Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cant post [Solved]


  • This topic is locked This topic is locked

#46
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

ok done that


  • 0

Advertisements


#47
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Please run a new scan with FRST and post the FRST.txt/Addition.txt logs in your next reply.

Additionally, let me know what problems persist with this computer.

Thanks.
  • 0

#48
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

still having popup trouble

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by BR (12-02-2019 14:14:55)
Running from C:\Users\BR\Downloads
Windows 7 Home Premium Service Pack 3 (X64) (2012-03-13 13:09:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-998330651-303224156-1059126384-500 - Administrator - Disabled)
bcom (S-1-5-21-998330651-303224156-1059126384-1003 - Administrator - Enabled) => C:\Users\bcom
BR (S-1-5-21-998330651-303224156-1059126384-1004 - Administrator - Enabled) => C:\Users\BR
BRIAN (S-1-5-21-998330651-303224156-1059126384-1000 - Administrator - Enabled) => C:\Users\BRIAN
Guest (S-1-5-21-998330651-303224156-1059126384-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (HKLM-x32\...\{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (HKLM-x32\...\{A7AEE29F-839E-46B5-B347-6D430618129F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArtCAM 2015 (64-bit) (HKLM-x32\...\ArtCAM 2015 (64-bit)) (Version: 2015 - Delcam Ltd)
ArtCAM 2015 R2 (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 (64-bit)) (Version: 2015 R2 - Delcam Ltd)
ArtCAM 2015 R2 DL (64-bit) (HKLM-x32\...\ArtCAM 2015 R2 DL (64-bit)) (Version: 2015 R2 - Delcam Ltd)
Autodesk Pixlr (HKLM-x32\...\{B0547B43-3AEE-453C-9945-800DDF92052D}) (Version: 1.1.1.0 - Autodesk) Hidden
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (HKLM-x32\...\{0DEF8C02-2EAB-4BFE-A7E0-7990665DF1A9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (HKLM-x32\...\{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam)
Delcam Exchange 2015 R4 (64-bit) (HKLM\...\Delcam Exchange 8.1.10) (Version: 8.1.10 - Delcam)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
eDrawings 2015 x64 (HKLM\...\{1849FD9A-F1F7-4D0C-BEE6-59C3337E5410}) (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp)
EPS File Viewer (HKLM-x32\...\{35B4B5ED-41DE-4CAB-A757-F967474819DC}_is1) (Version:  - epsfileviewer.com)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free DWG Viewer 7.3 (HKLM-x32\...\{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}) (Version: 7.3.0.174 - IGC)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google SketchUp 8 (HKLM-x32\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
gsimple 2.05 (HKLM-x32\...\gsimple) (Version: 2.05 - S.Kontogiannis)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{B09B89DC-91EF-4965-800D-2A5807D117D1}) (Version: 40.11.1135.17143 - HP Inc.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Live Mail Password Decryptor (HKLM-x32\...\{2C7228FF-A6A8-49D1-BE08-7453AB5D0359}) (Version: 4.0 - SecurityXploded) Hidden
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Mail Undelete Recovery Toolbox Free 2.3 (HKLM-x32\...\Mail Undelete Recovery Toolbox Free_is1) (Version:  - Recovery Toolbox, Inc.)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Mozilla Firefox 47.0.2 (x86 en-US) (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{0E14A09E-FBF5-461C-A10B-62F231B1722C}) (Version: 40.11.1135.17143 - HP Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2216 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scanything V1.0.8 (HKLM-x32\...\Scanything) (Version: 1.0.8 - Scanything)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SewArt (HKLM\...\{233A5312-C6B1-48DB-8F62-5E1E2975F499}) (Version: 1.8.8 - S & S Computing)
SewWhat-Pro (HKLM\...\{5DF40802-1935-4B9F-9B7C-B16B6B875461}) (Version: 3.9.7 - S & S Computing)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype version 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SmoothDraw version 4.0.5 (HKLM-x32\...\SmoothDraw_is1) (Version: 4.0.5 - )
SMPIS (HKLM-x32\...\{999052D7-44A2-49F8-9851-A3D2D297EE03}) (Version: 29.00.000 - Merry Mechanization Inc.)
SolidWorks 2011 x64 Edition SP02 (HKLM\...\{4F113377-0BA1-4552-9ABB-9BF220FAF132}) (Version: 19.120.49 - SolidWorks) Hidden
SolidWorks 2011 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20110-40200-1100-100) (Version: 19.2.0.49 - SolidWorks Corporation)
SolidWorks eDrawings 2011 SP02 (HKLM-x32\...\{67C6633B-5A12-4955-A5E4-98D703F9AFA3}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.)
SolidWorks eDrawings 2011 x64 Edition SP02 (HKLM\...\{455804F2-70A9-46BD-BEB8-957000EC20D4}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.) Hidden
SolidWorks Explorer 2011 SP02 (HKLM-x32\...\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}) (Version: 19.20.49 - SolidWorks Corporation)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SQLAnywhere1000 (HKLM-x32\...\{349E9132-5101-4094-859E-0EEE6F3DDCD5}) (Version: 10.1.4157 - Merry Mechanization Inc)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.8 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.3 - Tweaking.com)
Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{90C3F44A-7F39-4AEA-AC41-E32F97208269}) (Version: 17.0.185.7427 - Wilcom) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{4CEEAF57-0208-4CA4-A473-914C2D2FFC23}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FileAssociationHelper] -> {D5CF14A2-B3CA-49DC-8E3E-0BB233B26D09} => C:\Program Files\File Association Helper\FAHDll.dll [2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => C:\Program Files (x86)\PhoXo\ExploreMenu.dll -> No File
ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B68D52-81A4-4E5D-A008-EBE7A5E1D7A8} - System32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0EB491D2-3F87-4560-81FF-E86009C528CA} - System32\Tasks\{8B8FB205-9240-4AC7-98E1-1FC0022AA2DC} => C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {13C746E5-D9D4-410F-8374-C85DD78CB304} - System32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275} => C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {261C88CB-C0A6-449C-8B7E-520CB4278507} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2761B74C-FF47-4ABC-B888-2B671AC244E5} - System32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {2A5E94B0-88B5-4A7C-AE52-03F3C01C221B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {35E21EB3-832F-4CF8-96D9-CA922B3FC962} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink -> CyberLink)
Task: {3A971650-3B29-4284-8710-C3F626E29C5B} - System32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {4B06D158-F426-4D63-842D-A8D695E38F5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4E972E24-4BA2-47D5-BEFD-94D785AA4E8C} - System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF} => C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation -> TechSmith Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe (Hewlett-Packard Company -> )
Task: {7C5A95DD-03B0-42B0-AE44-40365D9FFEB6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {7F54A87F-3AB1-4857-8F5D-3B1374A9D962} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {983288AE-7B6C-4262-A354-ED914BAB9B17} - System32\Tasks\{7ABB10C8-4419-4DA7-B870-5539FB2B4CFF} => C:\Program Files\Dassault Systemes\DraftSight\bin\DraftSight.exe
Task: {9898530D-7128-408C-A288-8A7655746A86} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99DC5BAC-F1C3-4CDC-8CB1-F45B3B886E25} - System32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4} => C:\Windows\system32\pcalua.exe -a "E:\English\JDPaint55 1048\JDPaint.exe" -d "E:\English\JDPaint55 1048"
Task: {9A3CE333-775C-4F78-992D-AA2801A46B4E} - System32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99} => C:\Windows\system32\pcalua.exe -a L:\AutoCAD_2011_English_Win_64bit.exe -d L:\
Task: {9E7B5155-9C08-45C9-9779-27D04278AC5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {A6AC5370-51F9-4CFD-997A-8A157D90FF99} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {B1887102-041D-4F62-A50E-9FDD2221ED07} - System32\Tasks\SafeZone scheduled Autoupdate 1460721208 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {B3DA22B1-F75D-4464-A7BE-824814ECC4E9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {BD3E764E-993B-4D01-A8E3-33CB5E7FD2F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {BEBB79F8-7713-4DBF-9FF9-0BA8E1E28A44} - System32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\setup.exe -d C:\Users\BR\Downloads
Task: {CA4307C5-0B5B-4183-AE41-368899A730FF} - System32\Tasks\{A75FBD77-F964-481B-B7EF-F4B1EA2968ED} => C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D16D3224-3EE0-4200-9E22-85BF14CE0671} - System32\Tasks\{9C9F2E80-4ADE-449B-9057-40106FF8BC7F} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D5226923-4D3A-4364-BD39-D4CE1AE244C8} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Tweaking LLC -> Tweaking.com)
Task: {DD268EF9-0389-4933-BB76-5200E5670973} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {EF688760-AA89-4443-B5F1-5CEE174F3EBE} - System32\Tasks\{344968BF-A556-4FFC-984C-7E186895F06B} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\DriverAgent\dauninst.exe
Task: {F071B936-8E01-43A1-8968-3D7C08AC6606} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {FDFDEFE5-F9F6-4CA4-BCF3-CD265AA0EF41} - System32\Tasks\HPCustPartic.exe_{F94022F2-89C4-4C6F-A846-667671D2320F} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {FF68EC2C-3B0C-4266-A221-56BDB11B6623} - System32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\Mach3Version3.043.066.exe -d C:\Users\BR\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\BR\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/desktop/index.htm

ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\craigslist_ vancouver, BC jobs, apart.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=oodmfgjfnfmcjhffmmaepknoggiokdhk

==================== Loaded Modules (Whitelisted) ==============

2019-01-17 04:35 - 2019-01-17 04:35 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-17 04:35 - 2019-01-17 04:35 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-17 04:35 - 2019-01-17 04:35 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-17 04:35 - 2019-01-17 04:35 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-02-12 10:23 - 2019-02-12 10:23 - 006865040 _____ () C:\Program Files\AVAST Software\Avast\defs\19021204\algo64.dll
2012-12-15 12:55 - 2005-03-12 00:07 - 000087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2018-01-04 23:13 - 2018-01-04 23:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-04 23:14 - 2018-01-04 23:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-11-09 10:37 - 2019-01-28 09:06 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-05-22 18:33 - 2016-05-22 18:33 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-01-22 02:15 - 2018-01-22 02:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 02:15 - 2018-01-22 02:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2019-01-17 04:35 - 2019-01-17 04:35 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-10-10 14:17 - 2010-09-09 09:05 - 000593920 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
2016-05-22 18:32 - 2016-05-22 18:32 - 031680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2019-02-12 06:57 - 2019-02-05 18:00 - 005186032 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\libglesv2.dll
2019-02-12 06:57 - 2019-02-05 18:00 - 000117232 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\libegl.dll
2009-10-22 18:50 - 2009-10-22 18:50 - 000931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2018-01-04 23:14 - 2018-01-04 23:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-04 23:14 - 2018-01-04 23:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2009-08-20 12:35 - 2009-08-20 12:35 - 002121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 12:35 - 2009-08-20 12:35 - 007745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 12:35 - 2009-08-20 12:35 - 000135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2017-09-26 20:22 - 2017-09-26 20:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-10-10 14:17 - 2007-07-17 15:26 - 000086016 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
2016-08-24 07:45 - 2016-08-24 07:45 - 040523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-06-07 23:10 - 2016-06-07 23:10 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-08-24 07:24 - 2016-08-24 07:24 - 000109760 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2016-06-07 23:10 - 2016-06-07 23:10 - 000166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2019-01-04 01:01 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\SQL Anywhere 10\win32;C:\Program Files (x86)\SQL Anywhere 10\Sybase Central 5.0.0\win32;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-998330651-303224156-1059126384-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BRIAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-998330651-303224156-1059126384-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\bcom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AliSafeEngine Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SentinelKeysServer => 2
MSCONFIG\Services: SentinelProtectionServer => 2
MSCONFIG\Services: SentinelSecurityRuntime => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Unchecky => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: wwbizsrv => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{941584E1-854B-434D-85FE-08615386E6DD}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{24DB1A02-894B-4B50-80C3-AF89B7F3A379}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{0B6B3E9F-1303-4E14-8895-DA3ACC99F6CF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{1E3A6126-5910-4D3B-9911-15769D574BBB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4CB72E1A-D77F-4284-B7EA-15ECCA2A0518}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{849E739F-CA22-4888-A9A6-C5EE2B84C0D7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{B3B2AC8C-624A-4D95-AA88-2C109ACF15C1}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{75B9D3FE-C59D-40B9-BB93-78365A52A88E}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7027FCA1-ED17-4B7B-9DEF-90707122CEED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [{4E250D65-5C7F-4C5C-8E68-F728A34421A7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{9BF14085-062A-4EB5-A452-75190E55F47F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{20D7AE74-B6A3-426F-B416-9DC325C694AA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{1E665E32-F3CE-4E07-ADA2-EE9C6EB26E2D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFE4F658-D641-404D-8048-318DD582A421}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80D39522-104E-4FB8-AF99-1FAC08D8BAAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C14434CB-10C7-4B29-8255-37412E9CC49F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{231BF8B0-E8AA-41FE-BA9A-568103FD2F6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{753E03DD-946C-41B7-97D9-47B6B408B966}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26EAF1A7-27A7-40A1-8B97-244D92D509DD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{84C5F561-9393-4117-9C21-1602D63CDAA9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{14FC1362-862C-41E8-9E03-9DEAFB364DA3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{268CDBAB-5953-49C3-B923-E0C09378C160}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F028B163-0059-448B-BB75-773426B9BFC0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2DE49187-0F5B-4044-84FE-0A669CC85F33}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2F80605A-D7CD-4639-B271-0B88302D1B78}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5F35F7C3-2461-4952-AA85-73CF95EA6F47}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C21344CC-E893-44F5-8E7E-701F26AB182D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FA59B4A3-B4E9-4169-80CA-0ACAFF3299DB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D1A0FBE8-8102-4DCB-9C1B-4C6DA9A2E4B0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8BF19FE5-091A-4478-A1B9-B0F5988DB7EB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DDEF6243-1EA8-4B81-9D35-C268ABDF94F0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3C37859B-1FDB-4B6F-AC4C-69AA2592E700}] => (Allow) LPort=5357
FirewallRules: [{38935BAA-FB00-4F8E-AFF2-1ECFFCCB3402}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{83EF81F4-A047-486B-9ED7-788156AA5F02}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2CCFE143-FE63-463D-BF2D-38FA0542B828}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{30090691-2965-4C2E-BCEA-F17CD8043B3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{368EF3B6-D448-4597-BDD7-C5370190596C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{86C000D4-66B4-43D9-BBEC-01712566D1A2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF079C67-BCD2-4063-9247-D4264175A7A9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F9AC02C-F9FA-4201-9C09-C06F7B5B630D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{747DE1F7-7A8F-4729-8D96-E06E0C5A5FFA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{B41BAFD4-3B90-42C3-B49D-50BD0A8FC864}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7FAC275E-EF51-4AE7-BF73-EB278A5117C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E11B348-E024-4FA4-974E-4ABA18354EA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{32037EE3-CB62-4E38-A5AA-9282CB2DB64D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D767E3C0-CCEE-48F8-AFB6-24F5B034CBBA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{93D40DB1-EC32-498A-9758-3B800ABFE9FE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8FC46BB2-1E50-404D-8BBE-126C9B8B60EC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

21-01-2018 13:04:50 Revo Uninstaller's restore point - Magical Jelly Bean PasswdFinder
21-01-2018 13:11:00 Revo Uninstaller's restore point - Kodi
22-01-2018 03:01:23 Windows Update
25-01-2018 03:00:28 Windows Update
09-02-2018 03:52:36 Scheduled Checkpoint
14-02-2018 03:01:12 Windows Update
03-03-2018 18:18:02 Scheduled Checkpoint
12-03-2018 20:07:31 Scheduled Checkpoint
14-03-2018 02:00:44 Windows Update
14-03-2018 15:53:12 Installed iTunes
17-03-2018 14:16:49 Removed iTunes
17-03-2018 14:17:52 Removed iTunes
17-03-2018 14:24:12 Removed iTunes
17-03-2018 14:31:38 Installed iTunes
17-03-2018 14:52:14 Removed Apple Mobile Device Support
17-03-2018 14:53:16 Removed Apple Software Update
17-03-2018 14:54:19 Removed Apple Application Support (64-bit)
17-03-2018 14:55:37 Removed Apple Application Support (32-bit)
17-03-2018 14:56:05 Removed Apple Application Support (32-bit)
17-03-2018 14:57:51 Removed Bonjour
17-03-2018 14:58:30 Removed iTunes
17-03-2018 15:33:38 Installed iTunes
30-03-2018 02:00:42 Windows Update
07-04-2018 02:00:40 Windows Update
11-04-2018 02:00:45 Windows Update
18-04-2018 08:16:28 Scheduled Checkpoint
24-04-2018 10:49:08 Installed StudioTax 2017
26-04-2018 08:21:41 Removed StudioTax 2017
09-05-2018 02:01:01 Windows Update
31-05-2018 07:44:09 Removed Backup and Sync from Google
11-06-2018 00:47:39 Scheduled Checkpoint
13-06-2018 02:00:16 Windows Update
29-06-2018 23:15:46 Scheduled Checkpoint
08-07-2018 13:34:15 Scheduled Checkpoint
11-07-2018 02:00:25 Windows Update
20-07-2018 11:45:42 Removed DraftSight 2015 SP2 x64.
01-08-2018 09:08:55 Installed OpenOffice 4.1.5
01-08-2018 10:00:28 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
01-08-2018 16:08:43 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
02-08-2018 02:00:11 Windows Update
15-08-2018 02:01:24 Windows Update
29-08-2018 08:15:31 Scheduled Checkpoint
29-08-2018 08:36:30 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
29-08-2018 09:27:04 Restore Operation
13-09-2018 02:02:01 Windows Update
30-09-2018 08:09:53 Scheduled Checkpoint
08-10-2018 19:43:32 Installed Skype™ 7.41
11-10-2018 02:01:12 Windows Update
12-10-2018 02:01:15 Windows Update
25-10-2018 10:31:19 Scheduled Checkpoint
08-11-2018 06:38:47 Scheduled Checkpoint
14-11-2018 03:01:43 Windows Update
29-11-2018 00:02:46 Scheduled Checkpoint
09-12-2018 08:44:50 Scheduled Checkpoint
13-12-2018 03:00:26 Windows Update
20-12-2018 03:01:27 Windows Update
28-12-2018 09:24:34 Scheduled Checkpoint
09-01-2019 03:00:26 Windows Update
09-01-2019 05:32:54 Windows Update
16-01-2019 03:00:11 Windows Update
25-01-2019 00:09:48 Scheduled Checkpoint
11-02-2019 07:05:09 Removed 0501(English)
11-02-2019 09:49:29 Restore Point Created by FRST
11-02-2019 10:17:08 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/12/2019 12:00:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (02/11/2019 01:54:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (02/11/2019 01:48:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (02/11/2019 10:17:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service wwbizsrv since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (02/11/2019 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (02/10/2019 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (02/09/2019 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (02/08/2019 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

System errors:
=============
Error: (02/11/2019 10:33:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (02/11/2019 10:20:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (02/11/2019 10:18:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (02/11/2019 10:18:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (02/11/2019 10:18:15 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 70. The internal error state is 105.

Error: (02/11/2019 10:15:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
czhwah
ynub

Error: (02/11/2019 10:15:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.

Error: (02/11/2019 10:11:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Audio service hung on starting.

CodeIntegrity:
===================================

Date: 2018-11-14 03:40:07.722
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:59.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:58.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.175
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.034
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.641
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.314
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:29:01.016
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 7133.18 MB
Available physical RAM: 2259.71 MB
Total Virtual: 14264.5 MB
Available Virtual: 9770.3 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:54.91 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{b853008b-6d0c-11e1-b88a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019 01
Ran by BR (administrator) on BRIAN-PC (12-02-2019 14:13:50)
Running from C:\Users\BR\Downloads
Loaded Profiles: BRIAN & bcom & BR (Available Profiles: BRIAN & bcom & BR)
Platform: Windows 7 Home Premium Service Pack 3 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [File not signed]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [26624 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1000\...\MountPoints2: {b8530093-6d0c-11e1-b88a-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-998330651-303224156-1059126384-1001\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-998330651-303224156-1059126384-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ISUSPM Startup] => "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3769992 2017-05-23] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49762136 2018-08-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\Installer\chrmstp.exe [2019-02-12] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-19] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2014-07-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EF1371BB-7288-4F5F-870B-12C74F93F93F}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
HKU\S-1-5-21-998330651-303224156-1059126384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
HKU\S-1-5-21-998330651-303224156-1059126384-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1000 -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1000 -> {A531D99C-5A22-449b-83DA-872725C6D0ED} URL = hxxp://search.alot.com/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1004 -> {5C92EB9F-4A20-4856-8F45-C04A70AC3398} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corporation -> Microsoft Corp.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: 7h47bk28.default-1425818769644-1541694642980
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\7h47bk28.default-1425818769644-1541694642980 [2019-02-11]
FF Extension: (Avast SafePrice) - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\7h47bk28.default-1425818769644-1541694642980\Extensions\[email protected] [2018-04-10]
FF Extension: (Avast Online Security) - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\7h47bk28.default-1425818769644-1541694642980\Extensions\[email protected] [2018-07-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-13] [Legacy] [not signed]
FF HKU\S-1-5-21-998330651-303224156-1059126384-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @citrixonline.com/appdetectorplugin -> C:\Users\BR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-28] (Citrix Online)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR DefaultSearchURL: Default -> hxxps://vancouver.craigslist.ca/favicon.ico
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default [2019-02-11]
CHR Extension: (Slides) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-11]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-11]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-11]
CHR Extension: (Avast SafePrice) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-05]
CHR Extension: (Sheets) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default [2019-02-12]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-02-10]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Avast Online Security) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (craigslist: vancouver, BC jobs, apart...) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodmfgjfnfmcjhffmmaepknoggiokdhk [2018-09-05]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-12]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (Hewlett-Packard Company -> ArcSoft, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia -> Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia -> Secunia)
S4 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
S4 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc)
S4 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S4 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-06-07] (SolidWorks) [File not signed]
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc. -> iAnywhere Solutions, Inc.)
S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-01-29] (Reason Software Company Inc. -> RaMMicHaeL)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [237936 2009-08-03] (ATI Technologies, Inc -> Advanced Micro Devices, Inc)
R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28216 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249456 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3678720 2012-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S0 czhwah; C:\Windows\SysWOW64\drivers\deakun.sys [61440 2019-02-11] () [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10619296 2010-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-02-11] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel® Code Signing External -> )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SydexFDD; C:\Windows\SysWOW64\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows ® 2000 DDK provider) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S0 ynub; C:\Windows\SysWOW64\drivers\owgosexc.sys [61440 2019-02-11] () [File not signed]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-12 09:58 - 2019-02-12 09:57 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-12 09:39 - 2019-02-12 09:39 - 000000000 ____D C:\32788R22FWJFW
2019-02-12 08:58 - 2019-02-12 08:58 - 000000000 ____D C:\MSI1a31f.tmp
2019-02-12 08:58 - 2019-02-12 08:58 - 000000000 ____D C:\MSI1a314.tmp
2019-02-12 08:58 - 2019-02-12 08:58 - 000000000 ____D C:\MSI1a312.tmp
2019-02-12 08:57 - 2019-02-12 08:57 - 000000000 ____D C:\MSI1a30f.tmp
2019-02-11 22:15 - 2019-02-11 22:15 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-11 22:08 - 2019-02-11 22:08 - 000061440 _____ C:\Windows\SysWOW64\Drivers\deakun.sys
2019-02-11 22:08 - 2019-02-11 22:08 - 000000712 _____ C:\avenger.txt
2019-02-11 22:08 - 2019-02-11 22:08 - 000000114 _____ C:\Windows\fbalcdri.txt
2019-02-11 21:40 - 2019-02-11 22:08 - 000135168 _____ C:\zip.exe
2019-02-11 21:40 - 2019-02-11 22:08 - 000019286 _____ C:\cleanup.exe
2019-02-11 21:40 - 2019-02-11 21:40 - 000061440 _____ C:\Windows\SysWOW64\Drivers\owgosexc.sys
2019-02-11 21:40 - 2019-02-11 21:40 - 000000114 _____ C:\Windows\pegzgwk.txt
2019-02-11 14:07 - 2019-02-12 09:57 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-02-11 14:07 - 2019-02-11 14:07 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa30a5456c1cddfeb.tmp
2019-02-11 07:07 - 2019-02-11 07:07 - 000000000 ____D C:\MSI19de5.tmp
2019-02-10 14:37 - 2019-02-11 09:51 - 000000000 ____D C:\FRST
2019-01-17 04:36 - 2019-02-12 09:57 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-17 04:36 - 2019-02-12 09:57 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-17 04:36 - 2019-02-12 09:57 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-17 04:36 - 2019-02-12 09:57 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-17 04:36 - 2019-01-17 04:35 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\asw73bd1ee8b33ee06c.tmp
2019-01-17 04:36 - 2019-01-17 04:35 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\asw089496873b5b7056.tmp
2019-01-17 04:36 - 2019-01-17 04:35 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0a61277d4f48d128.tmp
2019-01-17 04:36 - 2019-01-17 04:35 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswca1c76805cdb23e5.tmp
2019-01-16 03:01 - 2019-01-16 03:01 - 000000000 ____D C:\MSIba4e3.tmp
2019-01-16 03:01 - 2019-01-16 03:01 - 000000000 ____D C:\_638336_

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-12 13:39 - 2012-04-13 07:31 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2019-02-12 13:34 - 2014-05-13 18:36 - 000000000 ____D C:\Program Files (x86)\TradeManager
2019-02-12 12:45 - 2018-01-21 13:53 - 000003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AAEA059E-67E6-4D4B-A555-071AD2AC6636}
2019-02-12 09:59 - 2017-03-16 02:48 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-12 09:57 - 2018-10-22 15:02 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-02-12 09:57 - 2018-02-20 10:17 - 000249456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-02-12 09:57 - 2017-11-22 05:04 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-02-12 09:57 - 2016-04-15 03:50 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-02-12 09:00 - 2017-08-09 01:06 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-12 04:43 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-12 04:43 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-11 22:12 - 2015-10-08 11:40 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2019-02-11 22:12 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-11 14:07 - 2016-04-15 03:50 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw176efb91e94a8fcc.tmp
2019-02-11 13:38 - 2012-03-30 11:49 - 000000000 ____D C:\Windows\pss
2019-02-04 17:17 - 2013-08-19 18:26 - 000000000 ____D C:\Program Files\CCleaner
2019-01-28 09:06 - 2018-11-09 10:37 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-23 06:26 - 2018-11-08 08:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-23 06:25 - 2012-04-26 05:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-17 04:35 - 2018-10-22 15:02 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0ded1b64a7ee83f1.tmp
2019-01-17 04:35 - 2018-02-20 10:17 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8a41776c944a6490.tmp
2019-01-17 04:35 - 2017-11-22 05:04 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9f40f0ea892c21d5.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\asw80e02d7350917044.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8d104be64c7fb2cb.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw634a5efed0336edf.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf0d9034dc0f4e3f9.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\asw424222a6a4a74e2d.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswfad996437efdd001.tmp
2019-01-17 04:35 - 2016-04-15 03:50 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8850a357ad035b85.tmp
2019-01-16 03:01 - 2012-05-12 02:02 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-16 03:01 - 2012-05-12 02:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Files in the root of some directories =======

2014-09-09 15:27 - 2014-09-09 15:30 - 000000000 _____ () C:\Users\BR\AppData\Roaming\bibstats
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-27 08:09 - 2014-11-28 09:44 - 000004042 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-11-11 10:57 - 2014-11-11 10:57 - 000000044 _____ () C:\Users\BR\AppData\Roaming\WB.CFG
2017-01-14 12:04 - 2017-01-14 12:04 - 000000000 ____H () C:\Users\BR\AppData\Local\BITD200.tmp
2014-10-27 09:02 - 2014-10-27 09:02 - 000009728 _____ () C:\Users\BR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-27 11:56 - 2018-12-27 11:56 - 000000218 _____ () C:\Users\BR\AppData\Local\recently-used.xbel
2015-09-26 12:43 - 2015-09-26 12:43 - 000000017 _____ () C:\Users\BR\AppData\Local\resmon.resmoncfg
2012-06-07 20:09 - 2012-06-07 20:09 - 000000000 _____ () C:\Users\BR\AppData\Local\Temptable.xml
2012-09-23 13:15 - 2012-09-23 13:15 - 000137289 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
2012-09-23 13:15 - 2012-09-23 13:15 - 000132486 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
2012-09-23 13:15 - 2012-09-23 13:15 - 000132533 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
2012-09-23 13:15 - 2012-09-23 13:15 - 000003890 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000121078 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000044248 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
2012-10-03 17:18 - 2012-10-03 17:18 - 000112551 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.0
2012-10-03 17:18 - 2012-10-03 17:18 - 000040181 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000115714 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000038427 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000134269 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000049466 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000135858 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000050685 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.1
2012-10-03 17:22 - 2012-10-03 17:22 - 000050520 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
2012-10-03 17:23 - 2012-10-03 17:23 - 000136857 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.0
2012-10-03 17:23 - 2012-10-03 17:23 - 000049261 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.1
2012-10-03 17:23 - 2012-10-03 17:23 - 000049486 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
2012-08-22 15:05 - 2012-08-22 15:05 - 000006400 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
2012-08-22 15:05 - 2012-08-22 15:05 - 000001969 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
2017-01-14 11:57 - 2017-01-14 12:04 - 000000000 _____ () C:\Users\BR\AppData\Local\{7A3D3458-EB7D-4C05-A5E4-FDFD4ED3DCBD}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-12 00:51

==================== End of FRST.txt ============================


  • 0

#49
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,
  • Where do the pop-ups appear? In a browser, when you open a specific program, etc.
  • Can you post a screenshot of the pop-ups?
Thanks.
  • 0

#50
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

they pop up bottom right of screen in my browser any site even this one

sorry having trouble putting a screenshot on this site?

 

 

 

Attached Thumbnails

  • 2019-02-12_1558.png

  • 0

#51
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

seems to be getting more frequent ?


  • 0

#52
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,

Which browser do the pop ups appear in?
  • 0

#53
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

chrome 


  • 0

#54
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,

Open Google Chrome. Click the Menu icon in the upper right corner of the window (three vertical dots).

Click Settings from the drop-down menu. Scroll down all the way and click Advanced.

Under "Privacy and Security" click "Content Settings."

Click Notifications. If you see any notifications allowed from unfamiliar sites, click Block or Remove next to the site URL.

Restart Chrome and let me know if the problem persists.
  • 0

#55
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

OK turn off quite a few let it sit for a couple hrs now , no popup GREAT THANX 


  • 0

Advertisements


#56
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,

Excellent. :thumbsup: Let me know if the pop-ups come back.

Thanks.
  • 0

#57
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 211 posts

think you got it , been clear all day . thank you for the help. 


  • 0

#58
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,

You're welcome :)

Your version of Java is out of date. It's recommended that you keep Java up-to-date, as older versions can have security vulnerabilities which malicious Web sites can exploit.
  • Press the Windows Key + R. This will open the Run box.
  • Type appwiz.cpl and click OK.
  • A list of installed programs will appear. Look for any programs that have Java or JRE in their name. If you find any such program/s, click on them and select Uninstall.
  • Follow the steps in the uninstaller to remove Java Runtime Environment.
  • Restart your computer.
  • Once you are finished removing the outdated version of Java, click here to go to the Java download page.
  • Click the Free Java Download button to download the Java installer.
  • Once the file has downloaded, right-click on the Java installer and select Run as Administrator.
  • When the Java setup window opens, click on Install.
  • If you see any offers of unwanted software or toolbars during installation, uncheck the box before continuing unless you wish to install it.
  • Follow the onscreen prompts to install Java.
In the future, make sure that you keep Java Auto Update enabled, so you receive the latest versions of Java when they are released.
  • 0

#59
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts
Hi,

Were you able to update Java as per the instructions in my previous post?

Thanks.
  • 0

#60
iMacg3

iMacg3

    Malware Removal

  • Malware Removal
  • 147 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP