Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

System running slow and freezes

Started by docgoblin , May 12 2018 06:12 AM

  • Please log in to reply

#1
docgoblin
Posted 12 May 2018 - 06:12 AM

docgoblin

    Member

  • Member
  • PipPip
  • 93 posts

My system is running very slowly and eventually freezes. I ran scans and fixes with Superantispyware, Malwarebytes and CCleaner. This seemed to help a bit but the system still seems slow. I know the system is very light on RAM with just 3GB. I tried purchasing 2X4GB RAM from NewEgg which I thought was compatible, but apparently it wasn't. I'm not sure what the next step is.

 

Here are my FRST scans:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Ran by wap76 (administrator) on ANDY (12-05-2018 07:49:43)
Running from C:\Users\wap76\Desktop
Loaded Profiles: wap76 &  (Available Profiles: wap76 & bevpo & DefaultAppPool)
Platform: Windows 10 Home Version 1607 14393.1066 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\spool\drivers\x64\3\dlecserv.exe
( ) C:\Windows\System32\dleccoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{4540E6F5-13C7-4AF0-B278-AD57A6085DA1}\66.0.3359.170_66.0.3359.139_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_7E009.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_7E009.tmp\setup.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
() C:\Program Files (x86)\Dell P713w\dlecmon.exe
() C:\Program Files (x86)\Dell P713w\ezprint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\wap76\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\wap76\AppData\Local\Akamai\netsession_win.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [517176 2010-01-29] (Conexant Systems, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [dlecmon.exe] => C:\Program Files (x86)\Dell P713w\dlecmon.exe [770728 2010-01-18] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell P713w\ezprint.exe [139944 2010-01-18] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-05] (AVAST Software)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-03-16] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_60\bin\jusched.exe"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [NortonUtilities] => C:\Program Files (x86)\Norton Utilities 14\RMTray.exe [279912 2009-09-14] (Symantec Corporation)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [Akamai NetSession Interface] => C:\Users\wap76\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-23] (Google Inc.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [NortonUtilities] => C:\Program Files (x86)\Norton Utilities 14\RMTray.exe [279912 2009-09-14] (Symantec Corporation)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [Akamai NetSession Interface] => C:\Users\wap76\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-23] (Google Inc.)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\...\Run: [Best Buy pc app] => C:\Users\bevpo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [398 2018-02-11] ()
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191928531\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2010-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\wap76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2010-08-29]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\wap76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-08-08]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f63d22b-4e35-48bd-b7c3-0deeb6bb9428}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c0836944-f674-4c1b-9be5-6ecfea5d4969}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd0bae24-0aaa-4b2d-91ac-b28bf2994531}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d8f9daea-b861-44bb-a977-82fe66926faa}: [DhcpNameServer] 70.30.0.20
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://news.google.com/?mgmhp=gnhp
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://news.google.com/?mgmhp=gnhp
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y
SearchScopes: HKLM -> DefaultScope {376D2AA1-F68C-4BA4-BA91-DB872955A4C8} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {376D2AA1-F68C-4BA4-BA91-DB872955A4C8} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {97346AC8-F2E1-41DC-9F8B-541F42B50FC1} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {97346AC8-F2E1-41DC-9F8B-541F42B50FC1} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> DefaultScope {112FDD92-DC45-4648-9C0B-50FDA9C1C1A7} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US739D20141214&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {07C2AA65-93C6-438B-BE6D-93B94B0A4E58} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS394US394
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {112FDD92-DC45-4648-9C0B-50FDA9C1C1A7} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US739D20141214&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {376D2AA1-F68C-4BA4-BA91-DB872955A4C8} URL =
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {7CA2DF14-1B3A-4E3E-8C14-ED5947A36112} URL = hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {97346AC8-F2E1-41DC-9F8B-541F42B50FC1} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS394US394
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> DefaultScope {112FDD92-DC45-4648-9C0B-50FDA9C1C1A7} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US739D20141214&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {07C2AA65-93C6-438B-BE6D-93B94B0A4E58} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS394US394
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {112FDD92-DC45-4648-9C0B-50FDA9C1C1A7} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US739D20141214&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {376D2AA1-F68C-4BA4-BA91-DB872955A4C8} URL =
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {7CA2DF14-1B3A-4E3E-8C14-ED5947A36112} URL = hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {97346AC8-F2E1-41DC-9F8B-541F42B50FC1} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS394US394
SearchScopes: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
BHO-x32: Dell Toolbar -> {09B71986-2AC5-482d-B6CB-42EA34F4F85B} -> C:\Program Files\Dell Printable Web\toolband.dll [2008-12-10] ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
BHO-x32: HP Smart Print Helper -> {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} -> C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.6\Espresso.dll [2014-01-23] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll [2008-12-10] ()
Toolbar: HKLM-x32 - The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWow64\TwcToolbarIe7.dll [2009-06-23] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-2191989212-20672456-2235214370-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15] (Skype Technologies S.A.)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US739D20170616&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default [2018-05-08]
CHR Extension: (IBM Security Rapport) - C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-05-05]
CHR Extension: (Ebates: The Free Cash Back Shopping Assistant) - C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2018-05-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-05]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\wap76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-06]
CHR Profile: C:\Users\wap76\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-05]
CHR HKU\S-1-5-21-2191989212-20672456-2235214370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-05-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-05] (AVAST Software)
R2 dlecCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dlecserv.exe [33448 2010-01-07] ()
R2 dlec_device; C:\windows\system32\dleccoms.exe [1052328 2010-01-07] ( )
R2 dlec_device; C:\windows\SysWOW64\dleccoms.exe [598696 2010-01-07] ( )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5243208 2018-03-11] (IBM Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-05] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-05-05] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-05-05] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-05-05] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-05-05] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [227784 2018-05-05] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-05] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [147224 2018-05-05] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111352 2018-05-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-05-05] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-05-05] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-05] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-05-05] (AVAST Software)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [482600 2018-03-11] (IBM Corp.)
R1 RapportCerberus_1908115; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908115.sys [1628776 2018-04-22] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [695592 2018-03-11] (IBM Corp.)
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [590824 2018-03-11] (IBM Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-09-30] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
R0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-12 07:49 - 2018-05-12 07:51 - 000031421 _____ C:\Users\wap76\Desktop\FRST.txt
2018-05-12 07:49 - 2018-05-12 07:49 - 000000000 ____D C:\Users\wap76\Desktop\FRST-OlderVersion
2018-05-12 07:48 - 2018-05-12 07:49 - 000000000 ____D C:\FRST
2018-05-11 20:43 - 2018-05-12 07:49 - 002404864 _____ (Farbar) C:\Users\wap76\Desktop\FRST64.exe
2018-05-06 20:52 - 2018-05-06 20:54 - 014716944 _____ (Symantec Corporation) C:\Users\wap76\Downloads\NRnR.exe
2018-05-06 19:53 - 2018-05-06 19:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-06 19:53 - 2018-05-06 19:53 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-06 19:49 - 2018-05-06 19:50 - 073524488 _____ (Malwarebytes ) C:\Users\wap76\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.5006.exe
2018-05-06 16:57 - 2018-05-06 16:57 - 000012128 ____N C:\bootsqm.dat
2018-05-06 10:17 - 2018-05-06 13:10 - 000000000 ____D C:\SUPERDelete
2018-05-06 07:42 - 2018-05-06 07:42 - 000000000 ____D C:\Users\wap76\AppData\Roaming\SUPERAntiSpyware.com
2018-05-06 07:40 - 2018-05-06 07:42 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-05-06 07:40 - 2018-05-06 07:40 - 000001860 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-05-06 07:40 - 2018-05-06 07:40 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2018-05-06 07:40 - 2018-05-06 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-05-06 07:38 - 2018-05-06 07:40 - 033138296 _____ (SUPERAntiSpyware) C:\Users\wap76\Downloads\SUPERAntiSpyware (1).exe
2018-05-06 07:31 - 2018-05-06 07:31 - 000000000 ____D C:\Users\wap76\AppData\Roaming\AVAST Software
2018-05-06 07:26 - 2018-05-06 07:26 - 000000000 ____D C:\Users\wap76\AppData\Local\{643C16FF-FC7B-4523-96D4-B67333332B7E}
2018-05-05 20:48 - 2018-05-05 20:48 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-05-05 20:48 - 2018-05-05 20:48 - 000001978 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-05-05 20:32 - 2018-05-05 20:33 - 032396088 _____ (SUPERAntiSpyware) C:\Users\wap76\Downloads\SUPERAntiSpyware.exe
2018-05-05 20:19 - 2018-05-05 20:19 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-05-05 19:57 - 2018-05-05 19:57 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-05-05 19:57 - 2018-05-05 19:57 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-05-05 19:53 - 2018-05-05 19:36 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-05 19:47 - 2018-05-11 20:14 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-05 19:44 - 2018-05-05 19:47 - 000147224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000111352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-05 19:44 - 2018-05-05 19:36 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-05 19:44 - 2018-05-05 19:35 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-05 19:44 - 2018-05-05 19:35 - 000227784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-05 19:44 - 2018-05-05 19:34 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-05-05 19:44 - 2018-05-05 19:34 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-05-05 19:44 - 2018-05-05 19:34 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-05-05 19:44 - 2018-05-05 19:34 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-05-05 19:37 - 2018-05-05 19:37 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-05-05 19:31 - 2018-05-05 20:24 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-05 19:31 - 2018-05-05 19:31 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-05 19:31 - 2018-05-05 19:31 - 000002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-05 19:31 - 2018-05-05 19:31 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-05 19:30 - 2018-05-05 19:31 - 000000000 ____D C:\Program Files\CCleaner
2018-05-05 19:30 - 2018-05-05 19:30 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-05 19:30 - 2018-05-05 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-05 19:26 - 2018-05-05 19:28 - 015813864 _____ (Piriform Ltd) C:\Users\wap76\Downloads\ccsetup542.exe
2018-05-05 17:59 - 2018-05-05 17:59 - 000000000 ____D C:\Users\wap76\AppData\Local\{816A0AAE-7494-44ED-B39E-F6A5280754E5}
2018-04-22 09:49 - 2018-04-22 09:49 - 000000000 ____D C:\Users\wap76\AppData\Roaming\Mozilla
2018-04-22 09:43 - 2018-04-22 09:43 - 000000000 ____D C:\Users\wap76\AppData\Local\{4B9C1178-96A8-4849-AC92-AD052632B5DB}
2018-04-22 09:14 - 2018-04-22 09:14 - 000000000 ____D C:\Users\bevpo\AppData\Local\Best Buy pc app
2018-04-22 08:51 - 2018-02-18 07:13 - 002003296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-22 08:51 - 2018-02-18 07:13 - 001568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000749408 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000664416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000609120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000389464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000270688 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000246112 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-22 08:51 - 2018-02-18 07:13 - 000138072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-22 08:51 - 2018-02-18 07:13 - 000069984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-22 08:51 - 2018-02-18 07:12 - 000461664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-22 08:51 - 2018-02-18 07:12 - 000035160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-22 08:51 - 2018-02-18 07:09 - 000199512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-22 08:51 - 2018-02-18 07:04 - 000501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-22 08:51 - 2018-02-18 06:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-04-22 08:51 - 2018-02-18 06:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-22 08:48 - 2018-02-18 06:31 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-04-22 08:48 - 2018-02-18 06:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-04-22 08:47 - 2018-04-22 08:47 - 000000000 ____D C:\Users\bevpo\AppData\Local\Apple
2018-04-22 08:47 - 2018-02-18 07:00 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-04-22 08:47 - 2018-02-18 06:26 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2018-04-22 08:47 - 2018-02-18 06:26 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2018-04-22 08:47 - 2018-02-18 06:26 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-04-22 08:47 - 2018-02-18 06:26 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-04-22 08:47 - 2018-02-18 06:24 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2018-04-22 08:47 - 2018-02-18 06:22 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-04-22 08:47 - 2018-02-18 06:20 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2018-04-22 08:47 - 2018-02-18 06:19 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-04-22 08:47 - 2018-02-18 06:17 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-22 08:47 - 2018-02-18 06:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2018-04-22 08:47 - 2018-02-18 06:16 - 000299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-22 08:47 - 2018-02-18 06:16 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2018-04-22 08:47 - 2018-02-18 06:15 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-04-22 08:47 - 2018-02-18 06:14 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-22 08:47 - 2018-02-18 06:12 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-22 08:47 - 2018-02-18 06:11 - 002321920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-04-22 08:47 - 2018-02-18 06:11 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-04-22 08:47 - 2018-02-18 06:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-22 08:34 - 2018-04-22 08:52 - 000000000 ____D C:\Users\bevpo\AppData\Roaming\SoftGrid Client
2018-04-22 08:34 - 2018-04-22 08:34 - 000000000 ____D C:\Users\bevpo\AppData\Local\SoftGrid Client
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-05-11 20:49 - 2011-03-31 22:12 - 000000000 ____D C:\Users\wap76\AppData\Roaming\SoftGrid Client
2018-05-11 20:38 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-11 20:33 - 2016-07-16 07:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-11 20:16 - 2012-09-20 14:23 - 000000000 ____D C:\Users\wap76\AppData\Local\Akamai
2018-05-11 20:14 - 2016-09-17 09:58 - 002776992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-08 19:35 - 2016-07-16 07:45 - 000000000 ____D C:\WINDOWS\INF
2018-05-06 21:03 - 2016-09-17 10:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-06 21:02 - 2016-07-16 02:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-06 20:58 - 2010-06-03 05:58 - 000000000 ____D C:\ProgramData\Norton
2018-05-06 20:28 - 2010-10-05 07:33 - 000000000 ____D C:\Users\wap76\AppData\Roaming\ParetoLogic
2018-05-06 20:28 - 2010-10-05 07:33 - 000000000 ____D C:\ProgramData\ParetoLogic
2018-05-06 18:49 - 2016-09-17 09:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-06 14:36 - 2016-09-17 09:59 - 000000000 ____D C:\Users\wap76
2018-05-06 13:47 - 2010-08-29 17:56 - 000000000 ____D C:\Users\wap76\Tracing
2018-05-06 10:17 - 2011-06-05 14:40 - 000000000 ____D C:\Users\wap76\AppData\Local\The Weather Channel
2018-05-06 10:17 - 2011-01-21 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2018-05-06 10:16 - 2011-06-05 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2018-05-06 10:15 - 2010-08-29 13:41 - 000000000 ____D C:\Users\wap76\AppData\Roaming\Skype
2018-05-06 08:19 - 2011-12-13 08:25 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-06 08:19 - 2011-12-13 08:25 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-06 07:57 - 2015-07-22 18:51 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-06 07:31 - 2010-09-26 20:01 - 000000000 ____D C:\ProgramData\TEMP
2018-05-05 20:22 - 2016-09-17 13:49 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-05 20:21 - 2016-10-29 08:07 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-05 20:21 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-05 20:21 - 2010-09-15 18:22 - 000000000 ____D C:\Users\wap76\AppData\Local\CrashDumps
2018-05-05 20:19 - 2016-09-17 09:59 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-05 18:39 - 2018-02-11 09:46 - 000000000 ____D C:\Users\bevpo
2018-05-05 18:31 - 2016-09-17 10:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-05-05 18:30 - 2016-07-16 07:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-05 18:30 - 2016-07-16 02:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-05 18:22 - 2015-10-30 02:28 - 000000000 ____D C:\Users\Default.migrated
2018-05-05 18:22 - 2009-07-14 01:08 - 000000000 ____D C:\Users\Administrator
2018-05-05 18:11 - 2018-02-07 16:49 - 000003352 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2191989212-20672456-2235214370-1001
2018-05-05 18:10 - 2015-09-30 07:37 - 000002409 _____ C:\Users\wap76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-05 18:10 - 2015-09-30 07:37 - 000000000 ___RD C:\Users\wap76\OneDrive
2018-05-05 16:55 - 2018-02-11 09:54 - 000000000 ____D C:\Users\bevpo\AppData\Local\Deployment
2018-04-22 09:55 - 2010-10-17 17:51 - 000000000 ____D C:\Users\wap76\AppData\Roaming\Apple Computer
2018-04-22 09:54 - 2016-02-15 19:25 - 000000000 ____D C:\Users\wap76\AppData\Local\Apple Inc
2018-04-22 09:49 - 2018-02-11 09:46 - 000000000 ____D C:\Users\bevpo\AppData\Roaming\Mozilla
2018-04-22 09:36 - 2016-07-16 07:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-22 09:25 - 2016-09-17 10:16 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2018-04-22 09:25 - 2016-09-17 10:16 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2018-04-22 09:18 - 2013-09-08 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2018-04-22 09:08 - 2018-02-11 09:46 - 000000000 ____D C:\Users\bevpo\AppData\Local\ConnectedDevicesPlatform
2018-04-22 08:54 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-22 08:51 - 2018-02-10 17:47 - 000000000 ____D C:\Program Files\rempl
2018-04-22 08:50 - 2016-09-17 10:32 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-04-22 08:36 - 2018-02-11 09:59 - 000002409 _____ C:\Users\bevpo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-22 08:35 - 2018-02-11 09:59 - 000000000 ___RD C:\Users\bevpo\OneDrive
==================== Files in the root of some directories =======
2015-05-20 08:00 - 2015-05-20 08:00 - 006420480 _____ () C:\Program Files (x86)\GUT9FE1.tmp
2010-08-29 18:31 - 2010-08-29 18:31 - 000008428 _____ () C:\Users\wap76\AppData\Roaming\UserTile.png
2010-08-29 14:18 - 2012-02-08 19:43 - 000000432 _____ () C:\Users\wap76\AppData\Roaming\wklnhst.dat
2010-11-03 15:02 - 2010-11-03 15:02 - 000007598 _____ () C:\Users\wap76\AppData\Local\Resmon.ResmonCfg
2018-02-07 16:01 - 2018-02-07 16:01 - 000000000 _____ () C:\Users\wap76\AppData\Local\{F17FAF36-99D4-42FD-937A-BC2D9ADD66AF}
Some files in TEMP:
====================
2018-04-22 09:24 - 2018-04-22 09:24 - 000000000 _____ () C:\Users\bevpo\AppData\Local\Temp\6yat6-ha.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-10 19:41
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by wap76 (12-05-2018 07:53:50)
Running from C:\Users\wap76\Desktop
Windows 10 Home Version 1607 14393.1066 (X64) (2016-09-17 22:15:13)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2191989212-20672456-2235214370-500 - Administrator - Disabled)
bevpo (S-1-5-21-2191989212-20672456-2235214370-1003 - Limited - Enabled) => C:\Users\bevpo
DefaultAccount (S-1-5-21-2191989212-20672456-2235214370-503 - Limited - Disabled)
Guest (S-1-5-21-2191989212-20672456-2235214370-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2191989212-20672456-2235214370-1002 - Limited - Enabled)
wap76 (S-1-5-21-2191989212-20672456-2235214370-1001 - Administrator - Enabled) => C:\Users\wap76
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music Importer (HKLM-x32\...\{98823CC0-51DA-565C-FF90-DCC72D47BD24}) (Version: 2.0.1 - Amazon Services LLC) Hidden
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.0.1 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Ask Toolbar Updater (HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.2.36670 - Ask.com) <==== ATTENTION
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{5792CD64-61B4-C448-0D22-3C51DD73AB2A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.0.1.2 - Best Buy) Hidden
Best Buy pc app (HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\48e4cff94f039634) (Version: 3.0.1.2 - Best Buy)
Best Buy pc app (HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\48e4cff94f039634) (Version: 3.0.1.2 - Best Buy)
Best Buy pc app (HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\...\48e4cff94f039634) (Version: 3.0.1.2 - Best Buy)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
ccc-core-static (HKLM-x32\...\{219B4856-468A-F0BB-8249-E630AD4E86C2}) (Version: 2010.0315.1050.17562 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.112.0.61 - Conexant)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell P713w (HKLM\...\Dell P713w) (Version:  - Dell, Inc.)
Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP ENVY 5530 series Basic Device Software (HKLM\...\{E43084F2-A74C-47A3-BD6D-AA57FC0A381E}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Smart Print 2.6 (HKLM-x32\...\{4555A338-5952-4150-81B9-655763BAF872}) (Version: 2.6.0.238 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}) (Version: 6.2.1.67 - Apple Inc.)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM-x32\...\{D03632B5-1DA9-4536-976D-604719500C45}) (Version: 16.4.1970.0624 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Basic 2007 (HKLM-x32\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM-x32\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.5130.5001 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton Utilities (HKLM-x32\...\Norton Utilities_is1) (Version: 14.5 - Symantec Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Product Improvement Study for HP ENVY 5530 series (HKLM\...\{3FB74B78-098D-48EF-8CC4-BE6C431C0E16}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1201.78 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1908.152 - Trusteer) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0011 - Realtek)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7280 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
The Weather Channel Toolbar (HKLM-x32\...\The Weather Channel Toolbar) (Version:  - )
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.03.02.00 - )
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.05.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.03.02.00 - )
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
TotalRecipeSearch Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1908.152 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{54228DC1-0B27-4215-B2BE-4D07C521F242}) (Version: 2.33.0.0 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-03-16] (Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-05] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {004FBB22-14F1-49EA-8F3D-4A2D893BC5C9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {066A9D8C-1D8E-4EEE-84DF-FB2F38223FE6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {16F0E18F-0AE4-4773-BCA2-DE0DF2497235} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18447B6B-F1BB-41C0-872A-361294B37125} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {25E510B9-2B32-447F-B4B1-8F3E788EFBAE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {298008D2-26D7-4544-AFA2-1CAADAB570AF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B1B460F-19EB-4C18-83B4-08C04CBC8543} - System32\Tasks\{CE33EDE1-51E8-4E85-B7C2-BFA08F6EEF3E} => C:\Program Files\McAfee.com\Agent\mcagent.exe
Task: {2C69DD02-2187-45AA-A9BE-5AC29C98D452} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CDC4D22-75E8-463C-B2FA-97F1430BEC1F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {322FB263-0F41-4035-A3DD-C690381646C5} - System32\Tasks\{8CA1F74E-B9D8-4C6C-9741-14674F9C6E00} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/en/go/help.faq.installer?LastError=1618
Task: {33437D61-72BC-4FA1-96B3-4C57FE23F3AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {34F27EF0-0500-49C3-9A3B-58C37C025A11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {37850590-CD1E-4FAD-9071-B231F3071EFF} - System32\Tasks\{3F1F272B-83E4-4087-B81A-2F313ACE957A} => C:\Program Files (x86)\Norton Internet Security\Engine64\21.0.1.3\uiStub.exe
Task: {39A054C9-331F-4913-BB42-B7577C1883B4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3B965033-1D2B-49D8-84C9-4C3C95C7C29A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3BF55618-A7ED-433E-91E7-DE91A682D33A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C06C537-3052-498D-BED1-3041953FD943} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42A56C44-E1CE-41A9-9FA4-BFC2A08B06BD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {45FDD7CF-8235-4D17-9026-75E91672CD42} - System32\Tasks\{12D84E1B-B202-4CF0-9269-9D94538ECAE7} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120.196/en/go/help.faq.installer?LastError=1618
Task: {466F2397-F04F-4894-B2A3-6000B32330D8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5171C78E-0FCC-45CB-ACCA-BEE9BF91D561} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5183ECE8-0DED-4430-9581-AB115093379B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {55E35717-FF23-4E96-97D6-6759B9BFED19} - System32\Tasks\{D94C9736-320F-4015-89A0-3BE35815E859} => C:\Program Files (x86)\Norton Internet Security\Engine64\21.0.1.3\uiStub.exe
Task: {5B109E94-6FC5-4B6E-B600-2841C7F401D8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B6EA5B4-902B-4100-9991-6802802B6BA6} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\wap76\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {5F26156B-806E-4758-9445-7390717245D7} - System32\Tasks\{4714CA5B-20EF-4EAF-9375-E73FB5A0925A} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {603225B3-6F4A-4E70-AD21-0A5E33676CF6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {60DCC6C1-A6DF-4BFC-988F-CFDAFFB3B11D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {653EFC63-ADC7-4449-AF0E-63CAE443B982} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A761E7E-216A-4D2A-83AD-153DC5D8754B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {730076D5-F73E-4B49-AF0B-F5C602FEBAE2} - System32\Tasks\{B9B4FA2D-8E86-414A-ACC9-8822ADC6AB25} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {792C82FC-E7A5-49C0-A63F-C42D493E0B82} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {79447F8B-E0A6-480A-9451-BA045EEC99B5} - System32\Tasks\{6369F894-A7F2-4201-81B2-682F6F161683} => C:\Program Files\McAfee.com\Agent\mcagent.exe
Task: {7D45ECD0-E813-475A-A815-8E20681400E4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-05-06] (AVAST Software)
Task: {801D276B-18A2-4CAF-8182-1AD5D7A31BFA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {80C0F0B1-F0D8-42F3-B5B3-46ED5355D0C1} - System32\Tasks\{1DC3AC62-3AFA-4C87-9B32-1CFA100B1F54} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {8F9F13C3-F6FA-4BAF-8CB3-12EB3E511ABF} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {931CCF87-53E0-47E0-B40A-FBD69119D2E8} - System32\Tasks\{DB1CE910-6F9E-4CBC-8217-41F7137B390F} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\TOSHIBA\WORKSSETUP\OffHST07Trial\setup.exe" -d "C:\Program Files (x86)\TOSHIBA\WORKSSETUP\OffHST07Trial"
Task: {94B58783-E6B0-4E75-BBBA-A6CB2414F723} - System32\Tasks\{3CA3B60C-5A87-441C-9928-76D629767A1B} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {97A51E1A-D718-49C3-8408-333FE59C1126} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B27E73A-8F06-43AE-AFC4-89387786C5E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {A0FE6608-F610-4267-A6E0-C7B57439EAEC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A51195DE-C450-479E-B39C-A5A73ABB4336} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {AB14A90D-AB3D-4000-98E6-46FE8126245B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {AFDB9FC5-8C8F-4167-AE5E-7B3339D597F0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B51BF8B2-5CCC-4F36-8958-2FA1ED6FB55A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-05] (AVAST Software)
Task: {B812EC75-195E-4BC3-8B69-B750307E9886} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {B88470F2-E7BE-4299-BF1D-FACE08C3C8EB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B90680AC-4C87-4D92-98E3-086E8F800BE7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C15030A3-2B28-4779-81D0-5ACBC803A47D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C5D59BC8-5E7C-4CFD-AD1C-5EEC3419DEEB} - System32\Tasks\{957E654D-BEBB-432E-B9A7-C07A92159F50} => "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.116.196/en/go/help.faq.installer?LastError=1618
Task: {CA546D68-1C64-4BCB-BFE5-309166DE2B1C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB35A35F-F501-4B1D-82D6-6BD668A2ADE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D8EB2A20-A82C-476C-A3F1-639E313241DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EE874131-C71E-4EEF-A0F7-9F1E9F6D38DC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {EF431543-351B-4620-B65B-BD072587517D} - System32\Tasks\{6618B261-9F78-4100-8A4A-B6397537F36B} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {F4E675BF-D3D4-42B1-AFCC-05F226B8825E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F65E8974-01B1-48DD-8419-4C3B708EB278} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC834599-889C-4CCC-8DB4-0B643A08A71B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-03-16] (Apple Inc.)
Task: {FE3B04AF-6B18-41FB-83C0-6F45F0669A26} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2010-10-17 09:44 - 2009-11-04 09:17 - 000189440 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\dlecdrpp.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-17 09:43 - 2010-01-07 16:19 - 000033448 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlecserv.exe
2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-16 08:38 - 2017-03-28 02:22 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-17 13:39 - 2016-09-17 13:39 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-25 09:07 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-25 09:09 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-25 09:09 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-25 09:09 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-16 08:38 - 2017-03-28 01:07 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-16 08:38 - 2017-03-28 01:08 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-16 08:38 - 2017-03-28 01:11 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 008762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 16:26 - 2009-11-03 16:26 - 000053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 000019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 000019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-03-23 21:06 - 2009-06-22 18:40 - 000022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 22:08 - 2009-03-12 22:08 - 000048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 000017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 000079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2010-10-17 09:40 - 2010-01-18 11:45 - 000770728 _____ () C:\Program Files (x86)\Dell P713w\dlecmon.exe
2010-10-17 09:40 - 2010-01-18 11:46 - 000139944 _____ () C:\Program Files (x86)\Dell P713w\ezprint.exe
2017-03-22 18:14 - 2017-03-22 18:14 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-05-01 10:00 - 2017-05-01 10:00 - 000077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 10:00 - 2017-05-01 10:00 - 000190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 10:00 - 2017-05-01 10:00 - 043012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 10:00 - 2017-05-01 10:00 - 002451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2010-02-28 02:33 - 2010-02-28 02:33 - 000077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2010-10-17 09:39 - 2009-11-26 04:53 - 000086180 _____ () C:\Program Files (x86)\Dell P713w\dleccfg.dll
2010-10-17 09:40 - 2009-12-16 13:04 - 000389120 _____ () C:\Program Files (x86)\Dell P713w\dlecscw.dll
2010-10-17 09:40 - 2009-03-25 11:10 - 000192512 _____ () C:\Program Files (x86)\Dell P713w\dlecdatr.dll
2010-10-17 09:40 - 2009-12-16 13:07 - 001159168 _____ () C:\Program Files (x86)\Dell P713w\dlecDRS.dll
2010-10-17 09:40 - 2009-03-10 01:43 - 000155648 _____ () C:\Program Files (x86)\Dell P713w\dleccaps.dll
2010-10-17 09:40 - 2009-03-05 13:55 - 000059904 _____ () C:\Program Files (x86)\Dell P713w\dleccnv4.dll
2010-10-17 09:39 - 2009-02-12 07:33 - 000381952 _____ () C:\WINDOWS\SYSTEM32\dlecsm.dll
2010-10-17 09:39 - 2009-02-12 07:33 - 000028672 _____ () C:\WINDOWS\system32\dlecsmr.dll
2010-10-17 09:40 - 2009-06-22 09:08 - 000708608 _____ () C:\Program Files (x86)\Dell P713w\Epwizard.DLL
2010-10-17 09:40 - 2009-06-22 09:06 - 000159744 _____ () C:\Program Files (x86)\Dell P713w\customui.dll
2010-10-17 09:40 - 2009-06-22 09:06 - 000114688 _____ () C:\Program Files (x86)\Dell P713w\Eputil.DLL
2010-10-17 09:40 - 2009-06-22 09:06 - 000061440 _____ () C:\Program Files (x86)\Dell P713w\Epfunct.DLL
2010-10-17 09:40 - 2009-06-22 09:05 - 000139264 _____ () C:\Program Files (x86)\Dell P713w\Imagutil.DLL
2010-10-17 09:40 - 2009-06-22 09:08 - 002203648 _____ () C:\Program Files (x86)\Dell P713w\EPWizRes.dll
2010-10-17 09:40 - 2009-06-22 09:08 - 000045056 _____ () C:\Program Files (x86)\Dell P713w\epstring.dll
2010-10-17 09:40 - 2009-06-22 09:08 - 000196608 _____ () C:\Program Files (x86)\Dell P713w\EPOEMDll.dll
2010-10-17 09:40 - 2009-04-07 15:25 - 000409600 _____ () C:\Program Files (x86)\Dell P713w\iptk.dll
2010-10-17 09:41 - 2009-03-02 10:25 - 000151552 _____ () C:\Program Files (x86)\Dell P713w\dlecptp.dll
2018-05-05 19:36 - 2018-05-05 19:36 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-05-05 20:47 - 2018-05-05 20:47 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-05 19:35 - 2018-05-05 19:35 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-05-05 19:36 - 2018-05-05 19:36 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-05 19:34 - 2018-05-05 19:34 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF [374]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2018-05-05 18:18 - 000000850 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191915233\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191915842\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wap76\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\aqua.jpg
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\Control Panel\Desktop\\Wallpaper -> C:\Users\wap76\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\aqua.jpg
HKU\S-1-5-21-2191989212-20672456-2235214370-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191922479\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Innovation\Aqua.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191928531\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\StartupApproved\Run: => "NortonUtilities"
HKU\S-1-5-21-2191989212-20672456-2235214370-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\StartupApproved\Run: => "NortonUtilities"
HKU\S-1-5-21-2191989212-20672456-2235214370-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05082018191917456\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{B1B68BB1-E709-4078-8868-47BF147CA96A}C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{5945B0A8-B1FD-42D7-803D-C01A39DB0B2E}C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{A5A77A35-30BF-4777-93DF-7D398DB17DEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F3D5F0D-436C-4001-B813-9B01A74B9017}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2A0F4A9-1197-44DC-9A29-03DA9D41A5E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{716ADFEE-3AFB-4A5C-8F86-2B6CC2F988CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47B740AA-34B2-4823-A0EC-F062AEDACE3A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{036E0D29-2FCB-4061-8E73-980CB2D83571}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F2EE2525-4207-480F-9F3F-509341D8C019}] => (Allow) LPort=1900
FirewallRules: [{AEDB6213-AE46-44FC-B9F6-678B9E476F9E}] => (Allow) LPort=2869
FirewallRules: [{3DB03051-BC03-4A57-B654-5A0596A4B15A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2A63A990-5DB2-4576-88BF-CA565A483681}] => (Allow) C:\windows\system32\DLECcoms.exe
FirewallRules: [{644AC402-A9C4-457F-8C44-B0943F6CEA12}] => (Allow) C:\windows\system32\DLECcoms.exe
FirewallRules: [{C37F734C-7BC4-4152-A33E-5CFD2DE3E5C5}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{A049B100-2AD7-43CC-B10A-37279DDEA908}] => (Allow) C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe
FirewallRules: [{91142C14-4F35-4781-AEA4-AE7B902EF7E3}] => (Allow) C:\windows\system32\DLECcoms.exe
FirewallRules: [{1686E14A-70E9-4865-ADC7-7ECBE62E8050}] => (Allow) C:\windows\system32\DLECcoms.exe
FirewallRules: [{2E76DCE7-F56A-4E79-A513-CF07D4F74DB6}] => (Allow) C:\windows\system32\dleccoms.exe
FirewallRules: [{BC250E7D-7AFA-4C3E-9B93-6923D4EF06C4}] => (Allow) LPort=10255
FirewallRules: [{20095409-39C3-41E5-92D2-92A018F886A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43CFF7F6-4E6D-4281-9C5A-36D24CC6EA72}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9FE8BE67-995A-43C0-9BCC-2EAB10C3D2EC}] => (Allow) svchost.exe
FirewallRules: [{800453DB-51C8-48E9-963B-E0777D55B213}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{BF4C0671-F9CE-434C-B34D-038BA39689DD}C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{CDD59BD6-8F05-488F-893B-2CB28CFAF91D}C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{9D37B57B-4D27-42BC-9B30-84E740C7E001}C:\users\wap76\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wap76\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{241B8435-2B64-4753-9096-6D9FF510EC0A}C:\users\wap76\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wap76\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EAE5D295-AFF8-4BB6-A0F7-6E9E2711EB56}C:\users\wap76\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wap76\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B7C7F921-4105-45C1-98C1-303B0C120936}C:\users\wap76\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\wap76\appdata\local\akamai\netsession_win.exe
FirewallRules: [{175FB969-5FD7-49F8-81EB-07592D83189F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DBBBB5C4-954D-4DC7-ACB5-35ABD49506DC}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{855DAAD7-6A0B-4BFC-A7F6-5EAD89E9C909}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{BA6BAE86-6294-4D88-8D71-025A7FF81431}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-02-2018 16:01:40 Windows Modules Installer
17-02-2018 18:24:23 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/12/2018 07:37:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x38d4
Faulting application start time: 0x01d3e9e59db53ef2
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: 1d295444-5137-4df5-a2f8-e79894329aa7
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:37:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x1f30
Faulting application start time: 0x01d3e9e599c55869
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: 66e72e84-ace8-49a4-b8e4-dee792531f73
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x34bc
Faulting application start time: 0x01d3e9e595f3281f
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: dacc6c7f-471b-4bbc-9018-871dcb4b5114
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:37:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x3b60
Faulting application start time: 0x01d3e9e59214af2b
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: a6fe8650-c1eb-45bb-86b9-72fe4ba787e6
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:37:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x3948
Faulting application start time: 0x01d3e9e58e114149
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: 5c54cc66-fd01-483c-bd4a-65d6c1416e1a
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:37:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x18f4
Faulting application start time: 0x01d3e9e58a57697c
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: 62eb5367-d0e2-4d1e-b40f-31d0d2fd8583
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:36:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0xf28
Faulting application start time: 0x01d3e9e5867f0dac
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: 44b87c82-fbf0-41eb-b9bf-c98a193f5c03
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2018 07:36:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportService.exe, version: 3.5.1908.152, time stamp: 0x5aa53862
Faulting module name: RapportUtil.dll, version: 3.5.1908.152, time stamp: 0x5aa537b7
Exception code: 0xc0000005
Fault offset: 0x000ba685
Faulting process id: 0x34a0
Faulting application start time: 0x01d3e9e582a484d1
Faulting application path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
Faulting module path: C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
Report Id: f27df395-4be2-4565-b938-fb75ad41823e
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (05/12/2018 07:40:28 AM) (Source: DCOM) (EventID: 10016) (User: ANDY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user andy\wap76 SID (S-1-5-21-2191989212-20672456-2235214370-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (05/12/2018 07:33:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2018 08:29:11 PM) (Source: DCOM) (EventID: 10016) (User: ANDY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user andy\wap76 SID (S-1-5-21-2191989212-20672456-2235214370-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (05/11/2018 08:12:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/08/2018 08:13:12 PM) (Source: DCOM) (EventID: 10010) (User: ANDY)
Description: The server {2EAD57C2-492A-4713-A340-8272B88BFF1B} did not register with DCOM within the required timeout.
Error: (05/08/2018 07:57:07 PM) (Source: DCOM) (EventID: 10010) (User: ANDY)
Description: The server MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca did not register with DCOM within the required timeout.
Error: (05/08/2018 07:17:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/06/2018 09:10:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Windows Defender:
===================================
Date: 2018-05-05 19:46:47.853
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 116.1.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.12706.0
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
Date: 2018-05-05 19:44:38.700
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.207.2126.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12101.0
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2018-05-05 19:44:38.699
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.207.2126.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12101.0
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2018-05-05 19:13:24.805
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.207.2126.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12101.0
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2018-05-05 19:13:24.785
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.207.2126.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12101.0
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===================================
Date: 2018-05-12 07:32:28.936
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-12 07:32:28.932
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-11 20:10:55.192
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-11 20:10:55.188
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-08 19:15:24.235
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-08 19:15:24.229
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-05 19:30:16.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-05-05 19:30:16.180
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon™ II P320 Dual-Core Processor
Percentage of memory in use: 75%
Total physical RAM: 2806.86 MB
Available physical RAM: 692.39 MB
Total Virtual: 5622.86 MB
Available Virtual: 2082.75 MB
==================== Drives ================================
Drive c: (TI105828W0G) (Fixed) (Total:285.78 GB) (Free:158.82 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{ad3c2d5c-6ef1-11df-a2e3-806e6f6e6963}\ (System) (Fixed) (Total:1.46 GB) (Free:1.26 GB) NTFS
\\?\Volume{99540982-0000-0000-0000-e0cf47000000}\ () (Fixed) (Total:0.77 GB) (Free:0.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 99540982)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=790 MB) - (Type=27)
Partition 4: (Not Active) - (Size=10.1 GB) - (Type=17)
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
RKinner
Posted 17 May 2018 - 04:39 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP