Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Win 7 computer start up problems

Started by BrianR1976 , Oct 23 2018 10:47 AM

Please log in to reply

#61
BrianR1976

Posted 10 November 2018 - 11:14 AM

Member

Topic Starter
Member
355 posts

I thought I had. I think there were a couple of programs you said I could remove way back when we started that didnt seem to go away completely,

#62
RKinner

Posted 10 November 2018 - 03:24 PM

Malware Expert

Expert
24,623 posts

FRST still shows:

RealDownloader (HKLM-x32\...\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}) (Version: 18.1.7.347 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}) (Version: 18.1.7.347 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{EE8BACFF-60B3-4069-8F71-337A2662940A}) (Version: 18.1.7.343 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden

We can let FRST unhide them. If we are lucky then you should be able to uninstall them.

Attached is a fixlist. You know what to do with it. This one shouldn't need to reboot.

fixlist.txt 1.53KB 167 downloads

After you run it then try and uninstall them the normal way.

Then run a FRST scan as before. If they don't want to uninstall then have FRST do a Search Registry for

real and post the log.

#63
BrianR1976

Posted 10 November 2018 - 10:32 PM

Member

Topic Starter
Member
355 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.11.2018
Ran by BReese76 (administrator) on BREESE76-HP (10-11-2018 21:23:42)
Running from C:\Users\BReese76\Desktop
Loaded Profiles: BReese76 (Available Profiles: BReese76)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
() C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3711320 2018-10-26] (Malwarebytes)
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-27] (AVAST Software)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [7429280 2018-07-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [7429280 2018-07-25] (Fitbit, Inc.)
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe [1223560 2017-05-07] (Ruiware)
HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5E1B1D25-767C-4FD6-AE4C-55CFC5626C29}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E745E9B4-9BA4-4154-BDFC-4B77998EAAFE}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-239473584-822298280-3168733615-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> {A3F3D8FE-86AE-4813-B96F-A656930924FD} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-239473584-822298280-3168733615-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-239473584-822298280-3168733615-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-23] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-11-04] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-11-04] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-11-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206 [2018-11-10]
FF Homepage: Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206 -> www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206 -> about:newtab
FF Extension: (Grammarly for Firefox) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2018-10-30]
FF Extension: (New XKit) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\@new-xkit.xpi [2018-03-31]
FF Extension: (AdBlocker Ultimate) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2018-10-25]
FF Extension: (YouTube™ Flash® Player) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2018-01-28]
FF Extension: (uBlock Origin) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\[email protected] [2018-11-06]
FF Extension: (Ebates: The Free Cash Back Shopping Assistant) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2018-11-07]
FF Extension: (Popup Blocker Ultimate) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2018-10-01]
FF Extension: (Hard Refresh Button) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{b6da57d3-9727-4bc0-b974-d13e7c004af0}.xpi [2017-11-20]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\BReese76\AppData\Roaming\Mozilla\Firefox\Profiles\lct2jq7h.default-1489776093206\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2017-10-07]
FF Extension: (Yahoo! Toolbar) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-11-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-03-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-03-19] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-19] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-239473584-822298280-3168733615-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll [2012-10-24] (Amazon.com, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default [2018-11-10]
CHR Extension: (Slides) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Docs) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Google Drive) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-10]
CHR Extension: (YouTube) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-10]
CHR Extension: (Adblock Plus) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (uBlock Origin) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-11-06]
CHR Extension: (Avast Passwords) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-10-19]
CHR Extension: (Sheets) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Google Docs Offline) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-04]
CHR Extension: (Yahoo Partner) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihfmmedoddijgnhkgfgnkeohkpbipol [2018-04-28]
CHR Extension: (Avast Online Security) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-11-06]
CHR Extension: (GIFit!) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoojcphcmgcplkpckkjpdlloooifgec [2018-11-04]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2018-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\BReese76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-27] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-27] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-17] (AVAST Software)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9667872 2018-10-24] (Microsoft Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [6115488 2018-07-25] (Fitbit, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1795136 2018-02-01] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RalinkCountryRegion; C:\Program Files (x86)\Ralink\Common\RaCountryRegion.exe [42496 2012-07-27] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S4 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-14] ()
S2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [201408 2018-10-27] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-27] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201928 2018-10-27] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346760 2018-10-27] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59664 2018-10-27] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [185240 2018-10-27] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [47064 2018-10-27] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42456 2018-10-27] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [163376 2018-10-27] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111968 2018-10-27] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88112 2018-10-27] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1028840 2018-10-27] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [467904 2018-10-27] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [208640 2018-10-27] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381144 2018-10-27] (AVAST Software)
S3 cmnxusbser; C:\windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-10] (Malwarebytes)
R3 netr28x; C:\windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-05-14] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 rspLLL; C:\windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
S3 sscdserd; C:\windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Western Digital Technologies)
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 20:24 - 2018-11-10 20:24 - 000000000 ____D C:\Users\BReese76\AppData\Local\Adobe
2018-11-10 20:14 - 2018-11-10 20:14 - 000260480 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-11-09 23:56 - 2018-11-09 23:56 - 005250965 _____ C:\Users\BReese76\Downloads\vault_tec_id_card_by_zanderyurami-dcrlu4u.psd
2018-11-09 22:57 - 2018-11-09 22:57 - 000107628 _____ C:\Users\BReese76\Downloads\cc_20181109_225659.reg
2018-11-09 22:55 - 2018-11-09 22:55 - 000000784 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-09 22:53 - 2018-11-09 22:53 - 018072104 _____ (Piriform Ltd) C:\Users\BReese76\Downloads\ccsetup548.exe
2018-11-09 22:40 - 2018-11-10 20:43 - 000002068 _____ C:\Users\BReese76\Desktop\Fixlog.txt
2018-11-08 21:33 - 2018-11-08 21:33 - 000002233 _____ C:\Users\BReese76\Desktop\Kindle.lnk
2018-11-06 21:53 - 2018-11-06 21:53 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\CrystalIdea Software
2018-11-06 21:52 - 2018-11-06 21:52 - 000663848 _____ C:\Users\BReese76\Downloads\speedyfox.zip
2018-11-05 21:14 - 2018-11-10 21:23 - 002885858 _____ C:\Users\BReese76\Desktop\SearchReg.txt
2018-11-05 21:09 - 2018-11-05 21:09 - 003938816 _____ C:\Users\BReese76\Downloads\OWL Peer Review Presentation HUM 345W.ppt
2018-11-04 22:23 - 2018-11-04 22:23 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002368 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-04 22:23 - 2018-11-04 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-10-31 20:45 - 2018-10-31 20:45 - 000000000 ____D C:\ProgramData\Ralink
2018-10-31 20:35 - 2018-10-31 20:36 - 037903688 _____ (Hewlett-Packard Company ) C:\Users\BReese76\Downloads\sp60464.exe
2018-10-29 20:16 - 2018-10-29 20:16 - 000003666 _____ C:\windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-10-29 20:16 - 2018-10-29 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-10-28 08:29 - 2018-10-28 21:59 - 000000000 ____D C:\Users\BReese76\Desktop\TP Files
2018-10-27 15:30 - 2018-10-27 16:09 - 000000000 ___RD C:\Users\BReese76\Creative Cloud Files
2018-10-27 15:20 - 2018-10-27 15:20 - 007197480 _____ (VS Revo Group ) C:\Users\BReese76\Downloads\revosetup.exe
2018-10-27 15:20 - 2018-10-27 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-10-27 15:20 - 2018-10-27 15:20 - 000000000 ____D C:\Program Files\VS Revo Group
2018-10-27 15:17 - 2018-10-27 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2018-10-27 15:17 - 2018-10-27 15:17 - 000000000 ____D C:\Program Files\LatencyMon
2018-10-27 15:17 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\windows\system32\Drivers\rspLLL64.sys
2018-10-27 12:17 - 2018-10-27 12:17 - 000645729 _____ (WDS Team) C:\Users\BReese76\Downloads\windirstat1_1_2_setup.exe
2018-10-27 12:17 - 2018-10-27 12:17 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-10-27 12:17 - 2018-10-27 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-10-27 12:17 - 2018-10-27 12:17 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2018-10-27 11:21 - 2018-10-27 11:21 - 000749133 _____ C:\Users\BReese76\Downloads\nejmsa1803972.pdf
2018-10-27 11:09 - 2018-10-27 11:09 - 002379965 _____ C:\Users\BReese76\Downloads\26502501.pdf
2018-10-27 09:47 - 2018-10-27 09:47 - 000000000 ____D C:\windows\CheckSur
2018-10-27 09:39 - 2018-10-27 09:39 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\AVAST Software
2018-10-27 09:39 - 2018-10-27 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-10-27 09:38 - 2018-11-10 21:24 - 000004168 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-10-27 09:38 - 2018-10-27 09:37 - 001028840 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000467904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000381144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000378584 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2018-10-27 09:38 - 2018-10-27 09:37 - 000346760 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000230512 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000208640 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000201928 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000201408 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000185240 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000163376 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000111968 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000088112 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000059664 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000047064 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2018-10-27 09:38 - 2018-10-27 09:37 - 000042456 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2018-10-27 09:37 - 2018-10-27 09:37 - 000000000 ____D C:\Program Files\AVAST Software
2018-10-27 09:27 - 2018-10-27 09:27 - 000178320 _____ (AVAST Software) C:\Users\BReese76\Downloads\avast_free_antivirus_setup_online_cnet_2.exe
2018-10-27 00:25 - 2018-10-27 00:25 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-26 15:11 - 2018-10-26 15:12 - 000987383 _____ C:\Users\BReese76\Downloads\20557379_f07df4feb86bc5402f9bcaeb2d34beae98cdb560.cab
2018-10-26 14:55 - 2018-10-26 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2018-10-26 13:41 - 2018-10-26 13:42 - 000000033 _____ C:\Users\BReese76\Desktop\F76.txt
2018-10-26 09:29 - 2018-10-26 09:29 - 000003470 _____ C:\windows\System32\Tasks\AdobeGCInvoker-1.0-BReese76-HP-BReese76
2018-10-25 23:21 - 2018-10-25 23:22 - 000030933 _____ C:\Users\BReese76\Desktop\Geck.pdf
2018-10-25 16:09 - 2018-10-25 16:09 - 000010613 _____ C:\junk.txt
2018-10-25 15:58 - 2018-11-09 23:46 - 000057329 _____ C:\Users\BReese76\Desktop\Addition.txt
2018-10-25 15:46 - 2018-11-10 21:25 - 000025941 _____ C:\Users\BReese76\Desktop\FRST.txt
2018-10-25 15:43 - 2018-10-26 15:08 - 000000000 ____D C:\Users\BReese76\AppData\Local\Plays
2018-10-25 15:43 - 2018-10-25 15:48 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plays.tv, Inc
2018-10-25 15:43 - 2018-10-25 15:48 - 000000000 ____D C:\Users\BReese76\AppData\Local\Plays-ltc
2018-10-25 15:41 - 2018-10-25 18:00 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Plays
2018-10-25 15:38 - 2018-10-25 15:38 - 000000000 ____D C:\Users\BReese76\AppData\Local\{E6CA9661-A945-4BD0-BF5E-5DD6778360EC}
2018-10-25 15:32 - 2018-11-10 20:41 - 000000000 ____D C:\Users\BReese76\Desktop\FRST-OlderVersion
2018-10-25 09:03 - 2018-10-25 09:03 - 000000000 ____D C:\Users\BReese76\AppData\Local\FitbitConnect
2018-10-25 09:03 - 2018-10-25 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2018-10-25 09:03 - 2018-10-25 09:03 - 000000000 ____D C:\Program Files (x86)\Fitbit Connect
2018-10-25 08:59 - 2018-10-25 09:00 - 059263264 _____ (Fitbit Inc.) C:\Users\BReese76\Downloads\FitbitConnect-v2.0.2.7066-2018-07-25.exe
2018-10-23 21:22 - 2018-10-23 21:22 - 000002820 _____ C:\VEWApplication.txt
2018-10-23 21:08 - 2018-11-10 20:41 - 002415616 _____ (Farbar) C:\Users\BReese76\Desktop\FRST64.exe
2018-10-23 21:07 - 2018-10-31 20:15 - 000015135 _____ C:\VEW.txt
2018-10-23 20:34 - 2018-10-23 20:34 - 020975616 _____ C:\Users\BReese76\Documents\WinLog102318.evtx
2018-10-23 20:34 - 2018-10-23 20:34 - 020975616 _____ C:\Users\BReese76\Documents\AppLog102318.evtx
2018-10-23 20:30 - 2018-10-23 20:30 - 061819320 _____ (Malwarebytes ) C:\Users\BReese76\Downloads\mbarw-setup-consumer-0.9.18.807.exe
2018-10-20 11:23 - 2018-10-20 11:23 - 000643103 _____ C:\Users\BReese76\Desktop\Pip-Boy Screens.zip
2018-10-19 22:44 - 2018-10-21 21:19 - 000003514 _____ C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-BReese76-HP-BReese76
2018-10-16 11:29 - 2018-10-16 11:29 - 000048208 _____ C:\Users\BReese76\Desktop\Pokestats.xlsx
2018-10-15 21:55 - 2018-10-15 21:55 - 000000207 _____ C:\windows\tweaking.com-regbackup-BREESE76-HP-Windows-7-Home-Premium-(64-bit).dat
2018-10-15 21:55 - 2018-10-15 21:55 - 000000000 ____D C:\RegBackup
2018-10-15 21:07 - 2018-10-15 21:07 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-10-15 21:05 - 2018-10-15 21:06 - 038137496 _____ (Tweaking.com) C:\Users\BReese76\Downloads\tweaking.com_windows_repair_aio_setup.exe
2018-10-13 21:34 - 2018-10-13 21:34 - 005545813 _____ C:\Users\BReese76\Downloads\Week 8 Working through Ethical Questions.pptx
2018-10-12 15:31 - 2018-10-12 15:31 - 000000000 ____D C:\Users\BReese76\AppData\Local\mbamtray
2018-10-12 15:30 - 2018-10-26 10:29 - 000152688 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2018-10-12 15:30 - 2018-10-12 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 21:24 - 2018-08-20 22:17 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-11-10 21:23 - 2018-02-02 14:49 - 000000000 ____D C:\FRST
2018-11-10 20:59 - 2014-10-23 12:18 - 000000000 ____D C:\Program Files (x86)\Real
2018-11-10 20:44 - 2017-03-19 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2018-11-10 20:25 - 2009-07-13 21:45 - 000024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-10 20:25 - 2009-07-13 21:45 - 000024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-10 20:22 - 2016-11-15 21:55 - 000000000 ____D C:\Users\BReese76\AppData\LocalLow\Mozilla
2018-11-10 20:20 - 2017-09-26 20:35 - 000000000 ____D C:\Users\BReese76\AppData\Local\AVAST Software
2018-11-10 20:14 - 2012-11-21 21:17 - 000000000 ____D C:\ProgramData\PDFC
2018-11-10 20:14 - 2009-07-13 22:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-11-10 00:01 - 2009-07-13 20:20 - 000000000 ____D C:\windows\inf
2018-11-09 23:52 - 2013-01-01 14:18 - 000000000 ____D C:\Program Files (x86)\7-Zip
2018-11-09 23:37 - 2012-12-23 10:22 - 000000000 ____D C:\Users\BReese76\Tracing
2018-11-09 23:01 - 2018-09-01 08:27 - 000000000 ____D C:\windows\Minidump
2018-11-09 23:01 - 2012-12-14 21:05 - 000000000 ____D C:\Users\BReese76\AppData\Local\CrashDumps
2018-11-09 22:55 - 2018-08-20 22:17 - 000000000 ____D C:\Program Files\CCleaner
2018-11-09 22:42 - 2013-10-07 22:29 - 000000000 ____D C:\Program Files\Adobe
2018-11-09 00:06 - 2017-01-05 10:02 - 000014736 _____ C:\Users\BReese76\Desktop\Bills.xlsx
2018-11-08 21:37 - 2018-09-10 19:42 - 000000000 ____D C:\Users\BReese76\Documents\My Kindle Content
2018-11-08 21:37 - 2015-12-22 22:39 - 000001933 _____ C:\Users\BReese76\Desktop\bands to listen to.txt
2018-11-06 11:12 - 2012-12-13 15:38 - 000000000 ____D C:\Users\BReese76\AppData\Local\PDFC
2018-11-04 23:05 - 2016-06-09 12:56 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Google
2018-11-04 22:26 - 2017-01-12 13:53 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-04 22:22 - 2012-11-21 21:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-01 22:13 - 2016-11-15 15:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-01 22:13 - 2012-12-13 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-31 20:44 - 2012-11-21 21:06 - 000000000 ____D C:\windows\system32\RaLanguages
2018-10-31 20:42 - 2012-11-21 21:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2018-10-31 20:41 - 2011-02-11 09:32 - 000000000 ____D C:\SWSETUP
2018-10-29 21:07 - 2012-12-13 15:43 - 000124632 _____ C:\Users\BReese76\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-29 21:04 - 2009-07-13 21:45 - 005154608 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-28 07:40 - 2009-07-13 22:13 - 000781298 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-27 16:12 - 2017-03-22 21:26 - 000000000 ___HD C:\adobeTemp
2018-10-27 15:39 - 2016-06-06 21:03 - 000007597 _____ C:\Users\BReese76\AppData\Local\Resmon.ResmonCfg
2018-10-27 15:30 - 2012-12-13 15:31 - 000000000 ____D C:\Users\BReese76
2018-10-27 15:25 - 2013-02-02 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2018-10-27 12:08 - 2015-08-26 21:59 - 000000000 ____D C:\Program Files\Java
2018-10-27 11:59 - 2018-02-18 21:44 - 008271832 _____ (Adobe System Incorporated.) C:\Users\BReese76\Downloads\AdobeCreativeCloudCleanerTool.exe
2018-10-27 09:36 - 2012-12-13 15:47 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-27 00:26 - 2013-05-19 13:54 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Dropbox
2018-10-26 15:19 - 2012-11-21 21:19 - 000000000 ____D C:\Program Files (x86)\Windows Live
2018-10-26 15:18 - 2009-07-13 20:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-10-26 15:01 - 2014-11-10 23:15 - 000000000 ____D C:\ProgramData\Apple
2018-10-26 14:58 - 2013-02-02 21:46 - 000000000 ____D C:\Users\BReese76\Documents\My Digital Editions
2018-10-26 14:58 - 2012-12-14 21:03 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-10-26 14:55 - 2017-03-18 12:40 - 000000000 ____D C:\Program Files (x86)\Raptr Inc
2018-10-26 09:39 - 2018-05-17 22:13 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-25 15:48 - 2015-05-27 22:47 - 000000000 ____D C:\Users\BReese76\AppData\Local\SquirrelTemp
2018-10-25 15:45 - 2012-12-13 20:54 - 000000000 ____D C:\Brians
2018-10-25 15:42 - 2017-04-16 13:29 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\Spotify
2018-10-25 15:42 - 2013-02-25 22:40 - 000000000 ____D C:\Users\BReese76\AppData\Local\Spotify
2018-10-25 15:41 - 2017-03-18 12:41 - 000000000 ____D C:\Users\BReese76\AppData\Roaming\PlaysTV
2018-10-25 15:33 - 2014-11-06 00:07 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-25 09:03 - 2016-01-03 11:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-10-25 09:03 - 2014-12-26 22:57 - 000000000 ____D C:\ProgramData\FitbitConnect
2018-10-24 22:54 - 2017-08-31 09:20 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-10-24 00:21 - 2017-01-13 13:14 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-24 00:20 - 2015-05-13 16:28 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-21 21:19 - 2018-08-20 22:17 - 000002802 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-10-21 21:19 - 2013-05-15 09:12 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-10-21 21:19 - 2013-02-12 22:00 - 000003204 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-19 22:44 - 2013-10-08 13:02 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-10-17 21:35 - 2016-12-01 21:28 - 000000100 _____ C:\Users\BReese76\Desktop\Nests.txt
2018-10-16 00:26 - 2013-07-13 15:34 - 000000000 ____D C:\windows\system32\MRT
2018-10-16 00:20 - 2012-12-13 16:35 - 136745976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-10-16 00:16 - 2011-02-11 10:15 - 000749006 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2018-10-15 22:23 - 2009-07-13 19:34 - 000000439 _____ C:\windows\win.ini
2018-10-15 21:43 - 2013-03-08 11:50 - 000003064 _____ C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2018-10-15 21:43 - 2013-03-08 11:50 - 000003062 _____ C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2018-10-15 21:43 - 2013-02-12 22:00 - 000003334 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-15 21:43 - 2012-12-23 10:18 - 000003120 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2018-10-15 21:43 - 2012-12-23 10:18 - 000003094 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2018-10-15 21:43 - 2012-12-23 10:18 - 000003092 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2018-10-15 20:58 - 2009-07-13 19:34 - 000002595 _____ C:\windows\system32\Drivers\etc\hosts_bak_929
2018-10-11 00:24 - 2018-03-13 22:55 - 000004476 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-11 00:24 - 2017-12-10 21:36 - 000003952 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D5BD9FAE-5D49-481F-A2D5-F893F1B0C808}
2018-10-11 00:24 - 2016-05-01 14:05 - 000003524 _____ C:\windows\System32\Tasks\Java Check
2018-10-11 00:24 - 2015-06-12 13:06 - 000003918 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001UA
2018-10-11 00:24 - 2015-06-12 13:06 - 000003522 _____ C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001Core
2018-10-11 00:24 - 2014-10-23 12:19 - 000003444 _____ C:\windows\System32\Tasks\RealDownloader Update Check
2018-10-11 00:24 - 2012-12-13 15:38 - 000003952 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A740816E-472C-470B-BBCC-E6BEE266ED51}

==================== Files in the root of some directories =======

2016-09-16 12:46 - 2016-09-16 12:46 - 000000132 _____ () C:\Users\BReese76\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-10-30 21:07 - 2018-05-29 22:25 - 000000033 _____ () C:\Users\BReese76\AppData\Roaming\AdobeWLCMCache.dat
2018-09-25 20:50 - 2018-09-25 20:50 - 000000000 _____ () C:\Users\BReese76\AppData\Local\oobelibMkey.log
2013-11-10 21:16 - 2013-11-10 21:16 - 000002647 _____ () C:\Users\BReese76\AppData\Local\recently-used.xbel
2016-06-06 21:03 - 2018-10-27 15:39 - 000007597 _____ () C:\Users\BReese76\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-07 17:43

==================== End of FRST.txt ============================

#64
BrianR1976

Posted 10 November 2018 - 10:33 PM

Member

Topic Starter
Member
355 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.11.2018
Ran by BReese76 (10-11-2018 21:29:12)
Running from C:\Users\BReese76\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-12-13 22:31:51)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-239473584-822298280-3168733615-500 - Administrator - Disabled)
BReese76 (S-1-5-21-239473584-822298280-3168733615-1001 - Administrator - Enabled) => C:\Users\BReese76
Guest (S-1-5-21-239473584-822298280-3168733615-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-239473584-822298280-3168733615-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (HKLM-x32\...\WTA-cae94c41-98d3-4995-a92c-1a9f8e9e703a) (Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
ActivePerl 5.16.1 Build 1601 (HKLM-x32\...\{9441AF70-8CCC-41EE-B2C1-398F5FE7E387}) (Version: 5.16.1601 - ActiveState)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_5) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Amazon Kindle) (Version: 1.24.3.51068 - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\{EE54B7D5-57E0-A190-5D10-0982B52DF050}) (Version: 3.0.0 - Amazon Services LLC) Hidden
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.16.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-e9b0d2ff-58f2-4f92-aa9f-4235ebcaa010) (Version: 2.2.0.98 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WTA-5c3a7a94-dfef-4e00-8d66-77ba16901e21) (Version: 2.2.0.95 - WildTangent) Hidden
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
calibre (HKLM-x32\...\{B76A3B8A-CD1E-4260-BA4A-6A6EAA05715D}) (Version: 2.82.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-18a12f60-8d31-4fc4-b9d4-ba8c3db71ff8) (Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-a28c47a7-a641-4085-a762-d1580dfb3be7) (Version: 2.2.0.98 - WildTangent) Hidden
CrystalDiskInfo 7.8.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.8.0 - Crystal Dew World)
CrystalDiskMark 6.0.1 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.1 - Crystal Dew World)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-8f7267c2-328a-41f3-b2d6-034896b7d44c) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Dropbox) (Version: 60.4.107 - Dropbox, Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape the Emerald Star (HKLM-x32\...\WTA-0fa94eff-d6c9-4239-a91c-51c12c0444a0) (Version: 2.2.0.98 - WildTangent) Hidden
Fantasy Hockey League (HKLM-x32\...\ST5UNST #1) (Version: - )
Farm Frenzy (HKLM-x32\...\WTA-ce060142-91ae-43c4-b0e0-f2c817140380) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-8100fd1a-3049-41a7-814f-8b53792f1f9b) (Version: 2.2.0.97 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-7202739a-55ea-4ae4-856c-5258f747150f) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-5dc76dc0-c994-4092-bb73-46a81f3bd8ae) (Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{2F0A730C-3593-4637-B740-B9F589591376}) (Version: 2.0.2.7066 - Fitbit Inc.)
FITS Liberator 3.0.1 (HKLM-x32\...\FITS Liberator) (Version: 3.0.1 - ESO/ESA/NASA)
Golden Trails 2: The Lost Legacy Collector's Edition (HKLM-x32\...\WTA-9d8b0610-c5e3-45ee-af7c-cdeea94b2e90) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-d2187750-9140-4bdc-80c4-23556ca5aa81) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-4a300df6-0a04-42ca-8731-ce1dc72d918d) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-cde176c2-3fbb-4206-8d44-8c409895fe58) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-57a418fb-a77e-43a6-b537-20d17df5f4d0) (Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (HKLM-x32\...\WTA-afa075f1-744f-4c53-9043-24311e6226ae) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-e396b932-3635-442c-a16a-ad5e9cd9ba6f) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11001.20074 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (HKLM-x32\...\WTA-99303275-448e-4ef7-af3b-382815c633d8) (Version: 2.2.0.98 - WildTangent) Hidden
Mozilla Firefox 63.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-US)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Farm Life 2 (HKLM-x32\...\WTA-c2399047-bc9f-4bd9-be08-2bb213f1caf9) (Version: 2.2.0.98 - WildTangent) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Noiseware Community Edition (HKLM-x32\...\{CB3B7C24-30A1-4961-8039-94919F5ED2EE}) (Version: 2.6.0.1 - Imagenomic)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.33 - PDF Complete, Inc)
Penguins! (HKLM-x32\...\WTA-ba1d02c0-99a5-44d9-ad50-d78e0ff275e1) (Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-5265d433-55cf-4f91-8af7-6f222f20ecbe) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-f45a2279-a2f0-4996-b789-170e0caa6692) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-49198b23-c076-479e-8963-efcc5b8f3b43) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-717d6b13-c516-4e2f-aa7b-6859d039bc61) (Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6305 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6305 - CyberLink Corp.)
PS_AIO_07_D110_SW_Min (HKLM-x32\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.10.0 - Mediatek)
RealDownloader (HKLM-x32\...\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}) (Version: 18.1.7.347 - RealNetworks)
RealDownloader (HKLM-x32\...\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}) (Version: 18.1.7.347 - RealNetworks)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Roads of Rome 3 (HKLM-x32\...\WTA-e94797d3-3b47-45b2-b709-a68038792160) (Version: 2.2.0.98 - WildTangent) Hidden
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Spotify (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\Spotify) (Version: 1.0.91.183.g259b84fa - Spotify AB)
Stellarium 0.12.1 (HKLM\...\Stellarium_is1) (Version: 0.12.1 - Stellarium team)
Tales of Lagoona (HKLM-x32\...\WTA-8ae7d57e-9bf6-4714-9287-2ebbabeb96ba) (Version: 2.2.0.98 - WildTangent) Hidden
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Toolbox (HKLM-x32\...\{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}) (Version: 140.0.424.000 - Hewlett-Packard) Hidden
Torchlight (HKLM-x32\...\WTA-564fcbde-007d-4035-80b5-601ed66ad9f1) (Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.3.0 - Tweaking.com)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (HKLM-x32\...\{415B9F6F-CC10-472E-A5A2-8961A3374148}) (Version: 18.1.7 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-2bbf0a89-bf22-4c3a-80ae-5e03ef3a7a49) (Version: 2.2.0.98 - WildTangent) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.5 - WildTangent) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-239473584-822298280-3168733615-1001\...\WinDirStat) (Version: - )
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
Youda Fisherman (HKLM-x32\...\WTA-d63f8446-d7e3-4baa-a564-dd263804d9c6) (Version: 2.2.0.98 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-5ba1d7e5-572b-42a4-bae2-e30c907395b5) (Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-239473584-822298280-3168733615-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-02-12] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2017-03-19] (RealNetworks, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1_S-1-5-21-239473584-822298280-3168733615-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-239473584-822298280-3168733615-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-239473584-822298280-3168733615-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\BReese76\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000A66B4-C5A7-40C0-ABE1-08F62EE40AAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0CFDE608-A517-4970-8DD5-7D27BCC5DD06} - System32\Tasks\AdobeGCInvoker-1.0-BReese76-HP-BReese76 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {10E30BB0-AE64-4EF3-B424-33C0A39F5CB8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-17] (AVAST Software)
Task: {12C28E15-8E49-4DA2-B059-15F89C5C5089} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-04] (Microsoft Corporation)
Task: {13DD1953-A60D-445C-BB50-41C3C19AAE59} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-11-04] (Microsoft Corporation)
Task: {1E00BF53-E352-4DA4-B795-01FED872799B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2754156C-20FF-4CD1-8DBD-89ECBC13D3D4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-27] (AVAST Software)
Task: {2CFCA092-3272-4285-9BFE-0C14E2EB0AF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-04] (Microsoft Corporation)
Task: {32B0AA4F-52BC-42AE-B6D7-BFBF6E75664C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {33076945-963E-4EC4-A13C-EB638BBC2955} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {446E437B-0FCF-4106-BA78-A3E6BE8086D2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-04] (Microsoft Corporation)
Task: {468A98E5-D695-4533-ABFC-045B245250D5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-27] (AVAST Software)
Task: {46A5A90B-A669-442B-8B6B-FF40C235C02E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {47009863-7FC6-4671-ABC1-FEA944441639} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-04] (Microsoft Corporation)
Task: {5029C1CA-5BCE-4679-A841-B76E8DFF3FC8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5A9E6666-6396-4315-852F-83E9914958B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {5D2000CD-4CC9-43B0-AD7A-E7175FB2DD64} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-04] (Microsoft Corporation)
Task: {61E5E849-787D-4D6A-BCDE-3A190456E305} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {6D9C6D34-86C2-427A-A303-7664C9BFA920} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {75C8E018-FAF0-4181-980B-8D0C5400D07E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001UA => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {7F3072DE-345C-48F6-A5B2-83883AB13269} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-17] (AVAST Software)
Task: {848BECA2-ACC0-4D4E-874D-04F17BDE60AC} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
Task: {8EED3BE9-ABF2-4ABD-B322-AE309DF696F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {9420A5AA-43B0-436C-844D-D60495D91273} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9CB1120C-48FE-45A1-839E-D793E9AED94B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {ADA000F6-6612-4450-AE11-D3942B8BC874} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation)
Task: {B62466C6-3941-4D30-BF26-597D3B58ADD3} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {BAD5407C-EF68-4424-9623-ECDD618259FE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-239473584-822298280-3168733615-1001Core => C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {BC0B38A5-D4D5-46F8-AFBD-29638758B612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C365ED2D-49B0-47DC-B27A-233A27F2F956} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {D0C11C30-491A-47D8-977D-5A99AB581306} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-04] (Microsoft Corporation)
Task: {E5937814-01F5-4765-A731-3DD78EE5817F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {E870D75C-F851-459E-B3F8-6BB7B63CDA68} - System32\Tasks\Java Check => “C:\Program [Argument = Files\Java\jre1.6.0_01\bin\jucheck.exe”]
Task: {E9348A4E-9932-4F16-A079-233DC63FBF06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {F4954C7E-F1F3-4A24-9E4B-D6D71AEAA2E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {F717F655-E608-4A88-8B12-54BE5F49E81F} - System32\Tasks\AdobeAAMUpdater-1.0-BReese76-HP-BReese76 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-02-20 22:09 - 2013-06-17 16:40 - 000035944 _____ () C:\windows\system32\ddmon4-64x.dll
2017-03-14 20:44 - 2017-03-14 20:44 - 000035104 _____ () C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
2018-10-12 15:30 - 2018-10-26 10:29 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 000730328 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-03-05 20:47 - 2018-03-05 20:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-02-12 15:31 - 2017-02-12 15:31 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-10-25 15:33 - 2018-10-23 14:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 15:33 - 2018-10-23 14:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-10 09:46 - 2018-11-10 09:46 - 005719184 _____ () C:\Program Files\AVAST Software\Avast\defs\18111002\algo.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-10-27 09:37 - 2018-10-27 09:37 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2017-03-14 20:44 - 2017-03-14 20:44 - 000040248 _____ () C:\program files (x86)\real\realplayer\UpdateService\DL2UpdatePlugin.dll
2017-03-14 20:44 - 2017-03-14 20:44 - 000042296 _____ () C:\program files (x86)\real\realplayer\UpdateService\RealDownloaderUpdatePlugin.dll
2017-03-14 20:43 - 2017-03-14 20:43 - 000039752 _____ () C:\program files (x86)\real\realplayer\UpdateService\VideoDLUpdatePlugin.dll
2018-07-20 22:13 - 2018-07-20 22:13 - 080293888 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2018-07-25 22:04 - 2018-07-25 22:04 - 000068608 ____R () C:\Program Files (x86)\Fitbit Connect\MP3Gain.dll
2018-10-27 09:39 - 2018-10-27 09:39 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Adobe Photoshop CS6 13.0 Final Multilanguage (patch-PainteR) [ChingLiu]:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2018-11-10 20:14 - 000003413 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-239473584-822298280-3168733615-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: CryptoPreventEmail => 3
MSCONFIG\Services: CryptoPreventFolderWatch => 3
MSCONFIG\Services: CryptoPreventMonSvc => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
MSCONFIG\startupreg: Dropbox Update => "C:\Users\BReese76\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D86A00B7-D787-4FCF-99DE-7828BCCCAAB4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{9207830A-E076-48DE-923C-0ED795B6911A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0351AACC-82F6-431C-833C-B0F6AE936B88}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0E08BD01-86AA-40C4-BB2E-CCDBC0329DF4}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{5BF64805-C0E7-4D45-B92D-444F9F19CE0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90F94230-F5F8-4433-B01C-E2F733161CD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{406EDAFD-BDB5-45CB-85EA-9E5A623398D9}C:\users\breese76\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A10894CE-0E9F-4B8C-B334-5219B7792227}C:\users\breese76\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0AE574CF-CB8F-45DA-B1E0-C510D13BDE60}] => (Block) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4626A069-0430-4CB6-B649-D014987AC2E3}] => (Block) C:\users\breese76\appdata\roaming\spotify\spotify.exe
FirewallRules: [{397F67DA-7FA0-48F4-91E1-A9D6E2FF016C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{8499C925-E03E-4489-AC50-4C3A46D0F887}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{D7AE063B-700E-45C0-B0E7-700026F79D40}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{FB8F4E8E-67DA-421B-AEB5-C0A32CD85F08}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{40DDC61A-3ADA-4E13-B05F-40BC8D433297}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7637EC3F-5FE6-4980-9AF4-63937327F824}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{387C399E-1650-48A9-895E-BE8B254769CA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{99B18C80-5651-4DF1-9D7D-5F3B7CC6C68E}C:\program files\adobe\adobe animate cc 2017\animate.exe] => (Allow) C:\program files\adobe\adobe animate cc 2017\animate.exe
FirewallRules: [UDP Query User{DF9E8C34-7F2D-4EB8-B268-B5767D0C6A59}C:\program files\adobe\adobe animate cc 2017\animate.exe] => (Allow) C:\program files\adobe\adobe animate cc 2017\animate.exe
FirewallRules: [{D93012D1-174B-4435-9226-86890370A575}] => (Block) C:\program files\adobe\adobe animate cc 2017\animate.exe
FirewallRules: [{8798B6CD-A844-4093-B348-524C2BB41397}] => (Block) C:\program files\adobe\adobe animate cc 2017\animate.exe
FirewallRules: [{2F563B47-0847-4817-B018-E55552F9E2A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F62FFA17-3323-4155-965A-2EE56A8BABEF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C28DCD0B-1F6A-4BD8-ABD5-6139E3FBE114}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{45AE197E-2D6E-428F-B1C2-BEBC8FA76113}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8B31B6F3-ACCB-4080-950E-30B2AC75932F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BA69FE67-14E4-4C29-AD3B-4E8AB3CFFAE4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B62A6CAD-290A-4A26-AF65-F72FB93BF486}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{C03AC624-0A25-46DA-AEA9-8AA30B9D39A9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{30668312-C1EC-40AD-AF08-3282DE9E812D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F3A039D5-D3E4-430A-B56F-B758526E2DEC}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{4EEE1BBE-15E9-419F-80BA-9A05DD89B3F9}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe

==================== Restore Points =========================

09-11-2018 12:49:26 Scheduled Checkpoint
10-11-2018 20:58:06 Removed RealUpgrade 1.1
10-11-2018 21:01:30 Removed RealNetworks - Microsoft Visual C++ 2008 Runtime
10-11-2018 21:09:50 Removed RealNetworks - Microsoft Visual C++ 2010 Runtime

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2018 09:17:57 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/10/2018 08:24:28 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/10/2018 08:24:15 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/10/2018 08:19:28 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/10/2018 10:17:57 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/09/2018 11:17:57 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/09/2018 10:17:56 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/09/2018 03:17:57 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

System errors:
=============
Error: (11/10/2018 09:25:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 09:15:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 09:05:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 08:55:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 08:45:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 08:35:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 08:25:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (11/10/2018 08:15:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

==================== Memory info ===========================

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 81%
Total physical RAM: 6100.01 MB
Available physical RAM: 1133.37 MB
Total Virtual: 12198.17 MB
Available Virtual: 6826.03 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:914.65 GB) (Free:446.67 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.64 GB) (Free:2.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4C3DA384)

Partition: GPT.

==================== End of Addition.txt ============================

#65
BrianR1976

Posted 10 November 2018 - 11:19 PM

Member

Topic Starter
Member
355 posts

The real search in FRST produces a massive text file. Every time I try to paste it here the browser crashes. I'm gonna attach the file instead. Sorry.

Attached Files

SearchReg.txt 2.75MB 1071 downloads

#66
RKinner

Posted 11 November 2018 - 10:12 AM

Malware Expert

Expert
24,623 posts

See if you can uninstall:

RealDownloader (HKLM-x32\...\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}) (Version: 18.1.7.347 - RealNetworks)
RealDownloader (HKLM-x32\...\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}) (Version: 18.1.7.347 - RealNetworks)

Then use this fixlist as before:

Finish up with another CCleaner run.

#67
BrianR1976

Posted 11 November 2018 - 11:48 PM

Member

Topic Starter
Member
355 posts

I cannot uninstall those two. There is no uninstall option. The top one says nothing and the bottom one offers repair as the only option. I will run CC tomorrow.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by BReese76 (11-11-2018 22:44:16) Run:5
Running from C:\Users\BReese76\Desktop
Loaded Profiles: BReese76 (Available Profiles: BReese76)
Boot Mode: Normal
==============================================

fixlist content:
*****************
c:\program files (x86)\real\realplayer
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 17.0]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{415B9F6F-CC10-472E-A5A2-8961A3374148}]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}]
REG: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}]
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
Task: {848BECA2-ACC0-4D4E-874D-04F17BDE60AC} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2017-03-19] (RealNetworks, Inc.)
S2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2017-03-14] ()
S2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2017-03-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2017-03-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.7.343 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2017-03-19] (RealPlayer)
FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

*****************

c:\program files (x86)\real\realplayer => moved successfully

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 17.0] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{415B9F6F-CC10-472E-A5A2-8961A3374148}] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}] =========

The system cannot find the path specified.

========= End of Reg: =========

========= [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}] =========

The system cannot find the path specified.

========= End of Reg: =========

HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RealDownloader => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{848BECA2-ACC0-4D4E-874D-04F17BDE60AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{848BECA2-ACC0-4D4E-874D-04F17BDE60AC}" => removed successfully
C:\windows\System32\Tasks\RealDownloader Update Check => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloader Update Check" => removed successfully
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\System\CurrentControlSet\Services\RealPlayer Cloud Service => removed successfully
RealPlayer Cloud Service => service removed successfully
RealPlayerUpdateSvc => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\RealPlayerUpdateSvc => removed successfully
RealPlayerUpdateSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\RealTimes Desktop Service => removed successfully
RealTimes Desktop Service => service removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=18.1.7.343 => removed successfully
"c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=18.1.7.343 => removed successfully
"c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll" => not found
FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" => Error: No automatic fix found for this entry.

==== End of Fixlog 22:44:21 ====

#68
BrianR1976

Posted 19 November 2018 - 06:34 PM

Member

Topic Starter
Member
355 posts

Sorry for the long delay. I was finally able to run CCleaner. It's getting into Finals season at school and everything gets backburnered.

#69
RKinner

Posted 19 November 2018 - 11:37 PM

Malware Expert

Expert
24,623 posts

Does it appear that the unwanted programs are gone? How is it running?

#70
BrianR1976

Posted 19 November 2018 - 11:46 PM

Member

Topic Starter
Member
355 posts

Real Downloader is still there but the offending Adobe programs are gone as are the rest of the Real programs. The computers a little sluggish when it first comes on. I think thats because of all the startup programs running. Occasionally, when I first open a browser I'll get a message saying no connection or something like this. I wait a minute or so and it's there. Im sure that is connected to whatever it was that we were doing to the Network Adapter. Do I need a new wireless card?

#71
RKinner

Posted 19 November 2018 - 11:53 PM

Malware Expert

Expert
24,623 posts

Go to

http://www.speedtest.net/

and click on Begin Test

When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

Is that about what you paid for?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer Errors
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Bedtime for me.

#72
BrianR1976

Posted 20 November 2018 - 12:02 AM

Member

Topic Starter
Member
355 posts

According to my Cable bill I get...

INTERNET

Cox High Speed Internet Premier

Includes:

Premier Internet Service

Download speeds up to 150 Mbps.

So I think I'm probably slow compared to what I am paying for.

#73
BrianR1976

Posted 20 November 2018 - 12:03 AM

Member

Topic Starter
Member
355 posts

MiniToolBox by Farbar Version: 17-06-2016
Ran by BReese76 (administrator) on 19-11-2018 at 23:03:07
Running from "C:\Users\BReese76\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: p7-1380t Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : BReese76-HP
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 20-16-D8-13-05-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 20-16-D8-13-05-65
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::115e:f980:b5ef:4306%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, November 19, 2018 5:16:02 PM
   Lease Expires . . . . . . . . . . : Tuesday, November 20, 2018 12:15:58 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 253761240
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3F-68-F5-B4-B5-2F-B7-79-3F
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : B4-B5-2F-B7-79-3F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e975:c79d:cd6:954b%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, November 19, 2018 5:16:02 PM
   Lease Expires . . . . . . . . . . : Tuesday, November 20, 2018 12:16:00 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 280278319
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3F-68-F5-B4-B5-2F-B7-79-3F
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{E745E9B4-9BA4-4154-BDFC-4B77998EAAFE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {62B87335-947A-4ED1-A563-BC201E9FF5F8}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #13
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #15
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #16
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #19
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5E1B1D25-767C-4FD6-AE4C-55CFC5626C29}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #21
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5cf2:8c02:281a:476:3f57:ff96(Preferred)
   Link-local IPv6 Address . . . . . : fe80::281a:476:3f57:ff96%41(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name:    google.com
Addresses: 2607:f8b0:4007:806::200e
      172.217.11.174

Pinging google.com [172.217.5.206] with 32 bytes of data:
Reply from 172.217.5.206: bytes=32 time=22ms TTL=252
Reply from 172.217.5.206: bytes=32 time=21ms TTL=252

Ping statistics for 172.217.5.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 22ms, Average = 21ms
Server: UnKnown
Address: 192.168.0.1

Name:    yahoo.com
Addresses: 2001:4998:c:1023::4
      2001:4998:c:1023::5
      2001:4998:44:41d::3
      2001:4998:44:41d::4
      2001:4998:58:1836::10
      2001:4998:58:1836::11
      98.138.219.231
      98.137.246.8
      98.137.246.7
      98.138.219.232
      72.30.35.10
      72.30.35.9

Pinging yahoo.com [72.30.35.9] with 32 bytes of data:
Reply from 72.30.35.9: bytes=32 time=86ms TTL=252
Reply from 72.30.35.9: bytes=32 time=89ms TTL=252

Ping statistics for 72.30.35.9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 86ms, Maximum = 89ms, Average = 87ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...20 16 d8 13 05 64 ......Microsoft Virtual WiFi Miniport Adapter
13...20 16 d8 13 05 65 ......802.11n Wireless LAN Card
12...b4 b5 2f b7 79 3f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #13
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #15
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #16
42...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #19
40...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #21
41...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.106     25
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.105     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.106    281
      192.168.0.0    255.255.255.0         On-link     192.168.0.105    276
    192.168.0.105 255.255.255.255         On-link     192.168.0.105    276
    192.168.0.106 255.255.255.255         On-link     192.168.0.106    281
    192.168.0.255 255.255.255.255         On-link     192.168.0.106    281
    192.168.0.255 255.255.255.255         On-link     192.168.0.105    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.105    276
        224.0.0.0        240.0.0.0         On-link     192.168.0.106    281
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link     192.168.0.105    276
255.255.255.255 255.255.255.255         On-link     192.168.0.106    281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
41     58 ::/0                     On-link
1    306 ::1/128                  On-link
41     58 2001::/32                On-link
41    306 2001:0:5cf2:8c02:281a:476:3f57:ff96/128
                                    On-link
12    276 fe80::/64                On-link
13    281 fe80::/64                On-link
41    306 fe80::/64                On-link
13    281 fe80::115e:f980:b5ef:4306/128
                                    On-link
41    306 fe80::281a:476:3f57:ff96/128
                                    On-link
12    276 fe80::e975:c79d:cd6:954b/128
                                    On-link
1    306 ff00::/8                 On-link
41    306 ff00::/8                 On-link
12    276 ff00::/8                 On-link
13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/19/2018 10:17:56 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 09:17:56 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 08:17:56 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 07:17:56 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 06:17:57 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 05:30:38 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/19/2018 05:21:43 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (11/18/2018 11:35:14 PM) (Source: COM) (User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{0014C1CC-0002-0000-0000-0000F0000000}0x80010114

Error: (11/18/2018 11:35:14 PM) (Source: COM) (User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{00000060-0002-0000-0000-0000F0000000}0x80010114

Error: (11/18/2018 11:34:21 PM) (Source: COM) (User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{0014CB14-0002-0000-0000-0000F0000000}0x80010114

System errors:
=============
Error: (11/19/2018 10:57:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 10:47:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 10:37:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 10:27:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 10:17:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 10:07:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 09:57:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 09:47:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 09:37:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/19/2018 09:27:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (11/19/2018 10:17:56 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 09:17:56 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 08:17:56 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 07:17:56 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 06:17:57 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 05:30:38 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/19/2018 05:21:43 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/18/2018 11:35:14 PM) (Source: COM)(User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{0014C1CC-0002-0000-0000-0000F0000000}0x80010114

Error: (11/18/2018 11:35:14 PM) (Source: COM)(User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{00000060-0002-0000-0000-0000F0000000}0x80010114

Error: (11/18/2018 11:34:21 PM) (Source: COM)(User: )
Description: {618736E0-3C3D-11CF-810C-00AA00389B71}{00020400-0000-0000-C000-000000000046}{0014CB14-0002-0000-0000-0000F0000000}0x80010114

=========================== Installed Programs ============================

4 Elements II (HKLM-x32\...\WTA-cae94c41-98d3-4995-a92c-1a9f8e9e703a) (Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
ActivePerl 5.16.1 Build 1601 (HKLM-x32\...\{9441AF70-8CCC-41EE-B2C1-398F5FE7E387}) (Version: 5.16.1601 - ActiveState)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_5) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_6) (Version: 19.1.6 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: 1.24.3.51068 - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\{EE54B7D5-57E0-A190-5D10-0982B52DF050}) (Version: 3.0.0 - Amazon Services LLC) Hidden
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.16.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-e9b0d2ff-58f2-4f92-aa9f-4235ebcaa010) (Version: 2.2.0.98 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WTA-5c3a7a94-dfef-4e00-8d66-77ba16901e21) (Version: 2.2.0.95 - WildTangent) Hidden
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
calibre (HKLM-x32\...\{B76A3B8A-CD1E-4260-BA4A-6A6EAA05715D}) (Version: 2.82.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-18a12f60-8d31-4fc4-b9d4-ba8c3db71ff8) (Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-a28c47a7-a641-4085-a762-d1580dfb3be7) (Version: 2.2.0.98 - WildTangent) Hidden
CrystalDiskInfo 7.8.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.8.0 - Crystal Dew World)
CrystalDiskMark 6.0.1 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.1 - Crystal Dew World)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-8f7267c2-328a-41f3-b2d6-034896b7d44c) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 60.4.107 - Dropbox, Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape the Emerald Star (HKLM-x32\...\WTA-0fa94eff-d6c9-4239-a91c-51c12c0444a0) (Version: 2.2.0.98 - WildTangent) Hidden
Fantasy Hockey League (HKLM-x32\...\ST5UNST #1) (Version: - )
Farm Frenzy (HKLM-x32\...\WTA-ce060142-91ae-43c4-b0e0-f2c817140380) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-8100fd1a-3049-41a7-814f-8b53792f1f9b) (Version: 2.2.0.97 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-7202739a-55ea-4ae4-856c-5258f747150f) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-5dc76dc0-c994-4092-bb73-46a81f3bd8ae) (Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{2F0A730C-3593-4637-B740-B9F589591376}) (Version: 2.0.2.7066 - Fitbit Inc.)
FITS Liberator 3.0.1 (HKLM-x32\...\FITS Liberator) (Version: 3.0.1 - ESO/ESA/NASA)
Golden Trails 2: The Lost Legacy Collector's Edition (HKLM-x32\...\WTA-9d8b0610-c5e3-45ee-af7c-cdeea94b2e90) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-d2187750-9140-4bdc-80c4-23556ca5aa81) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{750E9D0F-B188-4A7E-ADD2-84B7ED7D32F6}) (Version: 5.1.4281.27332 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-4a300df6-0a04-42ca-8731-ce1dc72d918d) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-cde176c2-3fbb-4206-8d44-8c409895fe58) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-57a418fb-a77e-43a6-b537-20d17df5f4d0) (Version: 2.2.0.95 - WildTangent) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (HKLM-x32\...\WTA-afa075f1-744f-4c53-9043-24311e6226ae) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-e396b932-3635-442c-a16a-ad5e9cd9ba6f) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (HKLM-x32\...\WTA-99303275-448e-4ef7-af3b-382815c633d8) (Version: 2.2.0.98 - WildTangent) Hidden
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Farm Life 2 (HKLM-x32\...\WTA-c2399047-bc9f-4bd9-be08-2bb213f1caf9) (Version: 2.2.0.98 - WildTangent) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Noiseware Community Edition (HKLM-x32\...\{CB3B7C24-30A1-4961-8039-94919F5ED2EE}) (Version: 2.6.0.1 - Imagenomic)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.33 - PDF Complete, Inc)
Penguins! (HKLM-x32\...\WTA-ba1d02c0-99a5-44d9-ad50-d78e0ff275e1) (Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-5265d433-55cf-4f91-8af7-6f222f20ecbe) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-f45a2279-a2f0-4996-b789-170e0caa6692) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-49198b23-c076-479e-8963-efcc5b8f3b43) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-717d6b13-c516-4e2f-aa7b-6859d039bc61) (Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6305 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6305 - CyberLink Corp.)
PS_AIO_07_D110_SW_Min (HKLM-x32\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.10.0 - Mediatek)
RealDownloader (HKLM-x32\...\{17C5FC50-8E12-4D06-AAF2-A9D9F0CE0A32}) (Version: 18.1.7.347 - RealNetworks)
RealDownloader (HKLM-x32\...\{6cf9c673-d8f4-48dc-b916-4e9bc19b5682}) (Version: 18.1.7.347 - RealNetworks)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Roads of Rome 3 (HKLM-x32\...\WTA-e94797d3-3b47-45b2-b709-a68038792160) (Version: 2.2.0.98 - WildTangent) Hidden
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Spotify (HKCU\...\Spotify) (Version: 1.0.91.183.g259b84fa - Spotify AB)
Stellarium 0.12.1 (HKLM\...\Stellarium_is1) (Version: 0.12.1 - Stellarium team)
Tales of Lagoona (HKLM-x32\...\WTA-8ae7d57e-9bf6-4714-9287-2ebbabeb96ba) (Version: 2.2.0.98 - WildTangent) Hidden
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Toolbox (HKLM-x32\...\{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}) (Version: 140.0.424.000 - Hewlett-Packard) Hidden
Torchlight (HKLM-x32\...\WTA-564fcbde-007d-4035-80b5-601ed66ad9f1) (Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.3.0 - Tweaking.com)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (HKLM-x32\...\{415B9F6F-CC10-472E-A5A2-8961A3374148}) (Version: 18.1.7 - RealNetworks) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-2bbf0a89-bf22-4c3a-80ae-5e03ef3a7a49) (Version: 2.2.0.98 - WildTangent) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.5 - WildTangent) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
Youda Fisherman (HKLM-x32\...\WTA-d63f8446-d7e3-4baa-a564-dd263804d9c6) (Version: 2.2.0.98 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-5ba1d7e5-572b-42a4-bae2-e30c907395b5) (Version: 2.2.0.98 - WildTangent) Hidden

========================= Devices: ================================

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Device ID: ROOT\IMAGE\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Device ID: ROOT\MULTIFUNCTION\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 6100.01 MB
Available physical RAM: 1557.16 MB
Total Virtual: 12198.17 MB
Available Virtual: 7276.46 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:914.65 GB) (Free:442.74 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.64 GB) (Free:2.07 GB) NTFS

========================= Users: ========================================

User accounts for \\BREESE76-HP

Administrator            BReese76                 Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#74
RKinner

Posted 20 November 2018 - 06:43 AM

Malware Expert

Expert
24,623 posts

You have both the wired and the wireless connections active. Best just to have the wired active and disable the wireless. Windows tends to get confused if you give it choices even tho the metric says to use the wired.

Cable speed varies during the day as you share the cable with all other users. During busy times it slows down. The test can be slowed by your anti-virus so try pausing it. Also try different browsers.

#75
BrianR1976

Posted 20 November 2018 - 10:23 AM

Member

Topic Starter
Member
355 posts

I disabled wireless. I forgot that I had both connected. Speedtest came back a little faster though still way below the advertised 150mb. I did this on both browsers I use with the virus scanner disabled. My modem and router aren't that old so I dont think thats an issue. I guess in the scheme of things I never really have issues with internet speeds so I probably should leave well enough alone.