Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.12.2018 Ran by WAYNE (26-12-2018 08:23:20) Running from C:\Users\WAYNE\Desktop Windows 10 Home Version 1803 17134.472 (X64) (2018-05-20 20:58:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3431438650-1370896122-3677072999-500 - Administrator - Disabled) ASPNET (S-1-5-21-3431438650-1370896122-3677072999-1007 - Limited - Enabled) DefaultAccount (S-1-5-21-3431438650-1370896122-3677072999-503 - Limited - Disabled) Guest (S-1-5-21-3431438650-1370896122-3677072999-501 - Limited - Disabled) HP_Administrator (S-1-5-21-3431438650-1370896122-3677072999-1001 - Limited - Enabled) => C:\Users\HP_Administrator WAYNE (S-1-5-21-3431438650-1370896122-3677072999-1000 - Administrator - Enabled) => C:\Users\WAYNE WDAGUtilityAccount (S-1-5-21-3431438650-1370896122-3677072999-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - ) Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC) Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Any Video Converter 5.9.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Any Video Converter Ultimate 5.9.1 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com) AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) ATI Problem Report Wizard (HKLM\...\{5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}) (Version: 3.0.821.0 - ATI Technologies) Hidden Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software) Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation) Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.) Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.4.30.2 - Canon Inc.) Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.4.20.0 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.) Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.) Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.) Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.) Carbonite (HKLM-x32\...\{34A6D6FF-7EEC-499E-A54F-71077783AED6}) (Version: 6.3.2 build 7466 (Sep-07-2017) - Carbonite) CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform) CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software) Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix) cloudLibrary 2.0 (HKLM-x32\...\cloudLibrary) (Version: 2.0 - Bibliotheca) CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) DVDFab (x64) 10.2.1.7 (10/10/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.2.1.7 - DVDFab Software Inc.) DVDFab 10.0.7.8 (16/01/2018) (HKLM-x32\...\DVDFab 10) (Version: 10.0.7.8 - Fengtao Software Inc.) DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.) DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.) DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.) DVDFab 9.3.0.7 (13/07/2016) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard) HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard) HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard) HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.7.50.3 - HP) HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.10.49.21 - HP) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard) iTunes (HKLM\...\{A9921EE9-86E5-402C-A934-4A8DBAD99E24}) (Version: 12.9.2.6 - Apple Inc.) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.) Leawo iTransfer version 1.9.1.0 (HKLM-x32\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.9.1.0 - Leawo Software) LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe) LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software) LP Ripper (HKLM-x32\...\LP Ripper) (Version: - ) Macrium Reflect Free Edition (HKLM\...\{DF104573-C971-434E-BDB4-E05FA85287B8}) (Version: 7.2.3858 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.) Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5007.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security) Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc) PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.) PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric) PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.) PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.) PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.39.2.0 - Goversoft LLC) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) REAPER (x64) (HKLM\...\REAPER) (Version: - ) Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio) Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio) SafeZone Stable 1.48.2066.101 (HKLM-x32\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology) Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia) Sonic Activation Module (HKLM-x32\...\{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}) (Version: 1.0 - Sonic Solutions) Hidden Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Spectro (HKLM-x32\...\{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}) (Version: 1.0.93 - ) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann) TreeSize Free V3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2 - JAM Software) TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc) TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc) TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc) TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) USB2.0 VIDBOX NW03 (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech) vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - ) VDownloader 4.5.2973 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited) Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - ) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) WD Backup (HKLM-x32\...\{463d4278-a46b-4f4b-bfad-81d1c2f2fe2e}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc.) WD Backup (HKLM-x32\...\{8295047E-9D07-487F-A836-7F9B96EDF713}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc) Hidden WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 1.3.482 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17305 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) WMA 9 Lossless to PCM Conversion Tool (HKLM-x32\...\wmal2pcm) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-28] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-28] (AVAST Software) ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-28] (AVAST Software) ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Inc.) ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2018-11-29] (Paramount Software UK Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2018-11-29] (Paramount Software UK Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-28] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-28] (AVAST Software) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0533A4A2-4F7C-47DE-9523-F3D13DF0B42D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {078C3A6D-22C7-4359-9ED7-DF2B6938B8AC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {07BB0287-1679-47AD-A76A-727367FAA209} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1165EAD8-0CB8-4124-A8DD-BEFF56871B44} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1ED38ACE-7320-463D-B7D4-BA97BC94FBD2} - System32\Tasks\{3DB4B822-8F0A-4B6B-897B-25EEC36E6544} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\vkaraoke.exe -d C:\Users\WAYNE\Downloads Task: {21003036-281D-4B69-8CBD-B36AB66F680A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {2304A790-FD41-4268-B819-C8B2BC1CE9C9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {254BE556-D363-41CB-8F82-4884D42AC72C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {27960216-22B7-4BAC-856B-52003E27175B} - System32\Tasks\{9E5E5D76-BEA8-4241-A71B-A2DC4B79C73D} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller.exe -d C:\Users\WAYNE\Downloads Task: {2A8087DF-B25B-4087-A8FA-F3F0388F935D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {30DB397F-B796-42B2-8727-29B553908183} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.) Task: {37B96978-7AAA-4A05-92FB-12AF041C1DA7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {3C7172BA-E154-4210-81CB-80B0F1CEABBE} - System32\Tasks\{12388B71-6B6D-4F1F-AB05-2E3B3F581A78} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\jxpiinstall.exe -d C:\Users\WAYNE\Downloads Task: {3D46C6C9-4C9F-4429-8B94-2A976BF6CBA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-28] (AVAST Software) Task: {488AB9A1-BDF4-48B7-A57F-45554D80C35E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd) Task: {4BD73C14-3D06-49C2-8CB0-6C48A48D3133} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.) Task: {505680B8-43B0-4AC1-847F-6AAED3918D48} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {51A009C1-762F-4AF8-932B-2EB52FE61FFA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {550479C4-DFA9-41A2-94AB-EA4905FB0BA5} - System32\Tasks\{FC5269F4-123B-49B8-9E24-CA0B9F4B4AF0} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(2).exe -d C:\Users\WAYNE\Downloads Task: {5BA0AEE3-4D4E-47EC-B2C5-77F7470F291C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-17] () Task: {5BB13A09-50D5-4B37-AB94-3DBB5BB4D7DD} - System32\Tasks\{E9A83544-B7AA-4216-87AA-1AA7A5F2C905} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Desktop\Flash_Disinfector.exe -d C:\Users\WAYNE\Desktop Task: {5D79C65C-A7C9-425D-B846-592825B695A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.) Task: {63D1F6AB-F870-41DA-9B3B-3F3894CA9541} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {65B68D0B-7AB0-4A3B-85DF-CA55EC7E8996} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] () Task: {6724A5B4-790C-4CA0-B06A-65E303E20F9F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {675314EA-5203-4440-AC82-3BEFFBA103BA} - System32\Tasks\{8C5E6A49-B6CB-41EE-8711-9EB2A2B82850} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(1).exe -d C:\Users\WAYNE\Downloads Task: {6B41C598-E29B-402D-A13F-8D5665841A0F} - System32\Tasks\HPCeeScheduleForWAYNE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard) Task: {6E347F82-1490-4534-80A0-0873BFD020D1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {72BF3A2D-806A-406C-B41D-5255FC320731} - System32\Tasks\{B3BFC816-702E-46B2-B817-F37852601A84} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe" Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2017-09-07] (Carbonite, Inc.) Task: {742C998D-9267-4B64-BB56-9C85614E5EC7} - System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C} => C:\Program Files (x86)\SpywareGuard\sgmain.exe Task: {775A1906-2FBC-4EC0-AEF8-816F7DDCC341} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {7EF50BAF-56E8-4C78-8C19-005D059A7856} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {81821ACE-5831-4B79-8C1C-F8757FC95A30} - System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6} => C:\Users\WAYNE\Downloads\AdobeFlashPlayer_11.5.502.110_ax_SPS.exe Task: {885633FA-5515-4091-85B0-3582CAC2B7B7} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe Task: {8AEBA8F6-A58D-4D8E-8CD4-FD8313BFB58F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {8B16E2C5-FF87-41D9-9310-00FC75F06ABA} - System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe Task: {8E9B96AA-C3E2-49D4-99AF-965D3CF82172} - System32\Tasks\Macrium-Backup-{EA89DE06-40AB-47FB-82FE-A36EC5798914} => C:\program files\macrium\reflect\Reflect.exe [2018-12-18] (Paramount Software UK Ltd) Task: {90286611-7C01-4799-A68E-A67159634FD2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {9202BC45-5D75-4CC1-A097-E4AA525974D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {92900472-CCE7-4634-A6DF-2313F23006A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated) Task: {93FB09C5-05A9-443A-BEC6-8B37392F3DA8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {94B6FEB0-74E5-44E6-AD5D-DC204840329B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {96C51570-8E87-4313-AD2F-98C8E36472AA} - System32\Tasks\{08CE54A7-1A03-44FB-8194-D45D469175DF} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Desktop\vkaraoke.exe -d C:\Users\WAYNE\Desktop Task: {9798FFA0-B30B-4F54-9F4F-DAE78CAB645C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.) Task: {991B00C0-3018-4EEA-9C23-75B855265849} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.) Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] () Task: {9A617CA1-D496-49CF-8C59-6C4746907AC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {9BFA510A-4F7C-448E-B150-405D3CDB479A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.) Task: {9E67EE41-AB70-4A98-92E3-731CE177AB97} - System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe Task: {9EB11D79-B61D-4F75-A95B-D63C2FA787DF} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {A2C5A2DE-B8C0-464C-B169-1EF68DD1DF9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.) Task: {A9338631-20EC-439B-8623-F5F326E01913} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {A9B700A9-DFA6-4210-A26A-4256514248B8} - System32\Tasks\Macrium-Backup-{A87585CE-C79C-4983-A272-9CD0AC3D58EC} => C:\program files\macrium\reflect\Reflect.exe [2018-12-18] (Paramount Software UK Ltd) Task: {AE5611E8-2D15-49EE-AEED-7254AAD364A7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-30] (AVAST Software) Task: {B0265E98-59AA-41EF-83C7-AE63298A77EC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B3D9F238-25CD-483D-B5D8-27611AF413A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {B744CC91-97BC-47BB-A979-87C7EE041056} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {B84E7BD6-D1FD-47EF-A058-9398330ADC3F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B9E9D6D1-DDE3-4A66-95C0-A19DBB8F027D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2017-09-07] (Carbonite, Inc.) Task: {BBFFDE98-78AA-443F-92EE-7C24E937DA90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd) Task: {D0490B63-5A1B-458A-BA6B-FB022C43BE90} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D46E9067-DA16-40D8-A810-97882FDF4104} - System32\Tasks\SafeZone scheduled Autoupdate 1458724433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {DBE76D1F-FC35-462C-8EBB-472D485BFB05} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {DD40F295-E758-4FC8-81B7-29678EEAC839} - \Microsoft\Windows\Setup\gwx\runappraiser -> No File <==== ATTENTION Task: {E384BACF-F857-4271-A98A-AF652D387D30} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated) Task: {E79AAF22-AF20-4B32-8962-0E54544F1D99} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EE783E76-1070-499E-85FB-C9B5987A4A67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {EEA8F2A3-945A-4FEB-909C-8FCC96A0567D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.) Task: {F03E7B64-4EFC-45B2-86DF-A23B0DD66085} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F11E32A3-1148-4F98-91AD-F2EDA3050A4F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F72AEC6B-2A89-4722-ACC1-70B9EC53C528} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {F82BECB5-6D91-4384-A6D2-C3C974BB105B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForWAYNE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10 (x64)\DVDFab (x64) Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&p=x64&v=10.2.1. Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&v=10.0.7. ==================== Loaded Modules (Whitelisted) ============== 2014-07-03 07:08 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-11-01 05:27 - 2018-11-01 05:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-31 11:09 - 2016-01-22 15:07 - 001114608 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe 2018-10-07 20:13 - 2018-12-15 23:46 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-12 05:27 - 2018-11-08 21:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-12-20 08:56 - 2018-12-14 01:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-04 10:48 - 2018-10-04 10:48 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-14 11:54 - 2018-12-14 11:54 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-12-14 11:54 - 2018-12-14 11:54 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-11-13 09:39 - 2018-11-13 09:40 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-13 09:39 - 2018-11-13 09:40 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-11-09 02:12 - 2018-11-09 02:12 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2017-10-05 06:37 - 2017-10-05 06:38 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-09 02:12 - 2018-11-09 02:12 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-11-09 02:12 - 2018-11-09 02:12 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-08-17 16:18 - 2018-08-17 16:18 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-08-17 16:18 - 2018-08-17 16:18 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-03-29 15:21 - 2018-03-29 15:22 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-11-13 09:39 - 2018-11-13 09:40 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-09 02:12 - 2018-11-09 02:12 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-13 09:39 - 2018-11-13 09:40 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-08-31 06:30 - 2018-08-31 06:31 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-07-26 03:54 - 2018-07-26 03:55 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-13 09:39 - 2018-11-13 09:40 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\ImageDecoding.dll 2018-11-13 09:39 - 2018-11-13 09:40 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\SKU.dll 2018-11-28 12:24 - 2018-11-28 12:24 - 032247296 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe 2018-11-28 12:24 - 2018-11-28 12:24 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\SharedUI.dll 2017-12-01 22:29 - 2017-12-01 22:29 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-11-28 12:24 - 2018-11-28 12:24 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-28 12:24 - 2018-11-28 12:24 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-12-11 12:16 - 2018-12-11 12:16 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-12-11 12:16 - 2018-12-11 12:16 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll 2017-12-01 22:29 - 2017-12-01 22:29 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-11-28 12:24 - 2018-11-28 12:24 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-12-11 12:16 - 2018-12-11 12:16 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-12-11 12:16 - 2018-12-11 12:16 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll 2017-03-21 03:23 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 000919256 _____ () c:\program files\avast software\avast\anen.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 000596696 _____ () c:\program files\avast software\avast\streamback.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-11-28 06:09 - 2018-11-28 06:09 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-12-26 03:25 - 2018-12-26 03:25 - 005734544 _____ () c:\program files\avast software\avast\defs\18122600\algo.dll 2018-03-14 22:52 - 2018-03-14 22:53 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-05-20 15:31 - 2018-05-20 15:31 - 000854016 _____ () C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll 2018-05-20 15:31 - 2018-05-20 15:31 - 000476520 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2018-11-01 05:28 - 2018-11-01 05:28 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [119] AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7 [246] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100sexlinks.com -> 100sexlinks.com There are 5317 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2018-11-15 13:39 - 000000109 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background HKLM\...\StartupApproved\StartupFolder: => "APC UPS Status.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "VDownloader" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "VDownloader" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "Carbonite Backup" HKLM\...\StartupApproved\Run32: => "Microsoft Default Manager" HKLM\...\StartupApproved\Run32: => "Display" HKLM\...\StartupApproved\Run32: => "HostManager" HKLM\...\StartupApproved\Run32: => "WDDiscovery" HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper" HKLM\...\StartupApproved\Run32: => "WDAppManager" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "VDownloader" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "Bomgar_Cleanup_ZD346237256227560" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "Bomgar_Cleanup_ZD346150990613581" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "AOL Fast Start" HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{9B8BC006-D232-4243-A802-D777E2394F52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation) FirewallRules: [TCP Query User{CC6CBC5C-6E6A-41FF-9221-F5DE593AE284}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{260A5F17-B67F-4C7D-A7BA-919B3BD09C87}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{ED0DCA58-6127-435D-B216-314C93E75BC1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{2B984B56-4C95-41B8-942C-66B1E2577E7F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{A89970B2-4174-4DFE-84FD-C6467BADD0A4}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{63D4037A-D68A-4924-905E-668A3B303DE8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{4C02AFFB-49C4-4120-98DF-5FD3034FD7DC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit Inc.) FirewallRules: [{0BB612AE-C6EA-43D2-9972-A8075D7882F7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{88ECE08A-C9D8-40A4-8848-526DCA75A919}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{0B3C8FE2-6BC6-4559-B4C9-6C48AC889B34}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation) FirewallRules: [{513CDA7D-4471-47B2-91C9-EBB159306A85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation) FirewallRules: [{896E11AB-D6C5-4476-9C26-0FCADA9E4357}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{453D4BC5-EDD6-4EA2-8A67-1DAFA2AD43D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{7529187B-B1A2-4564-989D-22E67C7813CC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe No File FirewallRules: [{0D8510A3-D231-44D7-B123-AF7F7D4D1433}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{121FEF0C-34F0-4631-8670-BE99915DD229}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{D576B179-3A1C-43CE-93C5-00B41B8E9843}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{560C430D-0D9B-4BAB-9F44-AE808FAE6A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{AFD73BC9-AD58-498A-9EEF-1760D490B48D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File FirewallRules: [{804DDBBB-CA8B-4922-BF68-483E7F26F6EE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File FirewallRules: [{FCBF5BD8-FA13-471A-96DB-C3231AF87209}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File FirewallRules: [{458BA114-ADA5-4EDD-808C-EE935F6381A3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File FirewallRules: [{B16158EA-CFCF-463A-ACEC-4A7E082995B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{962B06F3-87C3-4787-9061-674ED3A0EB4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation) FirewallRules: [{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc.) FirewallRules: [{B154E613-8AC0-42AF-9480-1A961B18FA84}] => (Allow) LPort=50000 FirewallRules: [UDP Query User{5FFCB1B7-05EA-4140-8D76-CBE5B4AAD1BF}F:\techwizard.exe] => (Allow) F:\techwizard.exe No File FirewallRules: [TCP Query User{B34A4DF5-D5A0-43E5-8B96-19DCFEF80EB4}F:\techwizard.exe] => (Allow) F:\techwizard.exe No File FirewallRules: [{0386B9E5-7085-4EEA-B4BC-DB3BA49C6D15}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{075AFA60-1457-42BD-9E5D-DAB184E573C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{97363095-2633-423D-8947-AA1CF612207E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{15CB24E3-01C5-45AE-A0B5-86108859B8ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{3A00BBDD-B091-47C3-9B3D-452D7780CA41}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.) FirewallRules: [{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe (Intuit Inc.) FirewallRules: [{0869C632-DF9D-4C8B-BDED-D88AF67B8378}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{70C0580B-EBA2-4B35-8DC8-0D5DA8DD9B70}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{77DC15B9-AB02-4A94-9549-95F54946859A}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{73308006-0A55-4313-B1A9-39094A5DC029}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com)) FirewallRules: [{C22006C3-D83C-4CE2-AAFD-02449499C8F0}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) FirewallRules: [{68B43291-7D97-4EBF-B4F9-A762C00D37F8}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) FirewallRules: [{D1574A07-9E09-4944-8DE0-DB54A01545CF}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) FirewallRules: [{6D360B3C-04FA-47D0-A750-59718E04C8D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) FirewallRules: [{203F77E6-7637-43E0-BE3A-7C7C067F64B5}] => (Allow) LPort=1900 FirewallRules: [{000B10B1-9481-4704-B8FA-846D51A186D2}] => (Allow) LPort=2869 FirewallRules: [{15AD9551-76A1-40F2-BEF4-80F1A5398027}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) FirewallRules: [{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation) FirewallRules: [{7F10951C-ED22-4BAE-BFF3-25A1C2831814}] => (Allow) svchost.exe (Microsoft Corporation) FirewallRules: [{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) FirewallRules: [{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe (CyberLink Corp.) FirewallRules: [{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe (CyberLink Corp.) FirewallRules: [{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe (CyberLink Corp.) FirewallRules: [{77830A32-BAC9-4339-8335-778B2BEC9AB1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink Corp.) FirewallRules: [{F4E7C279-EA5A-4BCD-A4BF-E3005F905BBB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe No File FirewallRules: [{C2602CD6-DF88-40F2-8F6E-8B3E909DF17D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe No File FirewallRules: [{160F4AE6-6B5A-4D91-97C4-3BD5C9E270D0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe No File FirewallRules: [{336FE86C-EB9A-4D72-83BF-246E3FF370AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe No File FirewallRules: [{9D74DCAC-7F67-4BB9-ACC1-DE04A6329CE3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe No File FirewallRules: [{6BB97294-8CC8-48E7-84D6-A6E930E9B231}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe No File FirewallRules: [{98440DB8-2495-4977-B40D-EE5E4B6FAD9C}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe No File FirewallRules: [{B01C7204-5A4C-4C9C-8465-682631F1000F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions) FirewallRules: [{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions) FirewallRules: [{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink Corp.) FirewallRules: [{6E647CCE-B87F-492A-8107-0622548B8170}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc.) FirewallRules: [{4EE21B06-2683-4D62-946D-48D443A71DEC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc.) FirewallRules: [{36F1DA0D-74E8-4D25-8C08-BE88443F9225}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc.) FirewallRules: [{FA58FDC9-032F-42D4-A616-184E20003A5A}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc.) FirewallRules: [{09E90098-E3D3-4328-B768-EC505268D371}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc.) FirewallRules: [{34405486-63C2-4BB5-A974-CD0BBF642A54}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc.) FirewallRules: [{D563DCC2-47E2-4D3D-9AC1-332D4BE72560}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc.) FirewallRules: [{2925CB27-5E91-4220-95EE-5D139B65C519}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc.) FirewallRules: [{6C5F01AA-E571-42F8-AD56-49ACFC9EC743}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc.) FirewallRules: [{88EB079B-A303-42F4-BFD9-57F690A618C2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc.) FirewallRules: [{3C9695CF-7F82-46FD-BD26-3E5171BC3B3E}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc.) FirewallRules: [{5302D749-5134-46AF-AE19-363A54DAF3B4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc.) FirewallRules: [{E1495E01-697A-4628-AB94-55B780115EB7}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc.) FirewallRules: [{81845C2C-9C4E-47FA-A95F-555802947F49}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc.) FirewallRules: [TCP Query User{D877CF41-EB1E-45EF-B173-97870F5C4B36}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (FengTao Software Inc.) FirewallRules: [UDP Query User{0F2E1CC4-034B-4E65-8531-35BBCC6A47E4}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (FengTao Software Inc.) FirewallRules: [{CFE68B1D-ABFE-4E33-AEF3-71E96C97217E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) FirewallRules: [TCP Query User{D4AA74E0-0543-4136-90BD-FDB0DD8F4398}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab.cn) FirewallRules: [UDP Query User{7E2D614B-C86B-487E-BE3B-5B928C8E3CBF}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab.cn) FirewallRules: [{D6B1A1D6-9225-42A5-8F6B-8DE4EF8D61A0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software) FirewallRules: [{CAA924DA-7435-49D7-868B-6B52DEAD6BC5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software) FirewallRules: [{9A86813E-B803-43C6-B411-037A05CEBCB3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) FirewallRules: [{6F0CBE04-B16F-41DD-84E9-8EB1FFCE6BB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{F50B2961-A8F2-4310-850A-14BD9FE43012}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) FirewallRules: [{9AEE6F75-2C42-46F5-9905-8EB5CE626D92}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{57390CF6-2B3F-4879-AAA2-8CE703CC83C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) ==================== Restore Points ========================= 25-12-2018 02:00:18 Windows Backup 26-12-2018 02:00:12 Windows Backup ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/24/2018 11:59:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2 Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185 Exception code: 0xc0000005 Fault offset: 0x000000000007a24d Faulting process id: 0x16bc Faulting application start time: 0x01d49bef443fdccc Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\Windows\System32\NotificationController.dll Report Id: e4bd9d90-094b-44d5-87b6-6f6bc37dfe70 Faulting package full name: Faulting package-relative application ID: Error: (12/24/2018 08:14:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2 Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185 Exception code: 0xc0000005 Fault offset: 0x000000000007a24d Faulting process id: 0x216c Faulting application start time: 0x01d49be28c1826da Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\Windows\System32\NotificationController.dll Report Id: 9db01ebe-e741-4bf0-8587-cbaaa7ffb032 Faulting package full name: Faulting package-relative application ID: Error: (12/24/2018 06:14:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2 Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185 Exception code: 0xc0000005 Fault offset: 0x000000000007a24d Faulting process id: 0x15d0 Faulting application start time: 0x01d49bcdbd983202 Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\Windows\System32\NotificationController.dll Report Id: b8e5e73b-71f9-4855-a4e9-16dae378f70a Faulting package full name: Faulting package-relative application ID: Error: (12/24/2018 04:14:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2 Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185 Exception code: 0xc0000005 Fault offset: 0x000000000007a24d Faulting process id: 0x1c20 Faulting application start time: 0x01d49bc1b65bfa4f Faulting application path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\Windows\System32\NotificationController.dll Report Id: f4b7a60b-fade-4e04-9f92-234bd2abddd5 Faulting package full name: Faulting package-relative application ID: Error: (12/24/2018 03:27:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program USBVaccine.exe version 1.0.1.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3b8 Start Time: 01d4990558cc9168 Termination Time: 13 Application Path: C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe Report Id: 83202d05-ba48-4009-9583-57bd23f77fe0 Faulting package full name: Faulting package-relative application ID: Error: (12/14/2018 06:37:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HPSupportSolutionsFrameworkService.exe, version: 8.10.49.21, time stamp: 0x5c08b215 Faulting module name: CRYPT32.dll, version: 10.0.17134.1, time stamp: 0x01d34162 Exception code: 0xc0000005 Fault offset: 0x0000000000050856 Faulting process id: 0x264c Faulting application start time: 0x01d493cc8f03d60b Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe Faulting module path: C:\WINDOWS\System32\CRYPT32.dll Report Id: e00cd4ed-148a-4dca-bc1a-bc398a2191fb Faulting package full name: Faulting package-relative application ID: Error: (12/14/2018 06:37:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: HPSupportSolutionsFrameworkService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FFEA1B70856 Error: (12/14/2018 11:39:27 AM) (Source: VSS) (EventID: 12291) (User: ) Description: Volume Shadow Copy Service error: Error on creating/using the COM+ Writers publisher interface: BackupShutdown [0x80042302, A Volume Shadow Copy Service component encountered an unexpected error. Check the Application event log for more information. ]. System errors: ============= Error: (12/26/2018 07:19:59 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (12/25/2018 07:18:10 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (12/24/2018 11:59:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Push Notifications User Service_871f4 service terminated unexpectedly. It has done this 4 time(s). Error: (12/24/2018 08:14:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Push Notifications User Service_871f4 service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/24/2018 06:14:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Push Notifications User Service_871f4 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/24/2018 04:14:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Push Notifications User Service_871f4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/24/2018 07:16:37 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (12/23/2018 07:16:06 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-11-28 06:20:19.136 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.259.755.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14405.2 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider. Date: 2018-11-28 06:20:19.135 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.259.755.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14405.2 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider. Date: 2018-11-28 06:20:19.134 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.259.755.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14405.2 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider. CodeIntegrity: =================================== Date: 2018-12-21 03:11:49.765 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-21 03:11:05.502 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-21 03:11:05.109 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-21 03:07:47.582 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-14 11:43:56.800 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-14 11:43:15.895 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-14 11:43:15.267 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-12-14 11:39:22.963 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X4 635 Processor Percentage of memory in use: 27% Total physical RAM: 12287.28 MB Available physical RAM: 8936.52 MB Total Virtual: 17048.04 MB Available Virtual: 12468.68 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:583.19 GB) (Free:189.36 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{a3ee7c82-2453-11e0-adba-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{489ea3c9-0000-0000-0000-b0d291000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=583.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) Partition 4: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================