2014-04-16 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-10 11:54 - 2009-07-14 12:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-10 11:44 - 2014-04-16 06:14 - 000086072 _____ C:\Users\jl\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-10 11:42 - 2017-11-05 07:06 - 000000266 _____ C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job
2018-11-10 11:23 - 2016-07-14 00:03 - 000000266 _____ C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
2018-11-10 10:42 - 2015-09-04 18:04 - 000000000 ____D C:\Users\Tom\AppData\Local\{357E0322-11D6-6F9A-7C4E-4A725826B6EA}
2018-11-10 07:46 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\system32\NDF
2018-11-10 05:26 - 2016-11-19 05:51 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla
2018-11-10 05:11 - 2018-01-25 06:40 - 000000000 ____D C:\Users\Tom\AppData\Local\Direc
2018-11-09 19:39 - 2014-05-20 17:23 - 000000000 ____D C:\Users\Tom\AppData\Local\Unity
2018-11-09 19:37 - 2014-06-29 10:30 - 000000000 ____D C:\Users\Tom\AppData\Local\Rocket
2018-11-09 17:39 - 2017-04-16 16:55 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-16 04:48 - 2010-11-21 10:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-12 16:33 - 2016-11-06 21:35 - 000000000 ____D C:\Users\Tom\AppData\Local\CrossCode
2018-10-11 18:50 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\rescache
2018-10-11 08:43 - 2014-04-16 06:09 - 000000000 ____D C:\Users\jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C:\Windows\inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-11 03:19 - 2014-04-16 06:42 - 000000000 ____D C:\Windows\system32\MRT
2018-10-11 03:13 - 2014-04-16 06:42 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-10-11 03:08 - 2011-02-10 21:33 - 000767916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-03-12 19:07 - 2015-01-11 19:07 - 000000032 ____R () C:\ProgramData\hash.dat
2016-10-21 18:39 - 2016-10-21 18:39 - 003187734 _____ () C:\Users\Tom\AppData\Roaming\sb195.dat
2016-12-13 08:55 - 2016-12-13 08:55 - 003634196 _____ () C:\Users\Tom\AppData\Roaming\sb476.dat
2014-07-31 08:47 - 2018-09-09 18:42 - 000000503 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG
2014-12-02 06:39 - 2014-12-18 00:39 - 000000001 _____ () C:\Users\Tom\AppData\Local\DSI.DAT
2014-12-02 06:39 - 2014-12-02 06:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup1488231282.exe
2014-12-18 00:39 - 2014-12-18 00:39 - 000022528 _____ () C:\Users\Tom\AppData\Local\dsisetup3359250182.exe
2018-03-25 21:59 - 2018-03-25 21:59 - 000040960 _____ () C:\Users\Tom\AppData\Local\Web Data
2018-03-25 21:59 - 2018-03-25 21:59 - 000000512 _____ () C:\Users\Tom\AppData\Local\Web Data-journal
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C:\Users\Tom\AppData\Local\xdt9m2fvbr

Files to move or delete:
====================
C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job
C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job
C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job


Some files in TEMP:
====================
2015-06-25 07:53 - 2015-06-25 07:53 - 000026936 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\DseShExt-x64.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000028984 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\DseShExt-x86.dll
2013-06-18 23:53 - 2013-06-18 23:53 - 000865424 ____N (CANON INC.) C:\Users\jl\AppData\Local\Temp\MSETUP4.EXE
2011-03-14 19:31 - 2011-03-14 19:31 - 000149352 ____R (Microsoft Corporation) C:\Users\jl\AppData\Local\Temp\ose00000.exe
2015-06-25 07:53 - 2015-06-25 07:53 - 000032568 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\SDShelEx-win32.dll
2015-06-25 07:53 - 2015-06-25 07:53 - 000032056 _____ (TuneUp Software) C:\Users\jl\AppData\Local\Temp\SDShelEx-x64.dll
2014-05-22 08:55 - 2014-05-22 08:55 - 002936832 _____ () C:\Users\Tom\AppData\Local\Temp\ffmpeg16.exe
2014-05-29 13:56 - 2014-05-29 13:57 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
2014-05-24 11:53 - 2014-05-24 11:54 - 017938608 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer.exe
2016-05-16 18:00 - 2016-05-16 18:01 - 000000000 _____ () C:\Users\Tom\AppData\Local\Temp\GUR280F.exe
2015-01-23 19:03 - 2015-01-21 06:32 - 002124520 _____ () C:\Users\Tom\AppData\Local\Temp\Helper.DLL
2015-03-12 19:08 - 2015-03-12 19:08 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-3012483557483484761.dll
2015-03-12 19:40 - 2015-03-12 19:40 - 000058368 ____N () C:\Users\Tom\AppData\Local\Temp\jshortcut-7151043099465511510.dll
2013-06-18 23:53 - 2013-06-18 23:53 - 000865424 ____N (CANON INC.) C:\Users\Tom\AppData\Local\Temp\MSETUP4.EXE
2015-04-11 19:04 - 2015-03-23 07:33 - 001792744 _____ () C:\Users\Tom\AppData\Local\Temp\MusicAppHelper.DLL
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130822301.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130823619.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824152.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130824917.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130832216.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130835050.dll
2018-03-10 20:08 - 2018-03-10 20:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180310130851423.dll
2018-03-11 20:09 - 2018-03-11 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180314001435848.dll
2018-03-15 10:15 - 2018-03-15 10:15 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315031541953.dll
2018-03-15 13:17 - 2018-03-15 13:17 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180315133218571.dll
2018-03-16 20:24 - 2018-03-16 20:24 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180318130924025.dll
2018-03-21 07:16 - 2018-03-21 07:16 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321001604795.dll
2018-03-21 20:09 - 2018-03-21 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180321130925214.dll
2018-03-22 20:09 - 2018-03-22 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180322130924714.dll
2018-03-23 20:09 - 2018-03-23 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323130924452.dll
2018-03-24 06:42 - 2018-03-24 06:42 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180323234211738.dll
2018-03-24 20:09 - 2018-03-24 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180324130923461.dll
2018-03-25 10:03 - 2018-03-25 10:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325030314080.dll
2018-03-25 10:53 - 2018-03-25 10:53 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325035300424.dll
2018-03-25 12:03 - 2018-03-25 12:03 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325050354224.dll
2018-03-25 20:09 - 2018-03-25 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180328132717552.dll
2018-03-30 10:42 - 2018-03-30 10:42 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180330034228662.dll
2018-04-01 13:44 - 2018-04-01 13:44 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401064436791.dll
2018-04-01 15:08 - 2018-04-01 15:08 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401080822166.dll
2018-04-01 20:09 - 2018-04-01 20:09 - 001857024 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401130923017.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740502.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740656.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740791.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131740894.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131743947.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131744097.dll
2018-04-01 20:17 - 2018-04-01 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180401131746304.dll
2018-04-02 08:27 - 2018-04-02 08:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402012709675.dll
2018-04-02 20:17 - 2018-04-02 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180402131757707.dll
2018-04-03 07:25 - 2018-04-03 07:25 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403030929327.dll
2018-04-03 20:18 - 2018-04-03 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403131800132.dll
2018-04-03 20:34 - 2018-04-03 20:34 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403133404920.dll
2018-04-03 20:43 - 2018-04-03 20:43 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403134330427.dll
2018-04-03 20:57 - 2018-04-03 20:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180403135749671.dll
2018-04-04 09:52 - 2018-04-04 09:52 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404025254232.dll
2018-04-04 12:57 - 2018-04-04 12:57 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404055706841.dll
2018-04-04 13:26 - 2018-04-04 13:26 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404062609230.dll
2018-04-04 14:22 - 2018-04-04 14:22 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404072202784.dll
2018-04-04 15:27 - 2018-04-04 15:27 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404082704587.dll
2018-04-04 20:17 - 2018-04-04 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180404131758871.dll
2018-04-05 20:17 - 2018-04-05 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180405131757452.dll
2018-04-06 08:32 - 2018-04-06 08:32 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406013230995.dll
2018-04-06 08:41 - 2018-04-06 08:41 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406014114698.dll
2018-04-06 09:49 - 2018-04-06 09:49 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406024955766.dll
2018-04-06 10:24 - 2018-04-06 10:24 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406032408588.dll
2018-04-06 12:55 - 2018-04-06 12:55 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406055544648.dll
2018-04-06 16:12 - 2018-04-06 16:12 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406091226749.dll
2018-04-06 20:18 - 2018-04-06 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180406131817058.dll
2018-04-08 10:18 - 2018-04-08 10:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408031842534.dll
2018-04-08 13:00 - 2018-04-08 13:00 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408060008326.dll
2018-04-08 21:48 - 2018-04-08 21:48 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180408144823767.dll
2018-04-09 20:17 - 2018-04-09 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180409131757781.dll
2018-04-10 20:07 - 2018-04-10 20:07 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410130749447.dll
2018-04-10 20:17 - 2018-04-10 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180410131756831.dll
2018-04-11 20:17 - 2018-04-11 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180411131757785.dll
2018-04-12 20:18 - 2018-04-12 20:18 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180414131757035.dll
2018-04-15 10:40 - 2018-04-15 10:40 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180415034011422.dll
2018-04-16 11:28 - 2018-04-16 11:28 - 001876992 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416042840055.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027562.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043027760.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028264.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043028576.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030541.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043030662.dll
2018-04-16 11:30 - 2018-04-16 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416043033561.dll
2018-04-16 21:56 - 2018-04-16 21:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180417043044605.dll
2018-04-19 19:17 - 2018-04-19 19:17 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180419121751055.dll
2018-04-21 22:06 - 2018-04-21 22:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421150601262.dll
2018-04-21 22:10 - 2018-04-21 22:10 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180421151056879.dll
2018-04-22 11:35 - 2018-04-22 11:36 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180422043556502.dll
2018-04-24 18:52 - 2018-04-24 18:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180424115249153.dll
2018-04-25 11:30 - 2018-04-25 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180426232851539.dll
2018-04-27 16:35 - 2018-04-27 16:35 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180427093543465.dll
2018-04-29 13:45 - 2018-04-29 13:45 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180429064526831.dll
2018-04-30 19:56 - 2018-04-30 19:56 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180430133452682.dll
2018-05-01 11:30 - 2018-05-01 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180501043043811.dll
2018-05-02 11:30 - 2018-05-02 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180502043044900.dll
2018-05-03 19:13 - 2018-05-03 19:13 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180504070639579.dll
2018-05-06 11:30 - 2018-05-06 11:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043043856.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144039.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144356.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144547.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043144637.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146347.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043146786.dll
2018-05-06 11:31 - 2018-05-06 11:31 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180506043150052.dll
2018-05-07 11:32 - 2018-05-07 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180507043205156.dll
2018-05-08 19:29 - 2018-05-08 19:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180508122912386.dll
2018-05-09 22:52 - 2018-05-09 22:52 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180509155237351.dll
2018-05-10 12:26 - 2018-05-10 12:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180511170608518.dll
2018-05-12 14:19 - 2018-05-12 14:19 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513020441684.dll
2018-05-13 12:44 - 2018-05-13 12:44 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180513054444780.dll
2018-05-15 15:50 - 2018-05-15 15:50 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180515085051153.dll
2018-05-16 18:11 - 2018-05-16 18:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180519131135448.dll
2018-05-21 16:26 - 2018-05-21 16:26 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180521092620739.dll
2018-05-24 20:04 - 2018-05-24 20:04 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130434676.dll
2018-05-24 20:07 - 2018-05-24 20:07 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180524130758830.dll
2018-05-25 18:49 - 2018-05-25 18:49 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180525114936143.dll
2018-05-27 11:29 - 2018-05-27 11:29 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527042936482.dll
2018-05-27 11:32 - 2018-05-27 11:32 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180527043203417.dll
2018-05-29 12:41 - 2018-05-29 12:41 - 001876480 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_180529054151671.dll
2018-03-10 20:05 - 2018-03-10 20:05 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201831057556.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834729926.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834730337.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201834737307.dll
2018-03-05 17:23 - 2018-03-05 17:23 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_2018352315820.dll
2018-03-06 17:07 - 2018-03-06 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201836753120.dll
2018-03-07 17:07 - 2018-03-07 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201837752761.dll
2018-03-09 17:07 - 2018-03-09 17:07 - 001853440 _____ (Opera Software) C:\Users\Tom\AppData\Local\Temp\Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
2014-06-26 10:41 - 2014-06-26 11:08 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe
2014-06-26 10:39 - 2014-06-26 11:20 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[1].exe
2014-06-26 11:26 - 2014-06-26 11:29 - 028436968 _____ () C:\Users\Tom\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease[2].exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-09 17:00

==================== End of FRST.txt ============================

 

[malsaurus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Tom (10-11-2018 12:20:41)
Running from C:\Users\Tom\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-252852572-1064671646-1800406956-500 - Administrator - Disabled)
Guest (S-1-5-21-252852572-1064671646-1800406956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limited - Enabled)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Administrator - Enabled) => C:\Users\jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Administrator - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM-x32\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Chromium (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Chromium) (Version: 45.0.2444.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Music Toolbar) (Version: 5.0.0.13124 - iMesh Inc) <==== ATTENTION
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.002 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Search the Web (Yahoo) (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\{95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD}) (Version: - ) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE Rocket) (Version: - WSE Rocket) <==== ATTENTION
WSE_Astromenda (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{950F80EF-32C2-47dd-9C35-9576E21EE66E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION
Task: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32\Tasks\Update_Task => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32\Tasks\{082BE67B-F24C-41EE-B5EB-5404A560143B} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.28.80.101/en/abandoninstall?page=tsProgressBar
Task: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \TomBuckeroosCoprologyV2 -> No File <==== ATTENTION
Task: {A0F206CD-B876-4358-9974-9D1045714D22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32\Tasks\{2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32\Tasks\RumbleTwistingsV2 => rundll32.exe SophisticalClomp.dll,main 7 1 <==== ATTENTION
Task: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Update_Task.job => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-15 19:08 - 2014-06-25 21:24 - 000743960 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\apcrtldr.dll
2014-08-08 13:38 - 2014-08-08 13:38 - 001173504 _____ () C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2014-03-14 09:25 - 2013-11-22 05:22 - 000484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-07-15 19:08 - 2014-06-25 21:24 - 000548888 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-09 18:07 - 2018-11-06 20:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000068968 _____ ()

 

[malsaurus]

(Second attempt to upload addition)

 

[malsaurus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Tom (10-11-2018 12:20:41)
Running from C:\Users\Tom\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-252852572-1064671646-1800406956-500 - Administrator - Disabled)
Guest (S-1-5-21-252852572-1064671646-1800406956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limited - Enabled)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Administrator - Enabled) => C:\Users\jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Administrator - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM-x32\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Chromium (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Chromium) (Version: 45.0.2444.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Music Toolbar) (Version: 5.0.0.13124 - iMesh Inc) <==== ATTENTION
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.002 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Search the Web (Yahoo) (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\{95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD}) (Version: - ) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE Rocket) (Version: - WSE Rocket) <==== ATTENTION
WSE_Astromenda (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{950F80EF-32C2-47dd-9C35-9576E21EE66E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION
Task: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32\Tasks\Update_Task => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32\Tasks\{082BE67B-F24C-41EE-B5EB-5404A560143B} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.28.80.101/en/abandoninstall?page=tsProgressBar
Task: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \TomBuckeroosCoprologyV2 -> No File <==== ATTENTION
Task: {A0F206CD-B876-4358-9974-9D1045714D22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32\Tasks\{2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32\Tasks\RumbleTwistingsV2 => rundll32.exe SophisticalClomp.dll,main 7 1 <==== ATTENTION
Task: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Update_Task.job => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-15 19:08 - 2014-06-25 21:24 - 000743960 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\apcrtldr.dll
2014-08-08 13:38 - 2014-08-08 13:38 - 001173504 _____ () C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2014-03-14 09:25 - 2013-11-22 05:22 - 000484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-07-15 19:08 - 2014-06-25 21:24 - 000548888 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-09 18:07 - 2018-11-06 20:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000119272 _____ ()

 

[malsaurus]

(Third Attempt to Upload Addition)

 

[malsaurus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Tom (10-11-2018 12:20:41)
Running from C:\Users\Tom\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-252852572-1064671646-1800406956-500 - Administrator - Disabled)
Guest (S-1-5-21-252852572-1064671646-1800406956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limited - Enabled)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Administrator - Enabled) => C:\Users\jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Administrator - Enabled) => C:\Users\Tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MX390 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX390_series) (Version: 1.00 - Canon Inc.)
Canon MX390 series On-screen Manual (HKLM-x32\...\Canon MX390 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Chromium (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Chromium) (Version: 45.0.2444.0 - Chromium)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\Music Toolbar) (Version: 5.0.0.13124 - iMesh Inc) <==== ATTENTION
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.002 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Search the Web (Yahoo) (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\{95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD}) (Version: - ) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE Rocket) (Version: - WSE Rocket) <==== ATTENTION
WSE_Astromenda (HKU\S-1-5-21-252852572-1064671646-1800406956-1001\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{950F80EF-32C2-47dd-9C35-9576E21EE66E}\InprocServer32 -> C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\IEBHO.dll (iMesh Inc)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-252852572-1064671646-1800406956-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Tom\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION
Task: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32\Tasks\Update_Task => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32\Tasks\{082BE67B-F24C-41EE-B5EB-5404A560143B} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.28.80.101/en/abandoninstall?page=tsProgressBar
Task: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Task: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE [2013-04-20] () <==== ATTENTION
Task: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \TomBuckeroosCoprologyV2 -> No File <==== ATTENTION
Task: {A0F206CD-B876-4358-9974-9D1045714D22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Task: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Task: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32\Tasks\{2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32\Tasks\RumbleTwistingsV2 => rundll32.exe SophisticalClomp.dll,main 7 1 <==== ATTENTION
Task: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Update_Task.job => C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE
Task: C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job => C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job => C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-15 19:08 - 2014-06-25 21:24 - 000743960 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\x64\apcrtldr.dll
2014-08-08 13:38 - 2014-08-08 13:38 - 001173504 _____ () C:\Users\Tom\AppData\Local\WSE_Astromenda\BRS\brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-01 09:09 - 2018-09-23 07:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2014-03-14 09:25 - 2013-11-22 05:22 - 000484880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-07-15 19:08 - 2014-06-25 21:24 - 000548888 _____ () C:\Users\Tom\AppData\Local\Music Toolbar\Datamngr\apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-15 09:45 - 2017-12-20 08:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-09 18:07 - 2018-11-06 20:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-09 18:07 - 2018-11-06 20:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000033632 _____ ()

 

[malsaurus]

(It would not let me send the second half, despite my persistence).

 

[malsaurus]

(May I send files)?

 

[Broni]

In the future when there is a problem with posting a log, please attach it.
We'll re-run FRST again so don't worry about it at this moment.

For now...

Uninstall following unwanted programs:

Music Toolbar
Search the Web (Yahoo)
WSE Rocket
WSE_Astromenda

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Double click on downloaded setup.exe file to install the program.
• Click on Start Scan button.
• Click on another Start Scan button.
• Wait until the Status box shows Scan Finished
• Click on Remove Selected.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

• Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
• Then click Finish.
• Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
• If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
• When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
• Restart your computer when prompted to do so.
• The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8/10 users right-click and select Run As Administrator
• The tool will start to update the database if one is required.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Logfile button.
• A window will open which lists the logs of your scans.
• Click on the Scan tab.
• Double-click the most recent scan which will be at the top of the list....the log will appear.
• Review the results...see note below
• After reviewing the log, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
• To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
• Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
• A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

 

[malsaurus]

RogueKiller Anti-Malware V13.0.8.0 (x64) [Nov 6 2018] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Started in : Normal mode
User : Tom [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Standard Scan, Delete -- Date : 2018/11/11 08:04:51 (Duration : 01:11:15)
Switches : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] sysctrl.exe [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\sysctrl.exe -> Killed [Tree]
[PUP.Gen1 (Potentially Malicious)] sysctrl.exe [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\x64\sysctrl.exe -> Killed [Tree]
[PUP.Gen1 (Potentially Malicious)] DatamngrCoordinator.exe [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\DatamngrCoordinator.exe -> Killed [Tree]
[PUP.Gen1 (Potentially Malicious)] DatamngrCoordinator.exe [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\DatamngrCoordinator.exe ->
[PUP.Gen1 (Potentially Malicious)] apcrtldr.dll [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\x64\apcrtldr.dll -> Unloaded
[PUP.Gen1 (Potentially Malicious)] apcrtldr.dll [iMesh Inc.] -- %localappdata%\Music Toolbar\Datamngr\apcrtldr.dll -> Unloaded
[Suspicious.Path (Potentially Malicious)] C:\Windows\Tasks\Update_Task.job -- C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE (/Check) -> Deleted
[Suspicious.Path (Potentially Malicious)] C:\Windows\Tasks\{58F8473A-A6D6-EB55-AF4D-772F0358E8D9}.job -- C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE (/Check) -> Deleted
[Hj.Name|Suspicious.Path (Malicious)] \RumbleTwistingsV2 -- rundll32.exe (SophisticalClomp.dll,main 7 1) -> Deleted
[Suspicious.Path (Potentially Malicious)] \Update_Task -- C:\Users\Tom\AppData\Local\{A81F9~1\UNINST~1.EXE (/Check) -> ERROR [80070002]
[Hj.Shortcut (Malicious)] \{082BE67B-F24C-41EE-B5EB-5404A560143B} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/7.28.80.101/en/abandoninstall?page=tsProgressBar) -> Deleted
[Suspicious.Path|VT.Unknown (Potentially Malicious)] C:\Windows\Tasks\{4B63B3D9-A905-B81E-883E-3B544CC01479}.job -- C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE (/Check) -> Deleted
[Hj.Shortcut (Malicious)] \{2854433C-02E7-46A0-A7C9-D5FC3A79EB74} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall) -> Deleted
[Suspicious.Path (Potentially Malicious)] \{58F8473A-A6D6-EB55-AF4D-772F0358E8D9} -- C:\Users\Tom\AppData\Roaming\PIKEME~1\SYNCVE~1.EXE (/Check) -> ERROR [80070002]
[Suspicious.Path|VT.Unknown (Potentially Malicious)] \{1B7B29A5-081A-DBB0-79E4-101AD15B16AA} -- C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE (/Check) -> Deleted
[Suspicious.Path|VT.Unknown (Potentially Malicious)] C:\Windows\Tasks\{1B7B29A5-081A-DBB0-79E4-101AD15B16AA}.job -- C:\Users\Tom\AppData\Roaming\{4CE77~1\PRODUC~1.EXE (/Check) -> ERROR [80070002]
[PUP.Gen0 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E} -- -> Deleted
[PUP.Gen0 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{950F80EF-32C2-47dd-9C35-9576E21EE66E} -- -> Deleted
[PUP.BearShare|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Datamngr -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\BrotherSoft -- -> Deleted
[PUP.BearShare|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Datamngr -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\ForumerIT -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\InstallCore -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Rocket Browser -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\RocketUpdater -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Softonic -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\UpdateStar -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\wincy -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\WSE_Astromenda -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\yahooprovidedsearch -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\BrotherSoft -- -> Deleted
[PUP.BearShare|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Datamngr -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\ForumerIT -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\InstallCore -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Rocket Browser -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\RocketUpdater -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Softonic -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\UpdateStar -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\wincy -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\WSE_Astromenda -- -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\yahooprovidedsearch -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MpKsl9b5e44a7 -- [%programdata%\Microsoft\Microsoft] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OATool -- [%SystemDrive%\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0 -- [%ProgramFiles%\My Dell\pcdsrvc_x64.pkms] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MpKsl9b5e44a7 -- [%programdata%\Microsoft\Microsoft] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\OATool -- [%SystemDrive%\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys] -> Deleted
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\PCDSRVC{D3412D80-CF3B4A27-06020200}_0 -- [%ProgramFiles%\My Dell\pcdsrvc_x64.pkms] -> Deleted
[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -- -> Replaced (1)
[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-252852572-1064671646-1800406956-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -- -> Replaced (1)
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -- %_Tom_appdata%\Music Toolbar -> Deleted
[PUP.Gen1 (Potentially Malicious)] RocketUpdater -- %_Tom_appdata%\RocketUpdater -> Deleted
[PUP.Gen1 (Potentially Malicious)] WSE_Astromenda -- %_Tom_appdata%\WSE_Astromenda -> Deleted
[PUP.Gen1 (Potentially Malicious)] iMesh -- %localappdata%\iMesh -> Deleted
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -- %localappdata%\Music Toolbar -> Removed at reboot [91]
[PUP.Gen1 (Potentially Malicious)] Rocket -- %localappdata%\Rocket -> Deleted
[PUP.Gen1 (Potentially Malicious)] iMesh -- %localappdata%\iMesh -> Removed at reboot [2]
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -- %localappdata%\Music Toolbar -> Removed at reboot [91]
[PUP.Gen1 (Potentially Malicious)] Rocket -- %localappdata%\Rocket -> Removed at reboot [2]
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -- %_Tom_appdata%\Music Toolbar -> Removed at reboot [2]
[PUP.Gen1 (Potentially Malicious)] RocketUpdater -- %_Tom_appdata%\RocketUpdater -> Removed at reboot [2]
[PUP.Gen1 (Potentially Malicious)] WSE_Astromenda -- %_Tom_appdata%\WSE_Astromenda -> Removed at reboot [2]
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- YHS -> Deleted
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- YHS -> Deleted