Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

pop up all the time now


  • Please log in to reply

#1
RUSTY2

RUSTY2

    Member

  • Member
  • PipPipPip
  • 221 posts

thank you for your help again!!

having pop up for a few months now , only a few when i first start my pc but lately cant get rid of them . Ran malwarbytes but it showed  no problem

any help will be appreciated 

Brian

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/24/20
Scan Time: 8:25 AM
Log File: 116c3c51-3ec6-11ea-890b-e0cb4e7d728e.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.14493
License: Free

-System Information-
OS: Windows 7 Service Pack 3
CPU: x64
File System: NTFS
User: BRIAN-PC\BR

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 397304
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 18 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP


  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.



 


  • 0

#3
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2020 01
Ran by BR (administrator) on BRIAN-PC (HP-Pavilion BK235AA-ABL p6332c) (25-01-2020 08:14:29)
Running from C:\Users\BR\Downloads
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Platform: Windows 7 Home Premium Service Pack 3 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Secunia -> Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(WinZip Computing LLC -> Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xrWCbgnd.dll [58368 2009-07-13] (Microsoft Windows -> Xerox Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ISUSPM Startup] => "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3769992 2017-05-23] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Ozeki Phone System XE Service monitor] => "C:\Program Files\Ozeki\Ozeki Phone System XE\ServiceMonitor.exe"
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2014-07-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * bootdelete
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B68D52-81A4-4E5D-A008-EBE7A5E1D7A8} - System32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0EB491D2-3F87-4560-81FF-E86009C528CA} - System32\Tasks\{8B8FB205-9240-4AC7-98E1-1FC0022AA2DC} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-10-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {13C746E5-D9D4-410F-8374-C85DD78CB304} - System32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {15D83288-E8EC-4399-BBA8-6E0D31A93A1D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {261C88CB-C0A6-449C-8B7E-520CB4278507} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-07] (Google Inc -> Google Inc.)
Task: {2761B74C-FF47-4ABC-B888-2B671AC244E5} - System32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {2A5E94B0-88B5-4A7C-AE52-03F3C01C221B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {35E21EB3-832F-4CF8-96D9-CA922B3FC962} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216 2009-10-22] (CyberLink -> CyberLink)
Task: {3A971650-3B29-4284-8710-C3F626E29C5B} - System32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {4B06D158-F426-4D63-842D-A8D695E38F5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-07] (Google Inc -> Google Inc.)
Task: {4E972E24-4BA2-47D5-BEFD-94D785AA4E8C} - System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF} => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation -> TechSmith Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [26680 2009-10-20] (Hewlett-Packard Company -> )
Task: {751FC730-C3F0-4E4C-A355-2DDD1C8042A0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C5A95DD-03B0-42B0-AE44-40365D9FFEB6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {84F573DF-E519-4BA8-8531-0D95980676D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {983288AE-7B6C-4262-A354-ED914BAB9B17} - System32\Tasks\{7ABB10C8-4419-4DA7-B870-5539FB2B4CFF} => C:\Program Files\Dassault Systemes\DraftSight\bin\DraftSight.exe
Task: {9898530D-7128-408C-A288-8A7655746A86} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99DC5BAC-F1C3-4CDC-8CB1-F45B3B886E25} - System32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4} => C:\Windows\system32\pcalua.exe -a "E:\English\JDPaint55 1048\JDPaint.exe" -d "E:\English\JDPaint55 1048"
Task: {9A3CE333-775C-4F78-992D-AA2801A46B4E} - System32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99} => C:\Windows\system32\pcalua.exe -a L:\AutoCAD_2011_English_Win_64bit.exe -d L:\
Task: {9E7B5155-9C08-45C9-9779-27D04278AC5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {A6AC5370-51F9-4CFD-997A-8A157D90FF99} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {B1887102-041D-4F62-A50E-9FDD2221ED07} - System32\Tasks\SafeZone scheduled Autoupdate 1460721208 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {BEBB79F8-7713-4DBF-9FF9-0BA8E1E28A44} - System32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\setup.exe -d C:\Users\BR\Downloads
Task: {CA4307C5-0B5B-4183-AE41-368899A730FF} - System32\Tasks\{A75FBD77-F964-481B-B7EF-F4B1EA2968ED} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D16D3224-3EE0-4200-9E22-85BF14CE0671} - System32\Tasks\{9C9F2E80-4ADE-449B-9057-40106FF8BC7F} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D5226923-4D3A-4364-BD39-D4CE1AE244C8} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816 2015-03-11] (Tweaking LLC -> Tweaking.com)
Task: {DD268EF9-0389-4933-BB76-5200E5670973} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC4FBFEB-BFDC-48EE-B167-145BF1279500} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {EF688760-AA89-4443-B5F1-5CEE174F3EBE} - System32\Tasks\{344968BF-A556-4FFC-984C-7E186895F06B} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\DriverAgent\dauninst.exe
Task: {F071B936-8E01-43A1-8968-3D7C08AC6606} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FDFDEFE5-F9F6-4CA4-BCF3-CD265AA0EF41} - System32\Tasks\HPCustPartic.exe_{F94022F2-89C4-4C6F-A846-667671D2320F} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {FF68EC2C-3B0C-4266-A221-56BDB11B6623} - System32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\Mach3Version3.043.066.exe -d C:\Users\BR\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EF1371BB-7288-4F5F-870B-12C74F93F93F}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1004 -> {5C92EB9F-4A20-4856-8F45-C04A70AC3398} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corporation -> Microsoft Corp.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: k3qr4zmn.default-1425818769644-1570208607069
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\k3qr4zmn.default-1425818769644-1570208607069 [2020-01-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-13] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-26] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @citrixonline.com/appdetectorplugin -> C:\Users\BR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-28] (Citrix Online -> Citrix Online)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default [2019-09-24]
CHR DownloadDir: C:\Users\BR\Desktop
CHR HomePage: Backup Default -> hxxp://www.google.com/ig
CHR Extension: (Slides) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-11]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-11]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-11]
CHR Extension: (Avast SafePrice) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-05]
CHR Extension: (Sheets) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default [2020-01-25]
CHR Notifications: Default -> hxxps://all3dp.com; hxxps://ca.letgo.com; hxxps://drfone.wondershare.com; hxxps://fres-news.com; hxxps://mail.google.com; hxxps://www.backyardboss.net; hxxps://www.bookingbuddy.com; hxxps://www.chatfieldcourt.com; hxxps://www.cruisecritic.com; hxxps://www.dxfdownloads.com; hxxps://www.dxfforcnc.com; hxxps://www.esky.com; hxxps://www.ironplanet.com; hxxps://www.jetsetter.com; hxxps://www.kijiji.ca; hxxps://www.letgo.com; hxxps://www.reddit.com; hxxps://www.wegotravel.ca; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR DefaultSearchURL: Default -> hxxps://ca.letgo.com/icons/android-chrome-36x36.png
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-05-30]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-29]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-18]
CHR Extension: (Avast Online Security) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (letgo-web) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkjbfeahmkobkcbpjmjbdfcegiapnlc [2019-06-15]
CHR Extension: (craigslist: vancouver, BC jobs, apart...) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodmfgjfnfmcjhffmmaepknoggiokdhk [2020-01-25]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (Hewlett-Packard Company -> ArcSoft, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia -> Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia -> Secunia)
S4 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-06-07] (SolidWorks) [File not signed]
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc. -> iAnywhere Solutions, Inc.)
S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-01-29] (Reason Software Company Inc. -> RaMMicHaeL)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [237936 2009-08-03] (ATI Technologies, Inc -> Advanced Micro Devices, Inc)
R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28216 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3678720 2012-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S0 czhwah; C:\Windows\SysWOW64\drivers\deakun.sys [61440 2019-02-11] () [File not signed]
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2020-01-18] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel® Code Signing External -> )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SydexFDD; C:\Windows\SysWOW64\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows ® 2000 DDK provider) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S0 ynub; C:\Windows\SysWOW64\drivers\owgosexc.sys [61440 2019-02-11] () [File not signed]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-18 13:05 - 2020-01-18 13:05 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-12 08:25 - 2020-01-12 08:25 - 000000000 ____D C:\Program Files\iPod
2020-01-12 08:24 - 2020-01-12 08:25 - 000000000 ____D C:\Program Files\iTunes
2020-01-12 08:23 - 2020-01-12 08:23 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2020-01-12 08:23 - 2020-01-12 08:23 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\Program Files\Bonjour
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\Program Files (x86)\Bonjour
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI3877b.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI38778.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI38772.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI3876b.tmp
2020-01-12 08:21 - 2020-01-12 08:21 - 000000000 ____D C:\MSI38765.tmp
2020-01-12 08:20 - 2020-01-12 08:20 - 000000000 ____D C:\MSI3875f.tmp
2020-01-12 08:20 - 2020-01-12 08:20 - 000000000 ____D C:\MSI35cc6.tmp
2020-01-12 08:04 - 2020-01-12 08:04 - 000000000 ____D C:\MSI3382d.tmp
2020-01-12 07:53 - 2020-01-12 07:53 - 000000000 ____D C:\MSI337a0.tmp
2020-01-12 07:52 - 2020-01-12 07:52 - 000000000 ____D C:\MSI33777.tmp
2020-01-12 07:50 - 2020-01-12 07:50 - 000000000 ____D C:\MSI33161.tmp
2020-01-12 07:48 - 2020-01-12 07:48 - 000000000 ____D C:\MSI32b4a.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b45.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b3e.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b38.tmp
2020-01-12 07:34 - 2020-01-12 07:34 - 000000000 ____D C:\MSI32b32.tmp
2020-01-12 07:15 - 2020-01-12 07:15 - 000000000 ____D C:\Program Files\DigiDNA

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-25 08:15 - 2019-02-10 14:37 - 000000000 ____D C:\FRST
2020-01-25 08:14 - 2018-01-21 13:53 - 000003914 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{AAEA059E-67E6-4D4B-A555-071AD2AC6636}
2020-01-25 07:39 - 2012-04-13 07:31 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2020-01-25 04:51 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-25 04:51 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-24 08:42 - 2009-07-13 21:13 - 000786622 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-24 08:42 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2020-01-18 15:09 - 2018-10-08 19:41 - 000002980 _____ C:\Windows\system32\Tasks\{9C9F2E80-4ADE-449B-9057-40106FF8BC7F}
2020-01-18 15:09 - 2018-09-06 05:17 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-18 15:09 - 2018-07-20 11:43 - 000002988 _____ C:\Windows\system32\Tasks\{7ABB10C8-4419-4DA7-B870-5539FB2B4CFF}
2020-01-18 15:09 - 2018-07-08 11:16 - 000002940 _____ C:\Windows\system32\Tasks\HPCustPartic.exe_{F94022F2-89C4-4C6F-A846-667671D2320F}
2020-01-18 15:09 - 2017-11-15 16:40 - 000002948 _____ C:\Windows\system32\Tasks\{A75FBD77-F964-481B-B7EF-F4B1EA2968ED}
2020-01-18 15:09 - 2017-11-15 16:40 - 000002948 _____ C:\Windows\system32\Tasks\{8B8FB205-9240-4AC7-98E1-1FC0022AA2DC}
2020-01-18 15:09 - 2017-08-09 01:06 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-01-18 15:09 - 2017-07-12 08:29 - 000003066 _____ C:\Windows\system32\Tasks\{344968BF-A556-4FFC-984C-7E186895F06B}
2020-01-18 15:09 - 2017-03-19 08:15 - 000003892 _____ C:\Windows\system32\Tasks\SafeZone scheduled Autoupdate 1460721208
2020-01-18 15:09 - 2016-04-15 03:50 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-01-18 15:09 - 2015-12-31 17:41 - 000002952 _____ C:\Windows\system32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF}
2020-01-18 15:09 - 2015-12-31 15:47 - 000003648 _____ C:\Windows\system32\Tasks\Tweaking.com - Windows Repair Tray Icon
2020-01-18 15:09 - 2015-09-14 16:14 - 000003128 _____ C:\Windows\system32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4}
2020-01-18 15:09 - 2015-08-19 04:44 - 000002948 _____ C:\Windows\system32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275}
2020-01-18 15:09 - 2015-06-07 08:28 - 000002940 _____ C:\Windows\system32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D}
2020-01-18 15:09 - 2015-06-07 08:15 - 000003556 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Officejet 5740 series
2020-01-18 15:09 - 2014-09-04 11:21 - 000003496 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR
2020-01-18 15:09 - 2014-05-02 18:02 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-18 15:09 - 2014-05-02 18:02 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-18 15:09 - 2013-11-18 09:26 - 000003132 _____ C:\Windows\system32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF}
2020-01-18 15:09 - 2013-08-27 17:19 - 000003076 _____ C:\Windows\system32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99}
2020-01-18 15:09 - 2013-08-19 18:26 - 000002766 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-18 15:09 - 2013-08-16 12:05 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-01-18 15:09 - 2013-08-16 12:05 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-01-18 15:09 - 2012-06-07 12:42 - 000003100 _____ C:\Windows\system32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3}
2020-01-18 15:09 - 2012-04-13 07:31 - 000003768 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-18 15:09 - 2012-03-13 06:53 - 000003032 _____ C:\Windows\system32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7}
2020-01-18 15:09 - 2012-03-13 06:03 - 000003926 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{04763158-D395-4D60-AA42-FEC1973CEF7F}
2020-01-18 15:09 - 2012-03-13 05:12 - 000003706 _____ C:\Windows\system32\Tasks\RecoveryCDWin7
2020-01-18 15:09 - 2009-12-17 12:25 - 000003164 _____ C:\Windows\system32\Tasks\DVDAgent
2020-01-18 15:09 - 2009-12-17 12:24 - 000003200 _____ C:\Windows\system32\Tasks\CLMLSvc
2020-01-18 13:10 - 2017-03-16 02:48 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-01-18 13:04 - 2015-10-08 11:40 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-01-18 13:03 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-12 08:22 - 2014-11-15 16:08 - 000000000 ____D C:\Program Files\Common Files\Apple

==================== Files in the root of some directories ========

2014-09-09 15:27 - 2014-09-09 15:30 - 000000000 _____ () C:\Users\BR\AppData\Roaming\bibstats
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-27 08:09 - 2014-11-28 09:44 - 000004042 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-11-11 10:57 - 2014-11-11 10:57 - 000000044 _____ () C:\Users\BR\AppData\Roaming\WB.CFG
2017-01-14 12:04 - 2017-01-14 12:04 - 000000000 ____H () C:\Users\BR\AppData\Local\BITD200.tmp
2014-10-27 09:02 - 2014-10-27 09:02 - 000009728 _____ () C:\Users\BR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-08 13:25 - 2020-01-08 13:25 - 000000218 _____ () C:\Users\BR\AppData\Local\recently-used.xbel
2015-09-26 12:43 - 2015-09-26 12:43 - 000000017 _____ () C:\Users\BR\AppData\Local\resmon.resmoncfg
2012-06-07 20:09 - 2012-06-07 20:09 - 000000000 _____ () C:\Users\BR\AppData\Local\Temptable.xml
2012-09-23 13:15 - 2012-09-23 13:15 - 000137289 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
2012-09-23 13:15 - 2012-09-23 13:15 - 000132486 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
2012-09-23 13:15 - 2012-09-23 13:15 - 000132533 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
2012-09-23 13:15 - 2012-09-23 13:15 - 000003890 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000121078 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000044248 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
2012-10-03 17:18 - 2012-10-03 17:18 - 000112551 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.0
2012-10-03 17:18 - 2012-10-03 17:18 - 000040181 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000115714 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000038427 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000134269 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000049466 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000135858 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000050685 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.1
2012-10-03 17:22 - 2012-10-03 17:22 - 000050520 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
2012-10-03 17:23 - 2012-10-03 17:23 - 000136857 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.0
2012-10-03 17:23 - 2012-10-03 17:23 - 000049261 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.1
2012-10-03 17:23 - 2012-10-03 17:23 - 000049486 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
2012-08-22 15:05 - 2012-08-22 15:05 - 000006400 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
2012-08-22 15:05 - 2012-08-22 15:05 - 000001969 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
2017-01-14 11:57 - 2017-01-14 12:04 - 000000000 _____ () C:\Users\BR\AppData\Local\{7A3D3458-EB7D-4C05-A5E4-FDFD4ED3DCBD}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD.  ->

LastRegBack: 2020-01-18 13:57
==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by BR (25-01-2020 08:17:22)
Running from C:\Users\BR\Downloads
Windows 7 Home Premium Service Pack 3 (X64) (2012-03-13 13:09:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-998330651-303224156-1059126384-500 - Administrator - Disabled)
bcom (S-1-5-21-998330651-303224156-1059126384-1003 - Administrator - Enabled) => C:\Users\bcom
BR (S-1-5-21-998330651-303224156-1059126384-1004 - Administrator - Enabled) => C:\Users\BR
BRIAN (S-1-5-21-998330651-303224156-1059126384-1000 - Administrator - Enabled) => C:\Users\BRIAN
Guest (S-1-5-21-998330651-303224156-1059126384-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (HKLM-x32\...\{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (HKLM-x32\...\{A7AEE29F-839E-46B5-B347-6D430618129F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Autodesk Pixlr (HKLM-x32\...\{B0547B43-3AEE-453C-9945-800DDF92052D}) (Version: 1.1.1.0 - Autodesk) Hidden
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (HKLM-x32\...\{0DEF8C02-2EAB-4BFE-A7E0-7990665DF1A9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (HKLM-x32\...\{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Garmin USB Drivers (HKLM\...\{956B3B73-29E8-423C-8973-D8085DE69E13}) (Version: 2.3.1.2 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google SketchUp 8 (HKLM-x32\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
gsimple 2.05 (HKLM-x32\...\gsimple) (Version: 2.05 - S.Kontogiannis)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{B09B89DC-91EF-4965-800D-2A5807D117D1}) (Version: 40.11.1135.17143 - HP Inc.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
iTunes (HKLM\...\{9C96D8AC-EE43-4B47-877C-D11595511C8E}) (Version: 12.10.3.1 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Live Mail Password Decryptor (HKLM-x32\...\{2C7228FF-A6A8-49D1-BE08-7453AB5D0359}) (Version: 4.0 - SecurityXploded) Hidden
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Mail Undelete Recovery Toolbox Free 2.3 (HKLM-x32\...\Mail Undelete Recovery Toolbox Free_is1) (Version:  - Recovery Toolbox, Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{0E14A09E-FBF5-461C-A10B-62F231B1722C}) (Version: 40.11.1135.17143 - HP Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2216 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scanything V1.0.8 (HKLM-x32\...\Scanything) (Version: 1.0.8 - Scanything)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SewArt (HKLM\...\{233A5312-C6B1-48DB-8F62-5E1E2975F499}) (Version: 1.8.8 - S & S Computing)
SewWhat-Pro (HKLM\...\{5DF40802-1935-4B9F-9B7C-B16B6B875461}) (Version: 3.9.7 - S & S Computing)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype version 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Skype™ 7.41 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.41.101 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolidWorks 2011 x64 Edition SP02 (HKLM\...\{4F113377-0BA1-4552-9ABB-9BF220FAF132}) (Version: 19.120.49 - SolidWorks) Hidden
SolidWorks eDrawings 2011 x64 Edition SP02 (HKLM\...\{455804F2-70A9-46BD-BEB8-957000EC20D4}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SQLAnywhere1000 (HKLM-x32\...\{349E9132-5101-4094-859E-0EEE6F3DDCD5}) (Version: 10.1.4157 - Merry Mechanization Inc)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.8 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.3 - Tweaking.com)
Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{90C3F44A-7F39-4AEA-AC41-E32F97208269}) (Version: 17.0.185.7427 - Wilcom) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{4CEEAF57-0208-4CA4-A473-914C2D2FFC23}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FileAssociationHelper] -> {D5CF14A2-B3CA-49DC-8E3E-0BB233B26D09} => C:\Program Files\File Association Helper\FAHDll.dll [2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1-x32: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => C:\Program Files (x86)\PhoXo\ExploreMenu.dll -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\BR\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/desktop/index.htm
ShortcutWithArgument: C:\Users\BR\Desktop\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc
ShortcutWithArgument: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_pjkljhegncpnkpknbcohdijeoejaedia\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\craigslist_ vancouver, BC jobs, apart.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=oodmfgjfnfmcjhffmmaepknoggiokdhk
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc

==================== Loaded Modules (Whitelisted) =============

2016-06-07 23:10 - 2016-06-07 23:10 - 000125440 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000205824 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-12-08 12:26 - 2019-12-13 17:52 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 000259584 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libegl.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 003044352 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libglesv2.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () [File not signed] C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-10-10 14:17 - 2007-07-17 15:26 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
2012-12-15 12:55 - 2005-03-12 00:07 - 000087040 _____ () [File not signed] C:\Windows\System32\pdfcmnnt.dll
2009-09-20 09:53 - 2009-09-20 09:53 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 09:53 - 2009-09-20 09:53 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 09:53 - 2009-09-20 09:53 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000338432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2010-10-22 12:08 - 2010-10-22 12:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2013-09-11 22:10 - 2013-09-11 22:10 - 000328704 _____ (Hewlett-Packard Co.) [File not signed] C:\Windows\System32\hpinksts7012LM.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2005-09-23 03:26 - 2005-09-23 03:26 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2005-09-23 03:33 - 2005-09-23 03:33 - 000247296 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2017-10-05 22:05 - 2017-10-05 22:05 - 002969600 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmCodecs.dll
2017-10-05 22:08 - 2017-10-05 22:08 - 000941056 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmMediaManager.dll
2017-10-05 22:03 - 2017-10-05 22:03 - 000654848 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPal.dll
2017-10-05 22:07 - 2017-10-05 22:07 - 010914816 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPltfm.dll
2017-10-05 22:04 - 2017-10-05 22:04 - 000089088 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2004-02-23 11:42 - 2004-02-23 11:42 - 001386496 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVBVM60.DLL
2012-03-16 02:02 - 2012-03-16 02:02 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-10-05 22:16 - 2017-10-05 22:16 - 027716608 ____R (Skype Technologies S.A.) [File not signed] C:\Program Files (x86)\Skype\Phone\SkypeSkylib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2019-01-04 01:01 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\SQL Anywhere 10\win32;C:\Program Files (x86)\SQL Anywhere 10\Sybase Central 5.0.0\win32;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AliSafeEngine Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SentinelKeysServer => 2
MSCONFIG\Services: SentinelProtectionServer => 2
MSCONFIG\Services: SentinelSecurityRuntime => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Unchecky => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: wwbizsrv => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{941584E1-854B-434D-85FE-08615386E6DD}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{24DB1A02-894B-4B50-80C3-AF89B7F3A379}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{0B6B3E9F-1303-4E14-8895-DA3ACC99F6CF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{1E3A6126-5910-4D3B-9911-15769D574BBB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4CB72E1A-D77F-4284-B7EA-15ECCA2A0518}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{849E739F-CA22-4888-A9A6-C5EE2B84C0D7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B3B2AC8C-624A-4D95-AA88-2C109ACF15C1}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{75B9D3FE-C59D-40B9-BB93-78365A52A88E}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7027FCA1-ED17-4B7B-9DEF-90707122CEED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [{4E250D65-5C7F-4C5C-8E68-F728A34421A7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{9BF14085-062A-4EB5-A452-75190E55F47F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{20D7AE74-B6A3-426F-B416-9DC325C694AA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26EAF1A7-27A7-40A1-8B97-244D92D509DD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{84C5F561-9393-4117-9C21-1602D63CDAA9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{14FC1362-862C-41E8-9E03-9DEAFB364DA3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{268CDBAB-5953-49C3-B923-E0C09378C160}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F028B163-0059-448B-BB75-773426B9BFC0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2DE49187-0F5B-4044-84FE-0A669CC85F33}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2F80605A-D7CD-4639-B271-0B88302D1B78}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5F35F7C3-2461-4952-AA85-73CF95EA6F47}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C21344CC-E893-44F5-8E7E-701F26AB182D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FA59B4A3-B4E9-4169-80CA-0ACAFF3299DB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D1A0FBE8-8102-4DCB-9C1B-4C6DA9A2E4B0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8BF19FE5-091A-4478-A1B9-B0F5988DB7EB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DDEF6243-1EA8-4B81-9D35-C268ABDF94F0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3C37859B-1FDB-4B6F-AC4C-69AA2592E700}] => (Allow) LPort=5357
FirewallRules: [{38935BAA-FB00-4F8E-AFF2-1ECFFCCB3402}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{83EF81F4-A047-486B-9ED7-788156AA5F02}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2CCFE143-FE63-463D-BF2D-38FA0542B828}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{30090691-2965-4C2E-BCEA-F17CD8043B3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{368EF3B6-D448-4597-BDD7-C5370190596C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7F9AC02C-F9FA-4201-9C09-C06F7B5B630D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{747DE1F7-7A8F-4729-8D96-E06E0C5A5FFA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{B41BAFD4-3B90-42C3-B49D-50BD0A8FC864}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7FAC275E-EF51-4AE7-BF73-EB278A5117C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E11B348-E024-4FA4-974E-4ABA18354EA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{32037EE3-CB62-4E38-A5AA-9282CB2DB64D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{63B2AC6C-B348-4C36-A5A2-D3897AD25E9E}C:\users\br\downloads\lastskype\skype.exe] => (Allow) C:\users\br\downloads\lastskype\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4C186173-6240-41E4-B952-BD8BEE541592}C:\users\br\downloads\lastskype\skype.exe] => (Allow) C:\users\br\downloads\lastskype\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D122C3F6-5ADB-4E6D-92C7-92BBD59D7880}] => (Allow) LPort=5060
FirewallRules: [{94C1293C-FDD6-4C82-9154-F8E4044A5BC3}] => (Allow) LPort=5060
FirewallRules: [{BBB75CFF-EC99-4774-8155-547F28809543}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D01CFA03-1BA8-4EA9-A86F-CC6E770F03C2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B99D4FD-F3D3-451D-A0C4-183222C8745F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BBD7D73-8AA0-4574-80C0-423169522C48}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{981237FF-8ED1-4BB2-BE45-3263D7508E01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B527783B-C33A-4F54-893A-C2D6F033491C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BF29DDB-82EC-47D1-BC27-63311912B242}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AEC82EC9-7004-4C5C-A960-6FD1A11D564B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71F37F46-916E-45CF-9F3B-B92AF2D83A04}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{709BC2A4-9C30-4A50-9DE6-AA734B0C02CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

20-12-2018 03:01:27 Windows Update
28-12-2018 09:24:34 Scheduled Checkpoint
09-01-2019 03:00:26 Windows Update
09-01-2019 05:32:54 Windows Update
16-01-2019 03:00:11 Windows Update
25-01-2019 00:09:48 Scheduled Checkpoint
11-02-2019 07:05:09 Removed 0501(English)
11-02-2019 09:49:29 Restore Point Created by FRST
11-02-2019 10:17:08 Restore Point Created by FRST
13-02-2019 03:01:14 Windows Update
15-02-2019 07:29:49 Removed Java 8 Update 66
13-03-2019 02:01:10 Windows Update
14-03-2019 02:01:00 Windows Update
24-03-2019 23:09:19 Scheduled Checkpoint
27-03-2019 02:00:13 Windows Update
04-04-2019 02:00:13 Windows Update
11-04-2019 02:00:14 Windows Update
14-04-2019 02:00:59 Windows Update
30-04-2019 23:00:59 Scheduled Checkpoint
15-05-2019 02:00:27 Windows Update
03-06-2019 23:05:17 Scheduled Checkpoint
14-06-2019 16:18:20 Removed Sentinel Protection Installer 7.6.6
14-06-2019 16:20:36 Removed Free DWG Viewer 7.3.
14-06-2019 16:24:23 Removed LightScribe System Software.
14-06-2019 16:26:00 Configured PowerStarter
14-06-2019 16:26:45 Configured HP
14-06-2019 16:28:53 Configured Power2Go
14-06-2019 16:31:31 Removed SMPIS.
14-06-2019 16:33:45 Removed SQLAnywhere1000.
14-06-2019 16:37:35 Revo Uninstaller's restore point - ArtCAM 2015 (64-bit)
14-06-2019 16:38:41 Revo Uninstaller's restore point - ArtCAM 2015 (64-bit)
15-06-2019 02:00:44 Windows Update
16-06-2019 02:00:23 Windows Update
16-06-2019 06:08:34 Revo Uninstaller's restore point - SolidWorks 2011 x64 Edition SP02
16-06-2019 06:12:22 Revo Uninstaller's restore point - SolidWorks Explorer 2011 SP02
16-06-2019 06:13:50 Removed SolidWorks Explorer 2011 SP02.
16-06-2019 06:16:38 Removed SolidWorks eDrawings 2011 SP02.
27-06-2019 22:38:00 Scheduled Checkpoint
11-07-2019 02:00:14 Windows Update
25-07-2019 02:00:34 Windows Update
14-08-2019 02:00:20 Windows Update
11-09-2019 02:00:42 Windows Update
12-09-2019 02:00:28 Windows Update
15-09-2019 02:00:12 Windows Update
16-09-2019 02:00:22 Windows Update
02-10-2019 22:44:37 Scheduled Checkpoint
04-10-2019 02:00:17 Windows Update
09-10-2019 02:00:32 Windows Update
13-11-2019 03:00:20 Windows Update
14-11-2019 03:00:15 Windows Update
30-11-2019 11:25:23 Scheduled Checkpoint
08-12-2019 11:38:38 Installed Skype™ 7.41
08-12-2019 11:58:20 Installed Skype™ 7.41
11-12-2019 03:00:26 Windows Update
21-12-2019 01:43:33 Scheduled Checkpoint
04-01-2020 11:53:57 Scheduled Checkpoint
12-01-2020 07:45:51 Removed Apple Application Support (64-bit)
12-01-2020 07:47:23 Removed Apple Application Support (64-bit)
12-01-2020 07:49:55 Removed Apple Application Support (32-bit)
12-01-2020 07:51:40 Removed Bonjour
12-01-2020 07:52:38 Removed Apple Mobile Device Support
12-01-2020 08:03:42 Removed iTunes
12-01-2020 08:23:14 Installed iTunes

==================== Faulty Device Manager Devices ============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/25/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/24/2020 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/23/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/22/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/21/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/20/2020 12:00:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/19/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/18/2020 01:17:46 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

System errors:
=============
Error: (01/24/2020 03:25:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/23/2020 03:25:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/22/2020 03:25:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/21/2020 03:25:34 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/20/2020 03:25:33 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/19/2020 03:25:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/19/2020 01:15:32 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/18/2020 01:06:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
czhwah
ynub

CodeIntegrity:
===================================

Date: 2018-11-14 03:40:07.722
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:59.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:58.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.175
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.034
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.641
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.314
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:29:01.016
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5.14 11/13/2009
Motherboard: PEGATRON CORPORATION Eureka3
Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 88%
Total physical RAM: 7133.18 MB
Available physical RAM: 847.83 MB
Total Virtual: 14264.5 MB
Available Virtual: 8277.21 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:147.6 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{b853008b-6d0c-11e1-b88a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Open Chrome.

 

Go to:

chrome://settings/

 

Click on Advanced

 

Click on Privacy and Security

 

Now scroll to where it says System and turn off:

Continue running background apps when Google Chrome is closed
 

 

Click on Site Settings

 

Click on Notifications

Where it says Ask Before Sending, Click on the blue icon so it turns off.  It should now say Blocked.

 

Now under Privacy and Security

 

Find:

 

Preload pages for faster browsing and searching

 

Turn OFF

 

 

Restart Chrome.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   11.68KB   12 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Are you still getting the popups?


 


  • 0

#5
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

the link for fixlist only produces a file so i downloaded farbar else-ware here is what it produced  yes still getting popups

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by BR (26-01-2020 10:09:30) Run:1
Running from C:\Users\BR\Downloads
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Boot Mode: Normal
==============================================

fixlist content:
*****************
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S0 czhwah; C:\Windows\SysWOW64\drivers\deakun.sys [61440 2019-02-11] () [File not signed]
S0 ynub; C:\Windows\SysWOW64\drivers\owgosexc.sys [61440 2019-02-11] () [File not signed]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1-x32: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => C:\Program Files (x86)\PhoXo\ExploreMenu.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
FirewallRules: [{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7027FCA1-ED17-4B7B-9DEF-90707122CEED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [{4E250D65-5C7F-4C5C-8E68-F728A34421A7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{9BF14085-062A-4EB5-A452-75190E55F47F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{20D7AE74-B6A3-426F-B416-9DC325C694AA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26EAF1A7-27A7-40A1-8B97-244D92D509DD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{84C5F561-9393-4117-9C21-1602D63CDAA9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{14FC1362-862C-41E8-9E03-9DEAFB364DA3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{268CDBAB-5953-49C3-B923-E0C09378C160}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F028B163-0059-448B-BB75-773426B9BFC0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2DE49187-0F5B-4044-84FE-0A669CC85F33}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2F80605A-D7CD-4639-B271-0B88302D1B78}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5F35F7C3-2461-4952-AA85-73CF95EA6F47}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{83EF81F4-A047-486B-9ED7-788156AA5F02}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2CCFE143-FE63-463D-BF2D-38FA0542B828}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{30090691-2965-4C2E-BCEA-F17CD8043B3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{368EF3B6-D448-4597-BDD7-C5370190596C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:

*****************

"HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]" => not found
"FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]" => not found
"HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]" => not found
"FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => not found
AppMgmt => service not found.
czhwah => service not found.
ynub => service not found.
DrvAgent64 => service not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PhoXo => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7027FCA1-ED17-4B7B-9DEF-90707122CEED}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E250D65-5C7F-4C5C-8E68-F728A34421A7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BF14085-062A-4EB5-A452-75190E55F47F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20D7AE74-B6A3-426F-B416-9DC325C694AA}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26EAF1A7-27A7-40A1-8B97-244D92D509DD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84C5F561-9393-4117-9C21-1602D63CDAA9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14FC1362-862C-41E8-9E03-9DEAFB364DA3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{268CDBAB-5953-49C3-B923-E0C09378C160}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F028B163-0059-448B-BB75-773426B9BFC0}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DE49187-0F5B-4044-84FE-0A669CC85F33}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F80605A-D7CD-4639-B271-0B88302D1B78}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F35F7C3-2461-4952-AA85-73CF95EA6F47}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83EF81F4-A047-486B-9ED7-788156AA5F02}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CCFE143-FE63-463D-BF2D-38FA0542B828}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30090691-2965-4C2E-BCEA-F17CD8043B3C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{368EF3B6-D448-4597-BDD7-C5370190596C}" => not found

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

========= End of CMD: =========

==== End of Fixlog 10:10:26 ====


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Need a new FRST scan.


  • 0

#7
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S0 czhwah; C:\Windows\SysWOW64\drivers\deakun.sys [61440 2019-02-11] () [File not signed]
S0 ynub; C:\Windows\SysWOW64\drivers\owgosexc.sys [61440 2019-02-11] () [File not signed]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1-x32: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => C:\Program Files (x86)\PhoXo\ExploreMenu.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
FirewallRules: [{7BCA530D-AEF9-4312-AB98-5FA57B22C9D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DD0816DF-1A6D-46DE-B7FA-8F03EA897AFA}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS0312\HPDiagnosticCoreUI.exe No File
FirewallRules: [{7027FCA1-ED17-4B7B-9DEF-90707122CEED}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [{4E250D65-5C7F-4C5C-8E68-F728A34421A7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS03BC\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{9F26BF52-B13B-471C-A6AC-44F98C53BC00}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [UDP Query User{E3DB5C18-C6C1-4FD6-A0D7-15EFCCE65DC2}C:\program files (x86)\trademanager\aliim.exe] => (Allow) C:\program files (x86)\trademanager\aliim.exe No File
FirewallRules: [{FEA0FE39-54A2-480A-9CAD-7D55D772EAA6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{9BF14085-062A-4EB5-A452-75190E55F47F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{B9C78521-F0A8-4E23-9136-149ADB9DB1A0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{20D7AE74-B6A3-426F-B416-9DC325C694AA}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe No File
FirewallRules: [{25DB26D6-7C8D-421E-BD9F-0EBCBFA140D4}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{BD5D4210-B6E5-45E3-881D-BAEC293F3BF7}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS35EA\HPDiagnosticCoreUI.exe No File
FirewallRules: [{26EAF1A7-27A7-40A1-8B97-244D92D509DD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{84C5F561-9393-4117-9C21-1602D63CDAA9}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS3FFD\HPDiagnosticCoreUI.exe No File
FirewallRules: [{066E33B9-FBB5-4872-A4EF-6ACA4D6C8780}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{D8C0664B-C6D4-48BA-B1F4-5682814D8FAF}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS4109\HPDiagnosticCoreUI.exe No File
FirewallRules: [{14FC1362-862C-41E8-9E03-9DEAFB364DA3}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{734FA13E-75FC-4204-82B7-5CBEADE5CEF1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS416B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{268CDBAB-5953-49C3-B923-E0C09378C160}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EB46FD57-3C8D-4324-BF80-8CACE5BC36F5}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS7EF8\HPDiagnosticCoreUI.exe No File
FirewallRules: [{F028B163-0059-448B-BB75-773426B9BFC0}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2DE49187-0F5B-4044-84FE-0A669CC85F33}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2E7E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2F80605A-D7CD-4639-B271-0B88302D1B78}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5F35F7C3-2461-4952-AA85-73CF95EA6F47}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS2F2F\HPDiagnosticCoreUI.exe No File
FirewallRules: [{5A4F57BB-C9CE-45EC-B240-2C84F10D8EC1}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{C0330068-E65D-41C2-87C9-CA6BA61A2EBD}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS334A\HPDiagnosticCoreUI.exe No File
FirewallRules: [{83EF81F4-A047-486B-9ED7-788156AA5F02}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{2CCFE143-FE63-463D-BF2D-38FA0542B828}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS492E\HPDiagnosticCoreUI.exe No File
FirewallRules: [{30090691-2965-4C2E-BCEA-F17CD8043B3C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
FirewallRules: [{368EF3B6-D448-4597-BDD7-C5370190596C}] => (Allow) C:\Users\BR\AppData\Local\Temp\7zS71FF\HPDiagnosticCoreUI.exe No File
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Hit SCAN not FIX.  Just as at the beginning.  You will then get two logs.  Post both.


  • 0

#9
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2020 01
Ran by BR (administrator) on BRIAN-PC (HP-Pavilion BK235AA-ABL p6332c) (27-01-2020 10:27:16)
Running from C:\Users\BR\Downloads
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Platform: Windows 7 Home Premium Service Pack 3 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Secunia -> Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(WinZip Computing LLC -> Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xrWCbgnd.dll [58368 2009-07-13] (Microsoft Windows -> Xerox Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [ISUSPM Startup] => "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3769992 2017-05-23] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Ozeki Phone System XE Service monitor] => "C:\Program Files\Ozeki\Ozeki Phone System XE\ServiceMonitor.exe"
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2014-07-18] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * bootdelete
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B68D52-81A4-4E5D-A008-EBE7A5E1D7A8} - System32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0EB491D2-3F87-4560-81FF-E86009C528CA} - System32\Tasks\{8B8FB205-9240-4AC7-98E1-1FC0022AA2DC} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-10-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {13C746E5-D9D4-410F-8374-C85DD78CB304} - System32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {15D83288-E8EC-4399-BBA8-6E0D31A93A1D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {261C88CB-C0A6-449C-8B7E-520CB4278507} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-07] (Google Inc -> Google Inc.)
Task: {2761B74C-FF47-4ABC-B888-2B671AC244E5} - System32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {2A5E94B0-88B5-4A7C-AE52-03F3C01C221B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {35E21EB3-832F-4CF8-96D9-CA922B3FC962} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216 2009-10-22] (CyberLink -> CyberLink)
Task: {3A971650-3B29-4284-8710-C3F626E29C5B} - System32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {4B06D158-F426-4D63-842D-A8D695E38F5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-07] (Google Inc -> Google Inc.)
Task: {4E972E24-4BA2-47D5-BEFD-94D785AA4E8C} - System32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF} => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation -> TechSmith Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [26680 2009-10-20] (Hewlett-Packard Company -> )
Task: {751FC730-C3F0-4E4C-A355-2DDD1C8042A0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C5A95DD-03B0-42B0-AE44-40365D9FFEB6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {84F573DF-E519-4BA8-8531-0D95980676D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {983288AE-7B6C-4262-A354-ED914BAB9B17} - System32\Tasks\{7ABB10C8-4419-4DA7-B870-5539FB2B4CFF} => C:\Program Files\Dassault Systemes\DraftSight\bin\DraftSight.exe
Task: {9898530D-7128-408C-A288-8A7655746A86} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99DC5BAC-F1C3-4CDC-8CB1-F45B3B886E25} - System32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4} => C:\Windows\system32\pcalua.exe -a "E:\English\JDPaint55 1048\JDPaint.exe" -d "E:\English\JDPaint55 1048"
Task: {9A3CE333-775C-4F78-992D-AA2801A46B4E} - System32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99} => C:\Windows\system32\pcalua.exe -a L:\AutoCAD_2011_English_Win_64bit.exe -d L:\
Task: {9E7B5155-9C08-45C9-9779-27D04278AC5D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {A6AC5370-51F9-4CFD-997A-8A157D90FF99} - System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {B1887102-041D-4F62-A50E-9FDD2221ED07} - System32\Tasks\SafeZone scheduled Autoupdate 1460721208 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {BEBB79F8-7713-4DBF-9FF9-0BA8E1E28A44} - System32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\setup.exe -d C:\Users\BR\Downloads
Task: {CA4307C5-0B5B-4183-AE41-368899A730FF} - System32\Tasks\{A75FBD77-F964-481B-B7EF-F4B1EA2968ED} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27821512 2018-03-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D16D3224-3EE0-4200-9E22-85BF14CE0671} - System32\Tasks\{9C9F2E80-4ADE-449B-9057-40106FF8BC7F} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {D5226923-4D3A-4364-BD39-D4CE1AE244C8} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816 2015-03-11] (Tweaking LLC -> Tweaking.com)
Task: {DD268EF9-0389-4933-BB76-5200E5670973} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC4FBFEB-BFDC-48EE-B167-145BF1279500} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {EF688760-AA89-4443-B5F1-5CEE174F3EBE} - System32\Tasks\{344968BF-A556-4FFC-984C-7E186895F06B} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\DriverAgent\dauninst.exe
Task: {F071B936-8E01-43A1-8968-3D7C08AC6606} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FDFDEFE5-F9F6-4CA4-BCF3-CD265AA0EF41} - System32\Tasks\HPCustPartic.exe_{F94022F2-89C4-4C6F-A846-667671D2320F} => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {FF68EC2C-3B0C-4266-A221-56BDB11B6623} - System32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF} => C:\Windows\system32\pcalua.exe -a C:\Users\BR\Downloads\Mach3Version3.043.066.exe -d C:\Users\BR\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: [DhcpNameServer] 64.59.144.16 64.59.150.132
Tcpip\..\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EF1371BB-7288-4F5F-870B-12C74F93F93F}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {07C7C110-7846-4522-8DA7-7316F05F3171} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-998330651-303224156-1059126384-1004 -> {5C92EB9F-4A20-4856-8F45-C04A70AC3398} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corporation -> Microsoft Corp.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Software Sarl -> Skype Technologies)

FireFox:
========
FF DefaultProfile: k3qr4zmn.default-1425818769644-1570208607069
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\k3qr4zmn.default-1425818769644-1570208607069 [2020-01-27]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-13] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-26] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\TradeManager\nptrademanager.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\TradeManager\npwangwang.dll" [No File]
FF Plugin HKU\S-1-5-21-998330651-303224156-1059126384-1004: @citrixonline.com/appdetectorplugin -> C:\Users\BR\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-28] (Citrix Online -> Citrix Online)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default [2019-09-24]
CHR DownloadDir: C:\Users\BR\Desktop
CHR HomePage: Backup Default -> hxxp://www.google.com/ig
CHR Extension: (Slides) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-11]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-11]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-11]
CHR Extension: (Avast SafePrice) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-05]
CHR Extension: (Sheets) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-11]
CHR Extension: (Avast Online Security) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR Notifications: Default -> hxxps://all3dp.com; hxxps://ca.letgo.com; hxxps://drfone.wondershare.com; hxxps://fres-news.com; hxxps://mail.google.com; hxxps://www.backyardboss.net; hxxps://www.bookingbuddy.com; hxxps://www.chatfieldcourt.com; hxxps://www.cruisecritic.com; hxxps://www.dxfdownloads.com; hxxps://www.dxfforcnc.com; hxxps://www.esky.com; hxxps://www.ironplanet.com; hxxps://www.jetsetter.com; hxxps://www.kijiji.ca; hxxps://www.letgo.com; hxxps://www.reddit.com; hxxps://www.wegotravel.ca; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR DefaultSearchURL: Default -> hxxps://ca.letgo.com/icons/android-chrome-36x36.png
CHR Extension: (Google Drive) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-05-30]
CHR Extension: (YouTube) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Adobe Acrobat) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-01-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (letgo-web) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkjbfeahmkobkcbpjmjbdfcegiapnlc [2019-06-15]
CHR Extension: (craigslist: vancouver, BC jobs, apart...) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodmfgjfnfmcjhffmmaepknoggiokdhk [2020-01-26]
CHR Extension: (Gmail) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\BR\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (Hewlett-Packard Company -> ArcSoft, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia -> Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia -> Secunia)
S4 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2012-06-07] (SolidWorks) [File not signed]
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc. -> iAnywhere Solutions, Inc.)
S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [304408 2017-01-29] (Reason Software Company Inc. -> RaMMicHaeL)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [237936 2009-08-03] (ATI Technologies, Inc -> Advanced Micro Devices, Inc)
R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28216 2009-08-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3678720 2012-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2020-01-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel® Code Signing External -> )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SydexFDD; C:\Windows\SysWOW64\Drivers\sydexfdd.sys [13359 2012-10-16] (Windows ® 2000 DDK provider) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-26 09:50 - 2020-01-26 09:50 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-12 08:25 - 2020-01-12 08:25 - 000000000 ____D C:\Program Files\iPod
2020-01-12 08:24 - 2020-01-12 08:25 - 000000000 ____D C:\Program Files\iTunes
2020-01-12 08:23 - 2020-01-12 08:23 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2020-01-12 08:23 - 2020-01-12 08:23 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\Program Files\Bonjour
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\Program Files (x86)\Bonjour
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI3877b.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI38778.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI38772.tmp
2020-01-12 08:22 - 2020-01-12 08:22 - 000000000 ____D C:\MSI3876b.tmp
2020-01-12 08:21 - 2020-01-12 08:21 - 000000000 ____D C:\MSI38765.tmp
2020-01-12 08:20 - 2020-01-12 08:20 - 000000000 ____D C:\MSI3875f.tmp
2020-01-12 08:20 - 2020-01-12 08:20 - 000000000 ____D C:\MSI35cc6.tmp
2020-01-12 08:04 - 2020-01-12 08:04 - 000000000 ____D C:\MSI3382d.tmp
2020-01-12 07:53 - 2020-01-12 07:53 - 000000000 ____D C:\MSI337a0.tmp
2020-01-12 07:52 - 2020-01-12 07:52 - 000000000 ____D C:\MSI33777.tmp
2020-01-12 07:50 - 2020-01-12 07:50 - 000000000 ____D C:\MSI33161.tmp
2020-01-12 07:48 - 2020-01-12 07:48 - 000000000 ____D C:\MSI32b4a.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b45.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b3e.tmp
2020-01-12 07:35 - 2020-01-12 07:35 - 000000000 ____D C:\MSI32b38.tmp
2020-01-12 07:34 - 2020-01-12 07:34 - 000000000 ____D C:\MSI32b32.tmp
2020-01-12 07:15 - 2020-01-12 07:15 - 000000000 ____D C:\Program Files\DigiDNA

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-27 10:28 - 2019-02-10 14:37 - 000000000 ____D C:\FRST
2020-01-27 10:25 - 2018-01-21 13:53 - 000003914 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{AAEA059E-67E6-4D4B-A555-071AD2AC6636}
2020-01-27 09:39 - 2012-04-13 07:31 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2020-01-27 04:24 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-27 04:24 - 2009-07-13 20:45 - 000015792 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-26 09:47 - 2015-10-08 11:40 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-01-26 09:46 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-25 08:40 - 2009-07-13 21:13 - 000786622 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-25 08:40 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2020-01-18 15:09 - 2018-10-08 19:41 - 000002980 _____ C:\Windows\system32\Tasks\{9C9F2E80-4ADE-449B-9057-40106FF8BC7F}
2020-01-18 15:09 - 2018-09-06 05:17 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-01-18 15:09 - 2018-07-20 11:43 - 000002988 _____ C:\Windows\system32\Tasks\{7ABB10C8-4419-4DA7-B870-5539FB2B4CFF}
2020-01-18 15:09 - 2018-07-08 11:16 - 000002940 _____ C:\Windows\system32\Tasks\HPCustPartic.exe_{F94022F2-89C4-4C6F-A846-667671D2320F}
2020-01-18 15:09 - 2017-11-15 16:40 - 000002948 _____ C:\Windows\system32\Tasks\{A75FBD77-F964-481B-B7EF-F4B1EA2968ED}
2020-01-18 15:09 - 2017-11-15 16:40 - 000002948 _____ C:\Windows\system32\Tasks\{8B8FB205-9240-4AC7-98E1-1FC0022AA2DC}
2020-01-18 15:09 - 2017-08-09 01:06 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-01-18 15:09 - 2017-07-12 08:29 - 000003066 _____ C:\Windows\system32\Tasks\{344968BF-A556-4FFC-984C-7E186895F06B}
2020-01-18 15:09 - 2017-03-19 08:15 - 000003892 _____ C:\Windows\system32\Tasks\SafeZone scheduled Autoupdate 1460721208
2020-01-18 15:09 - 2016-04-15 03:50 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-01-18 15:09 - 2015-12-31 17:41 - 000002952 _____ C:\Windows\system32\Tasks\{1D5C86AE-F4DD-4B79-A361-3F31B70CFCEF}
2020-01-18 15:09 - 2015-12-31 15:47 - 000003648 _____ C:\Windows\system32\Tasks\Tweaking.com - Windows Repair Tray Icon
2020-01-18 15:09 - 2015-09-14 16:14 - 000003128 _____ C:\Windows\system32\Tasks\{9D8A851B-EEC2-4D8A-87F8-B68A9BA893E4}
2020-01-18 15:09 - 2015-08-19 04:44 - 000002948 _____ C:\Windows\system32\Tasks\{05A9FC79-8345-4041-BAB5-63B4B01AD275}
2020-01-18 15:09 - 2015-06-07 08:28 - 000002940 _____ C:\Windows\system32\Tasks\HPCustPartic.exe_{48E34D62-7EF7-41D2-8CFC-FF6ACE1C8F6D}
2020-01-18 15:09 - 2015-06-07 08:15 - 000003556 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Officejet 5740 series
2020-01-18 15:09 - 2014-09-04 11:21 - 000003496 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-BRIAN-PC-BR
2020-01-18 15:09 - 2014-05-02 18:02 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-18 15:09 - 2014-05-02 18:02 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-18 15:09 - 2013-11-18 09:26 - 000003132 _____ C:\Windows\system32\Tasks\{9F1E4A2B-AEA4-4565-A49A-E488006A3FAF}
2020-01-18 15:09 - 2013-08-27 17:19 - 000003076 _____ C:\Windows\system32\Tasks\{6F7F92BF-441E-4C9E-852D-876D6730FB99}
2020-01-18 15:09 - 2013-08-19 18:26 - 000002766 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-01-18 15:09 - 2013-08-16 12:05 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-01-18 15:09 - 2013-08-16 12:05 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-01-18 15:09 - 2012-06-07 12:42 - 000003100 _____ C:\Windows\system32\Tasks\{992C1360-B7C4-4ED1-9082-8E159FCB82C3}
2020-01-18 15:09 - 2012-04-13 07:31 - 000003768 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-18 15:09 - 2012-03-13 06:53 - 000003032 _____ C:\Windows\system32\Tasks\{A5D314F0-456F-4CB4-B01B-01065EE19CB7}
2020-01-18 15:09 - 2012-03-13 06:03 - 000003926 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{04763158-D395-4D60-AA42-FEC1973CEF7F}
2020-01-18 15:09 - 2012-03-13 05:12 - 000003706 _____ C:\Windows\system32\Tasks\RecoveryCDWin7
2020-01-18 15:09 - 2009-12-17 12:25 - 000003164 _____ C:\Windows\system32\Tasks\DVDAgent
2020-01-18 15:09 - 2009-12-17 12:24 - 000003200 _____ C:\Windows\system32\Tasks\CLMLSvc
2020-01-18 13:10 - 2017-03-16 02:48 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-01-12 08:22 - 2014-11-15 16:08 - 000000000 ____D C:\Program Files\Common Files\Apple

==================== Files in the root of some directories ========

2014-09-09 15:27 - 2014-09-09 15:30 - 000000000 _____ () C:\Users\BR\AppData\Roaming\bibstats
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-27 08:09 - 2014-11-28 09:44 - 000004042 _____ () C:\Users\BR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-27 08:16 - 2014-11-13 19:01 - 000000308 _____ () C:\Users\BR\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-11-11 10:57 - 2014-11-11 10:57 - 000000044 _____ () C:\Users\BR\AppData\Roaming\WB.CFG
2017-01-14 12:04 - 2017-01-14 12:04 - 000000000 ____H () C:\Users\BR\AppData\Local\BITD200.tmp
2014-10-27 09:02 - 2014-10-27 09:02 - 000009728 _____ () C:\Users\BR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-08 13:25 - 2020-01-08 13:25 - 000000218 _____ () C:\Users\BR\AppData\Local\recently-used.xbel
2015-09-26 12:43 - 2015-09-26 12:43 - 000000017 _____ () C:\Users\BR\AppData\Local\resmon.resmoncfg
2012-06-07 20:09 - 2012-06-07 20:09 - 000000000 _____ () C:\Users\BR\AppData\Local\Temptable.xml
2012-09-23 13:15 - 2012-09-23 13:15 - 000137289 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
2012-09-23 13:15 - 2012-09-23 13:15 - 000132486 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
2012-09-23 13:15 - 2012-09-23 13:15 - 000132533 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
2012-09-23 13:15 - 2012-09-23 13:15 - 000003890 _____ () C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000121078 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000044248 _____ () C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
2012-10-03 17:18 - 2012-10-03 17:18 - 000112551 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.0
2012-10-03 17:18 - 2012-10-03 17:18 - 000040181 _____ () C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
2012-10-03 17:21 - 2012-10-03 17:21 - 000115714 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.0
2012-10-03 17:21 - 2012-10-03 17:21 - 000038427 _____ () C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000134269 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000049466 _____ () C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
2012-10-03 17:22 - 2012-10-03 17:22 - 000135858 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.0
2012-10-03 17:22 - 2012-10-03 17:22 - 000050685 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.1
2012-10-03 17:22 - 2012-10-03 17:22 - 000050520 _____ () C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
2012-10-03 17:23 - 2012-10-03 17:23 - 000136857 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.0
2012-10-03 17:23 - 2012-10-03 17:23 - 000049261 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.1
2012-10-03 17:23 - 2012-10-03 17:23 - 000049486 _____ () C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
2012-08-22 15:05 - 2012-08-22 15:05 - 000006400 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
2012-08-22 15:05 - 2012-08-22 15:05 - 000001969 _____ () C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
2017-01-14 11:57 - 2017-01-14 12:04 - 000000000 _____ () C:\Users\BR\AppData\Local\{7A3D3458-EB7D-4C05-A5E4-FDFD4ED3DCBD}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD.  ->

LastRegBack: 2020-01-18 13:57
==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by BR (27-01-2020 10:30:19)
Running from C:\Users\BR\Downloads
Windows 7 Home Premium Service Pack 3 (X64) (2012-03-13 13:09:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-998330651-303224156-1059126384-500 - Administrator - Disabled)
bcom (S-1-5-21-998330651-303224156-1059126384-1003 - Administrator - Enabled) => C:\Users\bcom
BR (S-1-5-21-998330651-303224156-1059126384-1004 - Administrator - Enabled) => C:\Users\BR
BRIAN (S-1-5-21-998330651-303224156-1059126384-1000 - Administrator - Enabled) => C:\Users\BRIAN
Guest (S-1-5-21-998330651-303224156-1059126384-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (HKLM-x32\...\{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (HKLM-x32\...\{A7AEE29F-839E-46B5-B347-6D430618129F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Any Video Converter 3.5.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Autodesk Pixlr (HKLM-x32\...\{B0547B43-3AEE-453C-9945-800DDF92052D}) (Version: 1.1.1.0 - Autodesk) Hidden
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.1.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (HKLM-x32\...\{0DEF8C02-2EAB-4BFE-A7E0-7990665DF1A9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (HKLM-x32\...\{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
Corel Applications (HKLM-x32\...\Corel Applications) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Garmin USB Drivers (HKLM\...\{956B3B73-29E8-423C-8973-D8085DE69E13}) (Version: 2.3.1.2 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google SketchUp 8 (HKLM-x32\...\{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}) (Version: 3.0.11752 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
gsimple 2.05 (HKLM-x32\...\gsimple) (Version: 2.05 - S.Kontogiannis)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 5740 series Basic Device Software (HKLM\...\{B09B89DC-91EF-4965-800D-2A5807D117D1}) (Version: 40.11.1135.17143 - HP Inc.)
HP Officejet 5740 series Help (HKLM-x32\...\{F17D53C7-DCE8-469C-9690-CF8F5903519C}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
iTunes (HKLM\...\{9C96D8AC-EE43-4B47-877C-D11595511C8E}) (Version: 12.10.3.1 - Apple Inc.)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Live Mail Password Decryptor (HKLM-x32\...\{2C7228FF-A6A8-49D1-BE08-7453AB5D0359}) (Version: 4.0 - SecurityXploded) Hidden
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.29 - PasswdFinder)
Mail Undelete Recovery Toolbox Free 2.3 (HKLM-x32\...\Mail Undelete Recovery Toolbox Free_is1) (Version:  - Recovery Toolbox, Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-998330651-303224156-1059126384-1004\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
Product Improvement Study for HP Officejet 5740 series (HKLM\...\{0E14A09E-FBF5-461C-A10B-62F231B1722C}) (Version: 40.11.1135.17143 - HP Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2216 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scanything V1.0.8 (HKLM-x32\...\Scanything) (Version: 1.0.8 - Scanything)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SewArt (HKLM\...\{233A5312-C6B1-48DB-8F62-5E1E2975F499}) (Version: 1.8.8 - S & S Computing)
SewWhat-Pro (HKLM\...\{5DF40802-1935-4B9F-9B7C-B16B6B875461}) (Version: 3.9.7 - S & S Computing)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype version 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Skype™ 7.41 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.41.101 - Skype Technologies S.A.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolidWorks 2011 x64 Edition SP02 (HKLM\...\{4F113377-0BA1-4552-9ABB-9BF220FAF132}) (Version: 19.120.49 - SolidWorks) Hidden
SolidWorks eDrawings 2011 x64 Edition SP02 (HKLM\...\{455804F2-70A9-46BD-BEB8-957000EC20D4}) (Version: 11.2.113 - Dassault Systèmes SolidWorks Corp.) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SQLAnywhere1000 (HKLM-x32\...\{349E9132-5101-4094-859E-0EEE6F3DDCD5}) (Version: 10.1.4157 - Merry Mechanization Inc)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.8 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.7.3 - Tweaking.com)
Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{D0A3A97D-7918-4B0B-B91E-775E00C36122}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A95E3E66-D5A4-404E-997D-02562AA492E8}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{90C3F44A-7F39-4AEA-AC41-E32F97208269}) (Version: 17.0.185.7427 - Wilcom) Hidden
Wilcom TrueSizer e3.0 (HKLM-x32\...\{E801DDB4-3CFC-496E-9E04-781EC2445D82}) (Version: 17.0.185.7427 - Wilcom)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{4CEEAF57-0208-4CA4-A473-914C2D2FFC23}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}\InprocServer32 -> C:\Program Files (x86)\TradeManager\AliIMX_64.dll => No File
CustomCLSID: HKU\S-1-5-21-998330651-303224156-1059126384-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FileAssociationHelper] -> {D5CF14A2-B3CA-49DC-8E3E-0BB233B26D09} => C:\Program Files\File Association Helper\FAHDll.dll [2014-01-28] (WinZip Computing LLC -> Nico Mak Computing)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2014-07-22] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\BR\Favorites\Fotor for desktop.lnk -> hxxp://www.fotor.com/desktop/index.htm
ShortcutWithArgument: C:\Users\BR\Desktop\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc
ShortcutWithArgument: C:\Users\BR\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_pjkljhegncpnkpknbcohdijeoejaedia\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\craigslist_ vancouver, BC jobs, apart.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=oodmfgjfnfmcjhffmmaepknoggiokdhk
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\BR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ogkjbfeahmkobkcbpjmjbdfcegiapnlc

==================== Loaded Modules (Whitelisted) =============

2016-06-07 23:10 - 2016-06-07 23:10 - 000125440 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000205824 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-12-08 12:26 - 2019-12-13 17:52 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 000259584 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libegl.dll
2019-12-08 12:26 - 2019-12-13 17:52 - 003044352 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libglesv2.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () [File not signed] C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-10-10 14:17 - 2007-07-17 15:26 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
2012-12-15 12:55 - 2005-03-12 00:07 - 000087040 _____ () [File not signed] C:\Windows\System32\pdfcmnnt.dll
2009-09-20 09:53 - 2009-09-20 09:53 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 09:53 - 2009-09-20 09:53 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 09:53 - 2009-09-20 09:53 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000338432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2010-10-22 12:08 - 2010-10-22 12:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2013-09-11 22:10 - 2013-09-11 22:10 - 000328704 _____ (Hewlett-Packard Co.) [File not signed] C:\Windows\System32\hpinksts7012LM.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2005-09-23 03:26 - 2005-09-23 03:26 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll
2005-09-23 03:33 - 2005-09-23 03:33 - 000247296 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2017-10-05 22:05 - 2017-10-05 22:05 - 002969600 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmCodecs.dll
2017-10-05 22:08 - 2017-10-05 22:08 - 000941056 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmMediaManager.dll
2017-10-05 22:03 - 2017-10-05 22:03 - 000654848 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPal.dll
2017-10-05 22:07 - 2017-10-05 22:07 - 010914816 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\RtmPltfm.dll
2017-10-05 22:04 - 2017-10-05 22:04 - 000089088 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2004-02-23 11:42 - 2004-02-23 11:42 - 001386496 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVBVM60.DLL
2012-03-16 02:02 - 2012-03-16 02:02 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-10-05 22:16 - 2017-10-05 22:16 - 027716608 ____R (Skype Technologies S.A.) [File not signed] C:\Program Files (x86)\Skype\Phone\SkypeSkylib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2019-01-04 01:01 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\SQL Anywhere 10\win32;C:\Program Files (x86)\SQL Anywhere 10\Sybase Central 5.0.0\win32;%PROGRAMFILES%\Internet Explorer;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-998330651-303224156-1059126384-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AliSafeEngine Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SentinelKeysServer => 2
MSCONFIG\Services: SentinelProtectionServer => 2
MSCONFIG\Services: SentinelSecurityRuntime => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Unchecky => 2
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\Services: wwbizsrv => 2

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{941584E1-854B-434D-85FE-08615386E6DD}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{24DB1A02-894B-4B50-80C3-AF89B7F3A379}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{0B6B3E9F-1303-4E14-8895-DA3ACC99F6CF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{1E3A6126-5910-4D3B-9911-15769D574BBB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4CB72E1A-D77F-4284-B7EA-15ECCA2A0518}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{849E739F-CA22-4888-A9A6-C5EE2B84C0D7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B3B2AC8C-624A-4D95-AA88-2C109ACF15C1}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{75B9D3FE-C59D-40B9-BB93-78365A52A88E}C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 5740 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C21344CC-E893-44F5-8E7E-701F26AB182D}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FA59B4A3-B4E9-4169-80CA-0ACAFF3299DB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D1A0FBE8-8102-4DCB-9C1B-4C6DA9A2E4B0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8BF19FE5-091A-4478-A1B9-B0F5988DB7EB}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DDEF6243-1EA8-4B81-9D35-C268ABDF94F0}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3C37859B-1FDB-4B6F-AC4C-69AA2592E700}] => (Allow) LPort=5357
FirewallRules: [{38935BAA-FB00-4F8E-AFF2-1ECFFCCB3402}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7F9AC02C-F9FA-4201-9C09-C06F7B5B630D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{747DE1F7-7A8F-4729-8D96-E06E0C5A5FFA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{B41BAFD4-3B90-42C3-B49D-50BD0A8FC864}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7FAC275E-EF51-4AE7-BF73-EB278A5117C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E11B348-E024-4FA4-974E-4ABA18354EA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{32037EE3-CB62-4E38-A5AA-9282CB2DB64D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{63B2AC6C-B348-4C36-A5A2-D3897AD25E9E}C:\users\br\downloads\lastskype\skype.exe] => (Allow) C:\users\br\downloads\lastskype\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4C186173-6240-41E4-B952-BD8BEE541592}C:\users\br\downloads\lastskype\skype.exe] => (Allow) C:\users\br\downloads\lastskype\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D122C3F6-5ADB-4E6D-92C7-92BBD59D7880}] => (Allow) LPort=5060
FirewallRules: [{94C1293C-FDD6-4C82-9154-F8E4044A5BC3}] => (Allow) LPort=5060
FirewallRules: [{BBB75CFF-EC99-4774-8155-547F28809543}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D01CFA03-1BA8-4EA9-A86F-CC6E770F03C2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B99D4FD-F3D3-451D-A0C4-183222C8745F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BBD7D73-8AA0-4574-80C0-423169522C48}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{981237FF-8ED1-4BB2-BE45-3263D7508E01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B527783B-C33A-4F54-893A-C2D6F033491C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BF29DDB-82EC-47D1-BC27-63311912B242}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AEC82EC9-7004-4C5C-A960-6FD1A11D564B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71F37F46-916E-45CF-9F3B-B92AF2D83A04}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{709BC2A4-9C30-4A50-9DE6-AA734B0C02CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Restore Points =========================

28-12-2018 09:24:34 Scheduled Checkpoint
09-01-2019 03:00:26 Windows Update
09-01-2019 05:32:54 Windows Update
16-01-2019 03:00:11 Windows Update
25-01-2019 00:09:48 Scheduled Checkpoint
11-02-2019 07:05:09 Removed 0501(English)
11-02-2019 09:49:29 Restore Point Created by FRST
11-02-2019 10:17:08 Restore Point Created by FRST
13-02-2019 03:01:14 Windows Update
15-02-2019 07:29:49 Removed Java 8 Update 66
13-03-2019 02:01:10 Windows Update
14-03-2019 02:01:00 Windows Update
24-03-2019 23:09:19 Scheduled Checkpoint
27-03-2019 02:00:13 Windows Update
04-04-2019 02:00:13 Windows Update
11-04-2019 02:00:14 Windows Update
14-04-2019 02:00:59 Windows Update
30-04-2019 23:00:59 Scheduled Checkpoint
15-05-2019 02:00:27 Windows Update
03-06-2019 23:05:17 Scheduled Checkpoint
14-06-2019 16:18:20 Removed Sentinel Protection Installer 7.6.6
14-06-2019 16:20:36 Removed Free DWG Viewer 7.3.
14-06-2019 16:24:23 Removed LightScribe System Software.
14-06-2019 16:26:00 Configured PowerStarter
14-06-2019 16:26:45 Configured HP
14-06-2019 16:28:53 Configured Power2Go
14-06-2019 16:31:31 Removed SMPIS.
14-06-2019 16:33:45 Removed SQLAnywhere1000.
14-06-2019 16:37:35 Revo Uninstaller's restore point - ArtCAM 2015 (64-bit)
14-06-2019 16:38:41 Revo Uninstaller's restore point - ArtCAM 2015 (64-bit)
15-06-2019 02:00:44 Windows Update
16-06-2019 02:00:23 Windows Update
16-06-2019 06:08:34 Revo Uninstaller's restore point - SolidWorks 2011 x64 Edition SP02
16-06-2019 06:12:22 Revo Uninstaller's restore point - SolidWorks Explorer 2011 SP02
16-06-2019 06:13:50 Removed SolidWorks Explorer 2011 SP02.
16-06-2019 06:16:38 Removed SolidWorks eDrawings 2011 SP02.
27-06-2019 22:38:00 Scheduled Checkpoint
11-07-2019 02:00:14 Windows Update
25-07-2019 02:00:34 Windows Update
14-08-2019 02:00:20 Windows Update
11-09-2019 02:00:42 Windows Update
12-09-2019 02:00:28 Windows Update
15-09-2019 02:00:12 Windows Update
16-09-2019 02:00:22 Windows Update
02-10-2019 22:44:37 Scheduled Checkpoint
04-10-2019 02:00:17 Windows Update
09-10-2019 02:00:32 Windows Update
13-11-2019 03:00:20 Windows Update
14-11-2019 03:00:15 Windows Update
30-11-2019 11:25:23 Scheduled Checkpoint
08-12-2019 11:38:38 Installed Skype™ 7.41
08-12-2019 11:58:20 Installed Skype™ 7.41
11-12-2019 03:00:26 Windows Update
21-12-2019 01:43:33 Scheduled Checkpoint
04-01-2020 11:53:57 Scheduled Checkpoint
12-01-2020 07:45:51 Removed Apple Application Support (64-bit)
12-01-2020 07:47:23 Removed Apple Application Support (64-bit)
12-01-2020 07:49:55 Removed Apple Application Support (32-bit)
12-01-2020 07:51:40 Removed Bonjour
12-01-2020 07:52:38 Removed Apple Mobile Device Support
12-01-2020 08:03:42 Removed iTunes
12-01-2020 08:23:14 Installed iTunes
26-01-2020 13:49:52 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Description: Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/27/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/26/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/25/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/24/2020 12:00:06 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/23/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/22/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/21/2020 12:00:05 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/20/2020 12:00:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

System errors:
=============
Error: (01/26/2020 03:32:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/26/2020 09:56:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (01/26/2020 09:54:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The aswbIDSAgent service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/26/2020 09:54:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the aswbIDSAgent service to connect.

Error: (01/26/2020 09:54:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/26/2020 09:54:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (01/26/2020 09:53:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

Error: (01/26/2020 09:53:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

CodeIntegrity:
===================================

Date: 2018-11-14 03:40:07.722
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:59.014
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 12:29:58.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.175
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 05:07:52.034
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.641
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:51:43.314
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-21 04:29:01.016
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5.14 11/13/2009
Motherboard: PEGATRON CORPORATION Eureka3
Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 75%
Total physical RAM: 7133.18 MB
Available physical RAM: 1778.04 MB
Total Virtual: 14264.5 MB
Available Virtual: 9165.64 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:151.93 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{b853008b-6d0c-11e1-b88a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0

Advertisements


#11
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
Adobe CEF Helper.exe  40,500 K 54,924 K 1844 Adobe CEF Helper Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
AdobeIPCBroker.exe  4,884 K 8,792 K 284 Adobe IPC Broker Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
ApplePhotoStreams.exe  12,532 K 30,792 K 732 iCloud Photos Apple Inc. (Verified) Apple Inc.
APSDaemon.exe  5,160 K 15,440 K 5036 Apple Push Apple Inc. (Verified) Apple Inc.
armsvc.exe  1,244 K 4,368 K 1160 Adobe Acrobat Update Service Adobe Systems (Verified) Adobe Inc.
AvastUI.exe  10,840 K 28,180 K 1848 Avast Antivirus  AVAST Software (Verified) AVAST Software s.r.o.
CCXProcess.exe  720 K 2,784 K 5820 CCXProcess Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
chrome.exe  2,672 K 6,560 K 6672 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  2,920 K 7,580 K 9700 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  24,512 K 45,736 K 7884 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  23,492 K 39,184 K 10064 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  14,424 K 22,072 K 11176 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  23,308 K 41,996 K 6608 Google Chrome Google LLC (Verified) Google LLC
chrome.exe  22,596 K 48,276 K 10544 Google Chrome Google LLC (Verified) Google LLC
conhost.exe  1,468 K 4,044 K 6104 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
GoogleCrashHandler.exe  1,564 K 528 K 5672 Google Crash Handler Google LLC (Verified) Google LLC
GoogleCrashHandler64.exe  1,648 K 580 K 6188 Google Crash Handler Google LLC (Verified) Google LLC
hkcmd.exe  3,600 K 11,772 K 1200 hkcmd Module Intel Corporation (Verified) Intel Corporation
hpqtra08.exe  4,096 K 11,956 K 3108 HP Digital Imaging Monitor Hewlett-Packard Co. (No signature was present in the subject) Hewlett-Packard Co.
iCloudDrive.exe  13,276 K 30,476 K 2100 iCloud Drive Apple Inc. (Verified) Apple Inc.
iCloudServices.exe  84,320 K 99,552 K 504 iCloud Apple Inc. (Verified) Apple Inc.
igfxpers.exe  2,636 K 7,756 K 1496 persistence Module Intel Corporation (Verified) Intel Corporation
issch.exe  2,048 K 5,396 K 4416 InstallShield Update Service Scheduler Macrovision Corporation (No signature was present in the subject) Macrovision Corporation
itype.exe  6,352 K 2,832 K 1628 IType.exe Microsoft Corporation (Verified) Microsoft Corporation
jucheck.exe  4,780 K 13,632 K 5252 Java Update Checker Oracle Corporation (Verified) Oracle America, Inc.
jusched.exe  2,868 K 8,600 K 4444 Java Update Scheduler Oracle Corporation (Verified) Oracle America, Inc.
lsass.exe  12,040 K 20,612 K 692 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe  2,496 K 6,340 K 2464 Bonjour Service Apple Inc. (Verified) Apple Inc.
node.exe  52,424 K 59,176 K 2480 Node.js: Server-side JavaScript Node.js (Verified) Node.js Foundation
procexp.exe  4,728 K 8,536 K 9564 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
services.exe  6,260 K 11,044 K 684 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
Skype.exe  5,156 K 10,056 K 2816 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
Skype.exe  16,984 K 36,368 K 1492 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
Skype.exe  10,172 K 14,056 K 6040 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
smss.exe  596 K 1,392 K 360 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  7,504 K 15,572 K 1768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  4,928 K 9,504 K 2624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  3,120 K 6,776 K 288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  4,880 K 5,516 K 6068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  4,268 K 7,892 K 2492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  1,424 K 4,124 K 2944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,420 K 6,400 K 2900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  15,652 K 19,616 K 1264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  1,532 K 4,260 K 2776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  10,244 K 17,344 K 304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  3,484 K 8,836 K 2664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  20,064 K 22,588 K 1000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe  2,696 K 7,480 K 2284 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe  2,848 K 7,908 K 2348 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe  4,140 K 6,520 K 7756 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
USBKVM.exe  2,064 K 7,700 K 3176 Trendnet USB-KVM SwitcherSoftware  (No signature was present in the subject)
WDDriveUtilitiesHelper.exe  3,780 K 9,148 K 4284 WD Drive Utilities Helper Western Digital Technologies, Inc. (Verified) Western Digital Technologies, Inc.
wininit.exe  2,048 K 5,312 K 576 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  3,792 K 8,552 K 620 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE  1,496 K 3,856 K 3204 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WR_Tray_Icon.exe  2,024 K 612 K 4912 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
wuauclt.exe  2,412 K 7,748 K 7020 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe  2,272 K 6,728 K 4168 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
MBAMService.exe < 0.01 20,036 K 52,372 K 3404 Malwarebytes Service Malwarebytes (Verified) Malwarebytes Corporation
spoolsv.exe < 0.01 10,532 K 19,480 K 1796 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
ipoint.exe < 0.01 5,708 K 2,620 K 1632 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
WmiPrvSE.exe < 0.01 19,084 K 25,624 K 10956 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 4,356 K 14,028 K 1376 iTunesHelper Apple Inc. (Verified) Apple Inc.
wmpnetwk.exe < 0.01 4,808 K 3,512 K 2720 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 8,060 K 12,660 K 904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Adobe Desktop Service.exe < 0.01 59,408 K 83,356 K 5000 Creative Cloud Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
WLIDSVC.EXE < 0.01 8,348 K 17,840 K 2136 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
csrss.exe < 0.01 2,748 K 5,392 K 512 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
CoreSync.exe < 0.01 11,444 K 26,412 K 6096 Core Sync  (Verified) Adobe Systems Incorporated
mbamtray.exe < 0.01 24,684 K 38,876 K 1832 Malwarebytes Tray Application Malwarebytes (Verified) Malwarebytes Inc
svchost.exe < 0.01 26,460 K 30,928 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 50,596 K 35,668 K 3648 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
psi_tray.exe < 0.01 1,180 K 4,808 K 3128 Secunia PSI Tray Secunia (Verified) Secunia
taskhost.exe < 0.01 9,812 K 14,836 K 1924 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe < 0.01 5,828 K 15,860 K 2164 ScanToPCActivationApp HP Inc. (Verified) Hewlett Packard
iPodService.exe < 0.01 2,696 K 7,336 K 3828 iPod Service Apple Inc. (Verified) Apple Inc.
HPNETW~1.EXE 0.01 3,944 K 10,592 K 4336 HPNetworkCommunicatorCom HP Inc. (Verified) Hewlett Packard
lsm.exe 0.01 3,216 K 5,232 K 700 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 4,300 K 8,596 K 2936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
CCleaner64.exe 0.01 33,388 K 2,072 K 5296 CCleaner Piriform Ltd (Verified) Piriform Ltd
Skype.exe 0.01 112,888 K 132,048 K 6844 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
WDDriveAutoUnlock.exe 0.01 2,320 K 7,532 K 4180 WD Drive Auto Unlock Western Digital Technologies, Inc. (Verified) Western Digital Technologies, Inc.
svchost.exe 0.01 5,560 K 11,648 K 804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WDDMStatus.exe 0.01 16,844 K 22,568 K 4308 WD Quick View Western Digital Technologies, Inc. (Verified) Western Digital Technologies, Inc.
Skype.exe 0.02 11,744 K 25,332 K 5744 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
chrome.exe 0.02 22,452 K 39,696 K 10008 Google Chrome Google LLC (Verified) Google LLC
CLMLSvc.exe 0.02 45,092 K 3,748 K 3364 CyberLink MediaLibray Service CyberLink (Verified) CyberLink
svchost.exe 0.02 32,860 K 50,928 K 452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.02 52,928 K 82,384 K 1676 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.02 24,664 K 46,140 K 10568 Google Chrome Google LLC (Verified) Google LLC
Skype.exe 0.03 39,512 K 78,564 K 2800 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
AvastSvc.exe 0.03 196,352 K 40,960 K 1408 Avast Antivirus  Service AVAST Software (Verified) AVAST Software s.r.o.
mdm.exe 0.04 2,528 K 6,164 K 2696 Machine Debug Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
chrome.exe 0.05 86,996 K 159,640 K 10888 Google Chrome Google LLC (Verified) Google LLC
Creative Cloud.exe 0.05 50,084 K 100,732 K 988 Adobe Creative Cloud Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
chrome.exe 0.05 68,760 K 114,136 K 10184 Google Chrome Google LLC (Verified) Google LLC
svchost.exe 0.06 217,180 K 223,128 K 128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Skype.exe 0.07 79,496 K 80,104 K 2208 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
Adobe CEF Helper.exe 0.09 40,132 K 50,884 K 7100 Adobe CEF Helper Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
AvastUI.exe 0.17 32,592 K 49,660 K 1352 Avast Antivirus  AVAST Software (Verified) AVAST Software s.r.o.
System 0.18 9,176 K 447,808 K 4  
csrss.exe 0.18 4,376 K 36,876 K 584 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
FAHWindow.exe 0.43 4,260 K 10,712 K 1404 File Association Helper Nico Mak Computing (Verified) WinZip Computing LLC
Interrupts 0.45 0 K 0 K n/a Hardware Interrupts and DPCs 
dwm.exe 0.52 75,328 K 52,256 K 1668 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 1.71 39,992 K 64,240 K 10852 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 95.66 0 K 24 K 0

 

Image Name                     PID Services                                   
========================= ======== ============================================
System Idle Process              0 N/A                                        
System                           4 N/A                                        
smss.exe                       360 N/A                                        
csrss.exe                      512 N/A                                        
wininit.exe                    576 N/A                                        
csrss.exe                      584 N/A                                        
winlogon.exe                   620 N/A                                        
services.exe                   684 N/A                                        
lsass.exe                      692 KeyIso, SamSs                              
lsm.exe                        700 N/A                                        
svchost.exe                    804 DcomLaunch, PlugPlay, Power                
svchost.exe                    904 RpcEptMapper, RpcSs                        
svchost.exe                   1000 AudioSrv, Dhcp, eventlog,                  
                                   HomeGroupProvider, lmhosts, wscsvc         
svchost.exe                    128 AudioEndpointBuilder, hidserv,             
                                   HomeGroupListener, Netman, PcaSvc, SysMain,
                                   TrkWks, UxSms, Wlansvc, WPDBusEnum, wudfsvc
svchost.exe                    304 EventSystem, fdPHost, FontCache, netprofm, 
                                   nsi, WdiServiceHost                        
svchost.exe                    452 AeLookupSvc, Appinfo, BITS, Browser,       
                                   EapHost, IKEEXT, iphlpsvc, LanmanServer,   
                                   MMCSS, ProfSvc, Schedule, seclogon, SENS,  
                                   ShellHWDetection, Themes, Winmgmt, wuauserv
svchost.exe                    288 gpsvc                                      
svchost.exe                   1140 CryptSvc, Dnscache, LanmanWorkstation,     
                                   NlaSvc, TermService                        
svchost.exe                   1264 BFE, DPS, MpsSvc, WwanSvc                  
AvastSvc.exe                  1408 avast! Antivirus                           
dwm.exe                       1668 N/A                                        
explorer.exe                  1676 N/A                                        
spoolsv.exe                   1796 Spooler                                    
taskhost.exe                  1924 N/A                                        
armsvc.exe                    1160 AdobeARMservice                            
hkcmd.exe                     1200 N/A                                        
igfxpers.exe                  1496 N/A                                        
FAHWindow.exe                 1404 N/A                                        
iTunesHelper.exe              1376 N/A                                        
iCloudServices.exe             504 N/A                                        
AvastUI.exe                   1352 N/A                                        
ApplePhotoStreams.exe          732 N/A                                        
iCloudDrive.exe               2100 N/A                                        
ScanToPCActivationApp.exe     2164 N/A                                        
Skype.exe                     2208 N/A                                        
taskeng.exe                   2284 N/A                                        
mDNSResponder.exe             2464 Bonjour Service                            
svchost.exe                   2492 DiagTrack                                  
svchost.exe                   2624 FDResPub, SSDPSRV                          
svchost.exe                   2664 hpqcxs08, hpqddsvc                         
mdm.exe                       2696 MDM                                        
svchost.exe                   2776 Net Driver HPZ12                           
svchost.exe                   2944 Pml Driver HPZ12                           
svchost.exe                   1768 stisvc                                     
WLIDSVC.EXE                   2136 wlidsvc                                    
taskeng.exe                   2348 N/A                                        
ipoint.exe                    1632 N/A                                        
itype.exe                     1628 N/A                                        
wmpnetwk.exe                  2720 WMPNetworkSvc                              
Skype.exe                     2800 N/A                                        
hpqtra08.exe                  3108 N/A                                        
psi_tray.exe                  3128 N/A                                        
USBKVM.exe                    3176 N/A                                        
WLIDSVCM.EXE                  3204 N/A                                        
CLMLSvc.exe                   3364 N/A                                        
MBAMService.exe               3404 MBAMService                                
SearchIndexer.exe             3648 WSearch                                    
iPodService.exe               3828 iPod Service                               
svchost.exe                   2936 HPSLPSVC                                   
svchost.exe                   2900 PolicyAgent                                
Creative Cloud.exe             988 N/A                                        
WUDFHost.exe                  4168 N/A                                        
WDDriveAutoUnlock.exe         4180 N/A                                        
WDDriveUtilitiesHelper.ex     4284 N/A                                        
WDDMStatus.exe                4308 N/A                                        
HPNETW~1.EXE                  4336 N/A                                        
issch.exe                     4416 N/A                                        
jusched.exe                   4444 N/A                                        
WR_Tray_Icon.exe              4912 N/A                                        
APSDaemon.exe                 5036 N/A                                        
Skype.exe                     2816 N/A                                        
Adobe CEF Helper.exe          1844 N/A                                        
Skype.exe                     1492 N/A                                        
AvastUI.exe                   1848 N/A                                        
Skype.exe                     5744 N/A                                        
AdobeIPCBroker.exe             284 N/A                                        
Adobe Desktop Service.exe     5000 N/A                                        
jucheck.exe                   5252 N/A                                        
CCleaner64.exe                5296 N/A                                        
CoreSync.exe                  6096 N/A                                        
CCXProcess.exe                5820 N/A                                        
node.exe                      2480 N/A                                        
conhost.exe                   6104 N/A                                        
Skype.exe                     6844 N/A                                        
svchost.exe                   6068 SDRSVC                                     
GoogleCrashHandler.exe        5672 N/A                                        
Adobe CEF Helper.exe          7100 N/A                                        
GoogleCrashHandler64.exe      6188 N/A                                        
Skype.exe                     6040 N/A                                        
mbamtray.exe                  1832 N/A                                        
wuauclt.exe                   7020 N/A                                        
taskhost.exe                  7756 N/A                                        
chrome.exe                   10888 N/A                                        
chrome.exe                    6672 N/A                                        
chrome.exe                    9700 N/A                                        
chrome.exe                   10544 N/A                                        
chrome.exe                   10008 N/A                                        
chrome.exe                   10184 N/A                                        
chrome.exe                   10064 N/A                                        
WmiPrvSE.exe                 10956 N/A                                        
chrome.exe                    6608 N/A                                        
chrome.exe                   10568 N/A                                        
chrome.exe                    7884 N/A                                        
chrome.exe                   11176 N/A                                        
procexp.exe                   9564 N/A                                        
procexp64.exe                10852 N/A                                        
notepad.exe                  10584 N/A                                        
audiodg.exe                  10276 N/A                                        
cmd.exe                       4728 N/A                                        
conhost.exe                   9904 N/A                                        
tasklist.exe                  6244 N/A                                        
WmiPrvSE.exe                 11232 N/A


  • 0

#12
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Attached File  BRIAN-PC.txt   409.24KB   12 downloads


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Go back into Chrome to:

chrome://settings/

Advanced

Privacy and Security

Site Settings

Notifications.  Verify it says Blocked.

 

Go to:

https://all3dp.com

Left Click on the lock icon to the left of the URL.

The top line should be Notifications.  It should say Block or Block (Default).  If it says Allow then change it to Block.

 

Repeat for:

 

https://ca.letgo.com;https://drfone.wondershare.com; https://fres-news.com; https://mail.google.com; https://www.backyardboss.net; https://www.bookingbuddy.com; https://www.chatfieldcourt.com; https://www.cruisecritic.com; https://www.dxfdownloads.com; https://www.dxfforcnc.com; https://www.esky.com; https://www.ironplanet.com; https://www.jetsetter.com; https://www.kijiji.ca; https://www.letgo.com; https://www.reddit.com; https://www.wegotravel.ca; https://www.youtube.com

 

When exactly do you see these popups?   Do you see them before Chrome starts up?

 

What do they say?


 


  • 0

#14
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

I Verified it says Blocked, but I dont see any lock icon on https://all3dp.comit is a site for 3d printing only?


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

I've drawn a sort of circle in red around the lock icon.

lock.jpg


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP