Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

For RKinner


  • Please log in to reply

#1
rogerbid

rogerbid

    Member

  • Member
  • PipPipPip
  • 255 posts

Hello Ron

 

Thanks for your quick reply and for agreeing to look at my aging PC.  I will paste the 2 FRST .txt files below as requested.  If the results show serious problems then you might think it is beyond hope, I will accept that.  It is getting very old now, and in the past I have not been hesitant in experimenting with a lot of video and photo editing programs.  there are programs which I cannot identify even!

 

I look forward to hearing from you when you have a moment,

 

thanks,

 

Roger

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-08-2020
Ran by Roger (administrator) on ASUSWIN7 (08-09-2020 16:11:27)
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger & 
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Windows\System32\AFRCtl.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ArcSoft, Inc.) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\Vpn.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(Beiley Software -> Beiley Software Inc.) C:\Program Files\Handy Address Book\habook.exe
(Beiley Software, Inc. -> Beiley Software Inc.) C:\Program Files\Remind-Me\RemindMe.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Canon Inc. -> ) C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\EaseUS Tools M\bin\EaseUS Tools M.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files\Dropbox\Client\104.4.175\QtWebEngineProcess.exe <2>
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ROUTE.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\rpbgconverter.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-ufad.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [219888 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AFRCtl] => C:\Windows\system32\AFRCtl.exe [94208 2009-11-18] () [File not signed]
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [7651840 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Ashampoo Backup PB] => "C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupClient-abpb.exe" --hidden
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [145544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [353064 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [EaseUS FixTool] => C:\Program Files\EaseUS\EaseUS Tools M\bin\UpdateExe.exe [131752 2019-12-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [264504 2020-05-20] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MG3200 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDB8.DLL [29184 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDCT.DLL [29184 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\W32X86\hpfpp70w.dll [315904 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3200 series: C:\Windows\system32\CNMLMB8.DLL [314880 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [329728 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMNPPM.DLL [380928 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\Windows\system32\hpf3l70w.dll [123904 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-03] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2018-12-26]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-12-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2019-04-10]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-02-25]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Handy Address Book.lnk [2018-11-26]
ShortcutTarget: Handy Address Book.lnk -> C:\Program Files\Handy Address Book\habook.exe (Beiley Software -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2020-03-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemindMe.lnk [2020-09-05]
ShortcutTarget: RemindMe.lnk -> C:\Program Files\Remind-Me\RemindMe.exe (Beiley Software, Inc. -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinCal.exe - Shortcut.lnk [2013-01-05]
ShortcutTarget: WinCal.exe - Shortcut.lnk -> C:\Program Files\Windows Calendar\Windows Calendar\WinCal.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08655404-22B9-41B6-86D4-970511E09F7B} - System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.259&LastError=404
Task: {0F6E12E3-4226-417A-A231-53393B08F929} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {170C7E52-0CB8-4349-BB7B-117CE0AA881A} - System32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {17AC67E4-293E-4C78-BAD6-CC608EA648DF} - System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {24712E3A-6DD3-46F7-8614-A8F26CFBEE9B} - System32\Tasks\{E4604945-0C1D-4044-8048-72C82689A17A} => C:\Windows\system32\pcalua.exe -a C:\Users\Roger\AppData\Local\Temp\Temp1_spa-v1.0.0.1.zip\spa-v1.0.0.1.exe <==== ATTENTION
Task: {2546E1CE-F973-4AF8-BBA4-0077818B38A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {26742495-0591-4860-923B-B85A1E34C04E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => c:\program files\real\RealDownloader\recordingmanager.exe [959784 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {280A4ED5-C61C-43AB-9BF1-688833FD45AA} - System32\Tasks\ArcSoft Connect => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
Task: {280C85C2-8484-411D-974C-DC74B31DFEAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {29165135-47C9-4734-943E-32F72DB056A4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {32DDA9B8-1A15-4D5D-A67B-F3FA4EC05BDE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3379336 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {331A22D7-8DEF-4DEB-8DCF-B22219DA1373} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {3A4EE802-316A-41AB-841F-694DB5D71FA0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {41D7B4E7-84C5-4357-A95B-19AA94A23816} - System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.22.73.109.456/en/go/help.faq.installer?LastError=1618
Task: {466366D4-E832-48C8-A10A-7A0C3F53E18E} - System32\Tasks\{C95291DD-5623-4D68-8ABC-DA127FE40FF6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVG\AVG10\avgmfapx.exe" -d C:\Windows\system32 -c /AppMode=DOWNLOADMANAGER /SummerUpdate /PackageType=Free /ProductType=Free
Task: {4E7D70B3-AAF7-4C4D-9962-CEEDA955CAA0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {5F49632E-DF83-4CBA-971E-6A56A3204572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {628D1309-5D6D-4D72-BF99-94C68AA1B6AB} - System32\Tasks\{F67A763C-4647-406A-B1BD-3E92E71A0249} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}
Task: {6C764E46-C424-4A1E-82DD-FA3803122A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {79354257-799D-4945-84BC-D0C9A5431230} - System32\Tasks\AVG EUpdate Task => C:\Program Files\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {7A614177-6323-482B-B0DA-DBE2587D59D9} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1067384 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {819AB425-01A0-4D2B-9FFE-FB5C85BF9636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {82090DEC-2A5B-4196-ABC3-CB50678CB7C4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {AFC6934B-C020-4201-BF83-5FF93C12F66B} - System32\Tasks\{ADFC604C-A639-463A-A9E4-7AFF6F2FEC97} => C:\Windows\system32\pcalua.exe -a "I:\DOWNLOADS\Officeworks Photobook\OfficeworksPhotobooks.exe" -d "I:\DOWNLOADS\Officeworks Photobook"
Task: {BA2E76E0-3D3D-42F5-8065-758A8A066D1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {BCFA692A-3548-4F2C-8262-95AA24956894} - System32\Tasks\{18275A14-5BCE-45CE-AB72-69AFAE5EB945} => C:\Windows\system32\pcalua.exe -a H:\Setup.exe -d H:\
Task: {C140EB10-A5DC-4F74-8303-858CCEA65E25} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3AA7C8C-4045-4D9D-B0ED-A7954CB763FD} - System32\Tasks\{86AC117D-F25A-4ADE-A95D-73AE2C88C14B} => C:\Windows\system32\pcalua.exe -a "I:\Program Files\Data Recovery Wizard\uninst.exe" -d "I:\Program Files\Data Recovery Wizard"
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {D3A0C160-1CD9-41FD-A6B7-D1E3E2F0E013} - System32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {D7163909-EE65-4E55-92C0-99D9F415783D} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {DADB260A-B976-467F-A368-32503DAB6779} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {DC5AF3DC-7B6F-4E1A-AD7F-7BD52D193D39} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1441928 2020-03-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E49C989F-E328-46F2-B389-F65D3A56B192} - System32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {E6C28341-1C15-49CA-AE24-B631664A87CE} - System32\Tasks\RealDownloader Update Check => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
Task: {EF82AFBE-C61C-4528-9973-749FD0E3BF36} - System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {FCBF0D38-0B46-45E5-92C2-D3218F29F709} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE0BCC74-33E8-4762-9D71-7FF40F44B491} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 11 C:\Program Files\VMware\VMware Player\vsocklib.dll [346736 2010-11-11] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 12 C:\Program Files\VMware\VMware Player\vsocklib.dll [346736 2010-11-11] (VMware, Inc. -> VMware, Inc.)
Tcpip\..\Interfaces\{2E28A1D1-7DDB-4547-B6E4-64478D788640}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{92EFEF13-D0D7-471D-84B5-B8499FF31EE2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AD353DAA-B25B-4B5C-B251-01DED43CECF9}: [NameServer] 100.120.4.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.5,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.88.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.159.1,1]
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/?gws_rd=ssl
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc. -> McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -  No File
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  No File
URLSearchHook: [S-1-5-21-3345017777-2939274015-3433995129-1005] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> DefaultScope {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2019-02-20] (RealNetworks, Inc. -> RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~2\WONDER~1\VIDEOC~1\WSBROW~1.DLL => No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-08]
Edge HomePage: Default -> hxxps://www.google.com.au/?gws_rd=ssl
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-08-31]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-09] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor [2012-11-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi => not found
FF HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Firefox\Extensions: [[email protected]] - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> I:\Program Files\Picasa\Picasa3\npPicasa3.dll [2014-06-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @real.com/nppl3260;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2019-04-10] (RealNetworks, Inc. -> RealPlayer)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-18] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default [2020-09-08]
CHR Notifications: Default -> hxxps://book.qantas.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521","hxxp://www.google.com/"
CHR Extension: (YouTube) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google Search) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (AVG AntiTrack) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncnfnokfcpgpflfikmgpncmleckjllf [2020-01-04]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-11-13]
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx <not found>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [328768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [963224 2020-08-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6954944 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189832 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corporation -> Microsoft Corp.)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [37384 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
R3 hpqcxs08; I:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; I:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [398784 2019-04-22] (Canon Inc. -> )
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [95232 2012-10-23] (McAfee, Inc. -> McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc. -> McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\program files\real\UpdateService\RealPlayerUpdateSvc.exe [38032 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [990856 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 SecureVpn; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [6909048 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [5228896 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 ufad-ws60; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc. -> VMware, Inc.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [38752 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [113264 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [334448 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [539248 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [404080 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Technologies CZ, s.r.o. -> AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
R2 WO_LiveService; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] (Ashampoo GmbH & Co. KG -> )
S2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [112560 2020-04-21] (Wondershare Technology Co.,Ltd -> Wondershare)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> ITETech)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (ArcSoft, Inc. -> Arcsoft, Inc.)
S3 APL531; C:\Windows\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1221632 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [175320 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [188552 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [154760 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [56456 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [40792 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [147768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [374240 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2017-12-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [94248 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [72896 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [691120 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [393544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [163368 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [49136 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [277008 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2013-10-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [508632 2014-03-25] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [152400 2012-05-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [175144 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [33832 2011-09-18] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [18728 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-04] () [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [32368 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 LiveTunerPM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor32.sys [12696 2011-03-08] (ashampoo GmbH & Co. KG -> )
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2011-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [154664 2009-05-12] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R3 PKWCap; C:\Windows\System32\DRIVERS\PKWCap.sys [1056384 2007-03-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation -> Corel Corporation)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-19] (Sokno S.R.L. -> Almico Software)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44704 2010-10-04] (Acronis, Inc -> Acronis)
R3 TotRec7; C:\Windows\System32\drivers\TotRec7.sys [131152 2010-04-12] (High Criteria Inc -> High Criteria inc.)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [91216 2010-04-12] (High Criteria Inc -> High Criteria inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-11-15] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [24688 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16560 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [36400 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26352 2010-11-11] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [854128 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-ws60; C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [22448 2010-08-19] (VMware, Inc. -> VMware, Inc.)
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation -> Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
Error(1) reading file: "C:\Windows\system32\Tasks\RealPlayer (32-bit) "
2029-01-01 00:02 - 2029-01-01 00:02 - 000000000 ____D C:\Users\Roger\AppData\Local\{A674C75E-E10E-4AD4-8C52-14C3C6C6B6DF}
2020-09-08 15:45 - 2020-09-08 15:49 - 000062981 _____ C:\Users\Roger\Desktop\Addition.txt
2020-09-08 15:39 - 2020-09-08 16:14 - 000052795 _____ C:\Users\Roger\Desktop\FRST.txt
2020-09-08 15:34 - 2020-09-08 16:13 - 000000000 ____D C:\FRST
2020-09-08 10:40 - 2020-09-08 10:35 - 002014208 _____ (Farbar) C:\Users\Roger\Desktop\FRST.exe
2020-09-02 10:02 - 2020-09-07 13:58 - 000003328 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-02 10:02 - 2020-09-07 13:58 - 000003194 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-08-27 17:24 - 2020-08-27 17:26 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (2).exe
2020-08-27 17:23 - 2020-08-27 17:25 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (1).exe
2020-08-27 16:33 - 2020-08-27 16:33 - 000000000 ____D C:\Program Files (x86)
2020-08-25 11:19 - 2020-08-25 11:21 - 000000000 ____D C:\Users\Roger\AppData\Local\{E07BE30A-AED0-4C2C-96D8-F35DFAA8CBDE}
2020-08-20 17:19 - 2020-08-20 17:19 - 000010313 _____ C:\Users\Roger\Documents\amelie 1.xlsx
2020-08-19 15:41 - 2020-08-19 15:44 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller.exe
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
2020-08-15 11:54 - 2020-08-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-08-14 19:25 - 2020-08-13 12:06 - 000283272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-08-13 12:08 - 2020-08-14 19:26 - 000048496 _____ () C:\Windows\system32\Drivers\staport.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000163368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000147768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000037384 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-08-10 16:15 - 2020-08-10 16:15 - 000000000 ____D C:\Users\Roger\AppData\Local\{1BBEE513-FB95-47EA-810E-76E67DCBC4D4}
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-08 15:44 - 2016-04-08 11:44 - 000000894 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-09-08 15:38 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-08 15:38 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-08 15:31 - 2020-04-18 08:58 - 000000000 ____D C:\Users\Roger\Downloads\Viral videos
2020-09-08 15:30 - 2015-11-09 11:30 - 000000000 ____D C:\Users\Roger\Downloads\FileZilla
2020-09-08 14:24 - 2017-08-30 14:31 - 004036096 ___SH C:\Users\Roger\Desktop\Thumbs.db
2020-09-08 09:41 - 2016-09-21 13:44 - 000003588 _____ C:\Windows\system32\Tasks\AVG EUpdate Task
2020-09-07 14:19 - 2020-07-01 19:24 - 000000000 ____D C:\Users\Roger\Documents\Wondershare Filmora
2020-09-07 14:18 - 2020-07-01 19:52 - 000002796 _____ C:\Users\Roger\Documents\starburn.txt
2020-09-07 14:18 - 2019-04-04 13:41 - 000000000 ____D C:\Users\Roger\AppData\Roaming\obs-studio
2020-09-07 14:10 - 2015-10-24 17:20 - 000000000 ____D C:\ProgramData\Avg
2020-09-07 14:04 - 2020-01-03 15:18 - 000000000 ____D C:\Users\Roger\AppData\Roaming\epm
2020-09-07 14:02 - 2017-05-30 11:36 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-09-07 14:00 - 2011-03-02 15:40 - 000000000 ____D C:\ProgramData\VMware
2020-09-07 13:58 - 2016-04-08 11:44 - 000000890 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-09-07 13:57 - 2010-11-07 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-07 13:57 - 2009-07-14 14:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-06 20:20 - 2011-05-15 16:45 - 000000000 ____D C:\Users\Roger\AppData\Roaming\FileZilla
2020-09-06 20:19 - 2010-10-04 11:16 - 000001191 _____ C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2020-09-06 17:52 - 2013-02-01 21:01 - 000000000 ____D C:\Users\Roger\Documents\ConvertXToDVD
2020-09-06 17:50 - 2018-07-15 16:07 - 000000000 ____D C:\Users\Roger\AppData\Local\CrashDumps
2020-09-06 17:31 - 2010-10-04 11:16 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Vso
2020-09-03 19:16 - 2010-10-02 07:49 - 000786658 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-03 19:16 - 2009-07-14 12:37 - 000000000 ____D C:\Windows\inf
2020-09-03 15:52 - 2020-08-06 16:09 - 000003490 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger
2020-09-03 15:52 - 2020-03-24 18:26 - 000003368 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-03 15:52 - 2020-03-24 18:26 - 000003240 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-03 15:52 - 2019-05-01 19:45 - 000003354 _____ C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-03 15:52 - 2018-10-09 07:55 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-03 15:52 - 2017-12-01 15:07 - 000003738 _____ C:\Windows\system32\Tasks\ArcSoft Connect
2020-09-03 15:52 - 2017-12-01 15:07 - 000003680 _____ C:\Windows\system32\Tasks\Java Platform SE Auto Updater
2020-09-03 15:52 - 2016-07-05 08:35 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd
2020-09-03 15:52 - 2016-07-05 08:35 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459
2020-09-03 15:52 - 2016-04-18 15:50 - 000003098 _____ C:\Windows\system32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263}
2020-09-03 15:52 - 2016-04-08 11:44 - 000003900 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-09-03 15:52 - 2016-04-08 11:44 - 000003648 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-09-03 15:52 - 2015-06-28 16:37 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-03 15:52 - 2012-06-21 11:03 - 000003328 _____ C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-03 15:52 - 2012-06-21 11:03 - 000003194 _____ C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-03 15:01 - 2013-05-03 17:06 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-02 10:25 - 2020-03-24 18:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-22 13:20 - 2015-12-20 15:18 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-15 11:55 - 2016-04-08 11:44 - 000000000 ____D C:\Program Files\Dropbox
2020-08-15 11:35 - 2017-12-01 14:27 - 000001923 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2020-08-15 11:35 - 2017-12-01 14:27 - 000001923 _____ C:\ProgramData\Desktop\AVG Internet Security.lnk
2020-08-13 12:08 - 2017-05-30 11:36 - 000277008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-08-13 12:06 - 2020-04-10 16:51 - 000374240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-08-13 12:06 - 2019-01-27 16:37 - 000188552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-08-13 12:06 - 2019-01-27 16:36 - 000056456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-08-13 12:06 - 2019-01-27 16:35 - 000154760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-08-13 12:06 - 2018-10-21 12:46 - 000040792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-08-13 12:06 - 2017-11-28 14:51 - 000175320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000691120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000393544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000094248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000072896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
 
==================== Files in the root of some directories ========
 
2016-08-27 10:06 - 2019-03-30 13:18 - 000363520 _____ () C:\Users\Roger\AppData\Roaming\albumworks Prefsv3
2011-02-21 21:19 - 2014-05-25 09:53 - 000000075 _____ () C:\Users\Roger\AppData\Roaming\AVSMediaPlayer.m3u
2016-08-01 11:37 - 2017-05-31 14:41 - 000087608 _____ () C:\Users\Roger\AppData\Roaming\inst.exe
2012-05-18 10:32 - 2016-04-26 20:08 - 000002048 _____ () C:\Users\Roger\AppData\Roaming\Officeworks Photobooks Prefs
2016-08-01 11:37 - 2017-05-31 14:41 - 000007887 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.cat
2016-08-01 11:37 - 2017-05-31 14:41 - 000001144 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.inf
2016-08-01 11:37 - 2017-05-31 14:41 - 000000055 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.log
2016-08-01 11:37 - 2017-05-31 14:41 - 000047360 _____ (VSO Software) C:\Users\Roger\AppData\Roaming\pcouffin.sys
2010-10-04 11:16 - 2020-09-06 20:19 - 000001191 _____ () C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2012-10-24 20:35 - 2016-12-13 13:21 - 000012800 _____ () C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-29 11:03 - 2011-01-29 11:03 - 000000093 _____ () C:\Users\Roger\AppData\Local\fusioncache.dat
2012-10-16 15:55 - 2012-10-16 15:55 - 000000017 _____ () C:\Users\Roger\AppData\Local\resmon.resmoncfg
2020-07-03 17:12 - 2020-07-03 17:12 - 000000000 _____ () C:\Users\Roger\AppData\Local\{77F8A647-26CF-4D65-B3B8-4952CA0B9481}
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ () C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2016-02-20 07:04
==================== End of FRST.txt ========================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-08-2020
Ran by Roger (08-09-2020 16:15:50)
Running from C:\Users\Roger\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 21:47:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3345017777-2939274015-3433995129-500 - Administrator - Disabled)
Guest (S-1-5-21-3345017777-2939274015-3433995129-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3345017777-2939274015-3433995129-1002 - Limited - Enabled)
Roger (S-1-5-21-3345017777-2939274015-3433995129-1001 - Administrator - Enabled) => C:\Users\Roger
__vmware_user__ (S-1-5-21-3345017777-2939274015-3433995129-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Disabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Disabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510af_Help (HKLM\...\{C175D5B0-ED04-42C9-B23F-D8BD406173E7}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (HKLM\...\{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (HKLM\...\{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
AIO_Scan (HKLM\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
albumworks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\albumworks) (Version: albumworks 2015.2.0 - albumworks)
Apple Application Support (32-bit) (HKLM\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7A575C48-96BC-4D2F-BD35-51AEF4B9BB0D}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM\...\{EE72C3F7-4B98-493E-9263-AECFADBC8184}) (Version: 3.5.35.318 - ArcSoft)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Studio v.1.0.17 (HKLM\...\{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1) (Version: 1.0.17 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 4.0.3 (HKLM\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Recovery (HKLM\...\{BB339C1F-E203-2A07-CBAF-6329C61FE1CC}_is1) (Version: 1.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 4 (HKLM\...\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1) (Version: 4.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.10 (HKLM\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
Assessment and Deployment Kit (HKLM\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
AtomTime Pro 3.1a (HKLM\...\AtomTime Pro_is1) (Version: 3.1a - Naissan Innovations, LLC)
Auto Power-on & Shut-down 2.50 (HKLM\...\Auto Power-on & Shut-down_is1) (Version:  - LifSoft, Inc.)
AVG 2016 (HKLM\...\{D329E340-285C-43EA-9F89-E7524324656B}) (Version: 16.0.4533 - AVG Technologies) Hidden
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG PC TuneUp (HKLM\...\{29BA5B43-1BFC-468D-8C8D-4DAC29524387}) (Version: 16.80.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.80.3.38236 - AVG Technologies)
AVG Secure VPN (HKLM\...\{078F51FA-D92F-419A-9E69-08BC59265F7E}_is1) (Version: 1.6.667 - AVG)
AVS Audio Converter 9.1.3 (HKLM\...\AVS Audio Converter_is1) (Version: 9.1.3.601 - Online Media Technologies Ltd.)
AVS Audio Editor 9.1.3 (HKLM\...\AVS Audio Editor_is1) (Version: 9.1.3.541 - Online Media Technologies Ltd.)
AVS Disc Creator 6.1.9 (HKLM\...\AVS Disc Creator_is1) (Version: 6.1.9.559 - Online Media Technologies Ltd.)
AVS Document Converter 4.2.4 (HKLM\...\AVS Document Converter_is1) (Version: 4.2.4.269 - Online Media Technologies Ltd.)
AVS Image Converter 5.2.4 (HKLM\...\AVS Image Converter_is1) (Version: 5.2.4.303 - Online Media Technologies Ltd.)
AVS Media Player 5.1.4 (HKLM\...\AVS Media Player_is1) (Version: 5.1.4.137 - Online Media Technologies Ltd.)
AVS Photo Editor 3.2.4 (HKLM\...\AVS Photo Editor_is1) (Version: 3.2.4.168 - Online Media Technologies Ltd.)
AVS Registry Cleaner 4.1.5 (HKLM\...\AVS Registry Cleaner_is1) (Version: 4.1.5.291 - Online Media Technologies Ltd.)
AVS Video Converter 12.0.3 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.3.654 - Online Media Technologies Ltd.)
AVS Video Editor 9.3.1 (HKLM\...\AVS Video Editor_is1) (Version: 9.3.1.354 - Online Media Technologies Ltd.)
AVS Video ReMaker 6.3.4 (HKLM\...\AVS Video ReMaker_is1) (Version: 6.3.4.238 - Online Media Technologies Ltd.)
AVS Video Tools 5.6 (HKLM\...\AVS Video Tools 5_is1) (Version:  - Online Media Technologies Ltd.)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 6.0.3 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Codec-TS SDK (HKLM\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version:  - ArcSoft)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
De-interlace SDK (HKLM\...\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}) (Version:  - ArcSoft)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocMgr (HKLM\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 104.4.175 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
DV STUDIO2 (HKLM\...\DvStudio2) (Version:  - )
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Tools M Beta 0.6.1 (HKLM\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version:  - EaseUS)
Elements 11 Organizer (HKLM\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
e-tax 2011 (HKLM\...\{C078C299-C2C2-4110-A6EF-8D5E66C228DA}) (Version: 10.1.671 - ATO)
e-tax 2012 (HKLM\...\{B0F1B02F-47A6-411D-A38B-E44CC7F53CCC}) (Version: 6.0.577 - Australian Taxation Office)
e-tax 2013 (HKLM\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.7.491 - Australian Taxation Office)
e-tax 2015 (HKLM\...\{9D19C250-CE9A-4BF0-91C8-031665D54D16}) (Version: 2.10.541 - Australian Taxation Office)
Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.48.1 (HKLM\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
FLV Player (remove only) (HKLM\...\FLVM Player) (Version:  - ) <==== ATTENTION
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
FMW 1 (HKLM\...\{C22DCE85-A6B0-4D3D-81AC-460D7726CCA5}) (Version: 1.227.45 - AVG Technologies) Hidden
FreeFileSync 6.0 (HKLM\...\FreeFileSync) (Version: 6.0 - Zenju)
GoldWave v5.70 (HKLM\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Handy Address Book (HKLM\...\Handy Address Book) (Version:  - Beiley Software)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
IR (HKLM\...\{6838CBD8-FA1B-43B3-90BD-8C327C4F0D2E}) (Version: 1.00.0000 - My Company Name)
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{A7272984-8320-42D2-9D2A-4CB36A3114D9}) (Version: 12.10.7.3 - Apple Inc.)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karen's Replicator (HKLM\...\Karen's Replicator) (Version: 3.6.0.9 - Karen Kenworthy)
Kits Configuration Installer (HKLM\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Codec Pack 8.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
Lukas Ara (HKLM\...\{E59C270C-1D8C-477E-843C-060F85AC1139}) (Version: 1.8.7 - Lukas)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
marvell 61xx (HKLM\...\mv61xxDriver) (Version: 1.2.0.69 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.6.164 - McAfee, Inc.)
MediaInfo 0.7.38 (HKLM\...\MediaInfo) (Version: 0.7.38 - MediaArea.net)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
MiVue Manager (HKLM\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.35.1 - Mio Technology Corporation)
Momento 5.6.1 (HKLM\...\Momento) (Version:  - )
Moyea FLV Editor Lite version: 1.1.1.846 (HKLM\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OBS Studio (HKLM\...\OBS Studio) (Version: 23.0.2 - OBS Project)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officeworks Photobooks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Officeworks Photobooks) (Version: Officeworks Photobooks 2.5.8 - Officeworks Photobooks)
OVT Scanner X86 (HKLM\...\{6B566EFE-DC1D-471F-93DD-84832663F140}) (Version: 1.00.0000 - OVT)
PDF24 Creator 3.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSE11 STI Installer (HKLM\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pure Motion EditStudio 3 (HKLM\...\{B33E1335-67DB-4C38-A5BC-F49E86C23280}) (Version: 03.00.15000 - Pure Motion)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM\...\{2C1A45EC-8ED5-4CFF-B8B4-417DA850F67E}) (Version: 18.1.16.215 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 18.1) (Version: 18.1.16 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recorder Devices for ShareX 0.12.10 (HKLM\...\Recorder Devices for ShareX_is1) (Version: 0.12.10 - )
Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform)
Remind-Me (HKLM\...\Remind-Me) (Version:  - Beiley Software)
Revo Uninstaller Pro 2.5.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.16 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Status (HKLM\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.3.1.12 - 2BrightSparks)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TAT Viewer 5G 2.1.14 (HKLM\...\TAT Viewer 5G) (Version: 2.1.14 - ESV)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Toolkit Documentation (HKLM\...\{AB1F3428-D2C6-895F-1966-BA55647B40D8}) (Version: 8.59.25584 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Total Recorder 8.1 (HKLM\...\TotalRecorder) (Version:  - )
TrayApp (HKLM\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
TT-SB SDK (HKLM\...\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}) (Version:  - ArcSoft)
TurboCAD v6 (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\TurboCAD v6) (Version:  - )
TurboCAD v6 Symbols (HKLM\...\TurboCAD v6 Symbols) (Version:  - )
Uninstall OVT Scanner (HKLM\...\OVT Scanner) (Version:  - )
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAP11G (HKLM\...\{2C73154B-F7F9-4B53-AF56-D06846C99EC4}_is1) (Version: 5.0.17.0 for WIN7/VISTA/WINXP - ShenZhen HouTian Network Communication Techlogy Co.Ltd)
vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VMware Player (HKLM\...\{A53A11EA-0095-493F-86FA-A15E8A86A405}) (Version: 3.1.3.14951 - VMware, Inc.) Hidden
VMware Player (HKLM\...\VMware_Player) (Version: 3.1.3.14951 - VMware, Inc)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinFast DAB (HKLM\...\{AC497343-E0D3-4A07-9496-ACB829A7338D}) (Version: 10.11.10.7 - Leadtek)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wondershare Filmora(Build 7.8.9) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.5.1) (HKLM\...\UniConverter_is1) (Version: 11.7.5.1 - Wondershare Software)
Wondershare Video Converter Pro(Build 9.0.2.1) (HKLM\...\Wondershare Video Converter Pro_is1) (Version: 9.0.2.1 - Wondershare Software)
Yodot Recovery Software (HKLM\...\{3D0B1313-049A-4C70-B8CC-9AFB84109F89}_is1) (Version: 1.0.0.3 - Yodot Software)
YTD Video Downloader 3.9.4 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version:  - GreenTree Applications SRL) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{6F44AD55-3DAA-4D63-B2D6-5BB1748BAA7B}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2010-08-12] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [151552 2011-07-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\system32\vmnc.dll [252528 2010-11-11] (VMware, Inc. -> VMware, Inc.)
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [74752 2011-11-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2013-04-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2019-12-07 12:06 - 2019-12-07 12:05 - 048920064 _____ () [File not signed] C:\Program Files\AVG\UiDll\2623\libcef.dll
2018-01-30 18:26 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-30 18:26 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-04-10 22:19 - 2019-02-23 07:21 - 000059904 _____ () [File not signed] C:\Program Files\Recorder Devices for ShareX\screen-capture-recorder.dll
2018-03-15 14:58 - 2015-02-27 13:38 - 000214528 _____ () [File not signed] C:\Windows\System32\WSCM32.dll
2016-02-04 10:25 - 2009-08-21 02:49 - 000028672 _____ (afa) [File not signed] C:\Windows\System32\AF15BDAEX.dll
2016-02-25 17:12 - 2008-09-05 14:04 - 000155648 _____ (arcsoft) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\uEpg.dll
2019-09-19 14:08 - 2015-01-09 08:46 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2019-09-19 14:08 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-11-13 18:22 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJPLM\CNMPU.DLL
2018-11-13 18:22 - 2017-12-07 11:25 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJPLM\cnmpu2.dll
2018-11-13 19:33 - 2015-03-17 07:50 - 000380928 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMNPPM.DLL
2009-05-21 22:13 - 2009-05-21 22:13 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqddsvc.dll
2016-02-25 17:14 - 2004-08-17 11:00 - 000413696 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\MSVCP60.dll
2011-06-15 21:27 - 2011-06-15 21:27 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\ucrtbase.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\VCRUNTIME140.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\imageformats\qgif.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\imageformats\qico.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\platforms\qwindows.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 004679168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Core.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 005026816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Gui.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 004480512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Widgets.dll
2020-01-03 15:18 - 2019-12-10 12:28 - 000229888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5WinExtras.dll
2018-01-30 18:26 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE [128]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (2).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\spcsite.exe:SmartScreen [7]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:04 - 2019-01-22 18:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\ArcSoft\Bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Acronis\SnapAPI\;C:\Program Files\Windows Live\Shared;C:\Program Files\Common Files\HP\Digital Imaging\bin;I:\Program Files\HP\Digital Imaging\bin\;I:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\QuickTime\QTSystem\
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.120.4.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.5.lnk => C:\Windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.5.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start OpdiTracker.lnk => C:\Windows\pss\Start OpdiTracker.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Handy Address Book.LNK => C:\Windows\pss\Handy Address Book.LNK.Startup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 7\ashsnap.exe
MSCONFIG\startupreg: AutoPowerOn => I:\DOWNLOADS\AutoPowerOn\WinScheduler.exe
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Copernic Desktop Search - Home => "I:\Program Files\Copernic Search\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
MSCONFIG\startupreg: facemoods => "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Google Update => "C:\Users\Roger\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => I:\Program Files\SuperAntiSpyware\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files\VMware\VMware Player\hqtray.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FFEA91E9-B20E-48DD-8E76-F7DBE9430B9E}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{141187BE-D94B-4C43-B7AE-EE9F24464819}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{54F7D0AD-CB8C-4B32-80A6-AFA2EEA4ADD9}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50371EF4-F689-4AAC-A73B-8081F20528D7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFA23E1B-A3F6-4F03-AB94-FB34AF8C887E}] => (Allow) LPort=2869
FirewallRules: [{5CCD0CF8-ABB1-45B6-835C-A7BF1CE8AECF}] => (Allow) LPort=1900
FirewallRules: [{B8BF07A1-09E5-4F43-BF7B-3C7718E1DE62}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9152EF9E-0D00-448C-A6F5-6C5F3DD01930}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5B2873C0-88A2-4643-856B-14741072CB51}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{BA9A6B2D-4F20-4782-A50C-F1330A25DC75}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{24458EFC-4EF6-41AE-9086-621B9D7AEDA3}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{5F85CEB2-5EA6-45DB-BBEF-1C8540C76F3A}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B60F198D-860B-4A95-92BA-A6627A8582E7}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{3ED6A11A-A2B2-4358-8137-29BF41821D6A}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B13A82F3-2677-45F8-99A5-75319A18D0E6}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{7684FF4F-F9FD-4A4B-825F-E6CD1F93D4B7}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9D86B58E-D03A-4F5C-9486-DF7B4FBDF861}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{5C280F13-610A-4809-84EF-87F5221A8CE8}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A30CDE31-7D17-4B6C-B657-96992B61DDF0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E45D0EB-C711-4D20-A804-39DECD7D2ACD}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A37E4DD-D314-405F-BD87-631C8613FEB2}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F678E021-A9AB-461F-9049-3E195DC46718}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F26A2BE-A50C-4527-979F-F9BA3FB86FE1}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8F610C7D-60CF-42B4-9179-09D7FB476C35}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1BBCF758-EBF8-442E-9DA7-9CE66784BBB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FC97A9E-FDBB-4204-941A-86166D0D242D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D7645BF1-8DF1-44AC-807D-10C03FF4FFF6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C53DCF4D-7BCB-4E27-BD46-28776C24BF7A}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{94D5D2F1-5B08-4F25-9023-784E7C9927A8}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2E4F5C3C-265F-4247-9194-2CCB69B75808}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{667F3FE4-C427-4BAE-84BC-038C85FF0B64}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{ABA7BABC-FD06-4C41-9249-BF6CC6A4525D}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{30BDFDE9-7B05-4F4A-BD4E-1800BD8FA0DC}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{BCFD1AAC-3654-42F7-8180-24E4F2FD8664}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8AF51F6A-7D12-40C8-A6C9-3FC604EAD0B6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{DF21C5B4-58E0-4864-A22B-5FB55B398786}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8F2B5175-B318-4BD5-967C-F881C4FC1EE4}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{E2BCB33E-B67C-43D7-B1D3-88EEF67BDA40}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D2C46A53-F14E-48DC-9ACC-1AFEAC27B038}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0EA70D0-E80E-474C-ABAC-32BB49072E9C}] => (Allow) I:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{1FDCC6D6-A42A-4644-9E87-C72B8FD9837E}] => (Allow) I:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{CD90CBBE-A825-45B4-A7C1-2FE59DE1CFAE}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [UDP Query User{B7F9164C-F90C-4C9A-BE20-7F69C4E3D7EB}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{BB33342F-E6C4-4240-AD65-669F2B9F4C68}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{97734015-6DC1-45E3-982B-26818850EB0E}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{2323AADA-6661-41E2-8B1B-0DFDDC85F75E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A78F2304-C303-4E6A-A1D4-B486D8AF574D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1007D23F-93CC-4397-8299-AC6FCF6E3248}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{382FA993-4333-45C6-814A-C57E7366D187}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{BAA4DE0F-1AC8-4539-AA21-AD228D520867}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{531792CB-5EF2-4AD6-B4AC-7961E7BB691A}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{44061AC5-AA23-4FB0-AF06-BFF1730CBE52}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F3CFFB94-FBEE-411D-8EBE-D838E80EDA22}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B7C9594-501B-47DD-9893-656784DAD9D2}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{50F201FC-2D01-4DAA-A886-6727B34AED4C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59E25DBD-367D-4CD9-A0C3-1D6CE429CAF3}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{8EC64E58-374E-4714-8F18-E665A87BF56A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
27-08-2020 16:20:13 Removed LastPass
27-08-2020 16:27:26 Removed LastPass
27-08-2020 17:43:22 Removed LastPass
27-08-2020 17:45:15 Removed LastPass
27-08-2020 17:48:52 Removed LastPass
 
==================== Faulty Device Manager Devices ============
 
Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/08/2020 03:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Photoshop.exe version 7.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 6d8
 
Start Time: 01c19209ebd04ba9
 
Termination Time: 104
 
Application Path: I:\Program Files\Photoshop\Photoshop.exe
 
Report Id: 3e5068c1-f195-11ea-81eb-005056c00008
 
Error: (09/08/2020 03:36:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST.exe version 29.8.2020.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2090
 
Start Time: 01d685a1afb8a976
 
Termination Time: 60000
 
Application Path: H:\FRST.exe
 
Report Id: 1230bfec-f195-11ea-81eb-005056c00008
 
Error: (09/08/2020 02:26:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13681
 
Error: (09/08/2020 02:26:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13681
 
Error: (09/08/2020 02:26:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/08/2020 02:26:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12682
 
Error: (09/08/2020 02:26:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12682
 
Error: (09/08/2020 02:26:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (09/08/2020 04:14:03 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{AD353DAA-B25B-4B5C-B251-01DED43CECF9} because another computer on the network has the same name.  The server could not start.
 
Error: (09/08/2020 04:11:46 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{AD353DAA-B25B-4B5C-B251-01DED43CECF9} because another computer on the network has the same name.  The server could not start.
 
Error: (09/08/2020 04:11:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (09/08/2020 04:10:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/08/2020 04:10:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/08/2020 03:24:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/08/2020 03:23:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/08/2020 02:12:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
 
CodeIntegrity:
===================================
 
Date: 2015-11-13 13:58:37.218
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:37.140
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:37.062
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:36.969
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 0502 08/20/2008
Motherboard: ASUSTeK Computer INC. P5Q SE
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 83%
Total physical RAM: 3327.05 MB
Available physical RAM: 535.94 MB
Total Virtual: 6652.48 MB
Available Virtual: 2793.64 MB
 
==================== Drives ================================
 
Drive c: (Windows 7) (Fixed) (Total:931.41 GB) (Free:710.23 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Spare 500Gb Disk) (Fixed) (Total:465.76 GB) (Free:258.2 GB) NTFS
Drive f: (Video Files) (Fixed) (Total:324.49 GB) (Free:237.67 GB) NTFS
Drive h: () (Removable) (Total:14.9 GB) (Free:13.96 GB) FAT32
Drive i: (Data I) (Fixed) (Total:607.03 GB) (Free:409.85 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 69205244)
Partition 1: (Active) - (Size=607 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=324.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A08FA08F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 6E697373)
No partition Table on disk 2.
 
==========================================================
Disk: 3 (Size: 14.9 GB) (Disk ID: 694CB996)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Download ESET's Service Repair http://www.wintips.o...vicesRepair.zipand Save it then right click on it Extract All.

Find ServicesRepair.exe and Run As Admin.

 

Reboot.

 

Rescan with FRST.


  • 0

#3
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Hello again Ron,

 

Thanks for the earlier email, below are the new FRST.txt and .addition.txt files.  I actually ran Service Repair tewice, the first time it did not appear to complete properly but I found a report report posted so I guess it did.  (The files pasted are below are after the Second run.  I hope this has not affected the information you need, but if it helps I can send you the first report.)

 

Thanks as always

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-08-2020
Ran by Roger (administrator) on ASUSWIN7 (09-09-2020 17:17:14)
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Windows\System32\AFRCtl.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\Vpn.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(AVG Technologies USA, LLC -> The OpenVPN Project) C:\Program Files\AVG\Secure VPN\OpenVPN\openvpn.exe
(Beiley Software -> Beiley Software Inc.) C:\Program Files\Handy Address Book\habook.exe
(Beiley Software, Inc. -> Beiley Software Inc.) C:\Program Files\Remind-Me\RemindMe.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Canon Inc. -> ) C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files\EaseUS\EaseUS Tools M\bin\AliyunWrapExe.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\EaseUS Tools M\bin\EaseUS Tools M.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\rpbgconverter.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [219888 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AFRCtl] => C:\Windows\system32\AFRCtl.exe [94208 2009-11-18] () [File not signed]
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [7651840 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Ashampoo Backup PB] => "C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupClient-abpb.exe" --hidden
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [145544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [353064 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [EaseUS FixTool] => C:\Program Files\EaseUS\EaseUS Tools M\bin\UpdateExe.exe [131752 2019-12-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [264504 2020-05-20] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MG3200 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDB8.DLL [29184 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDCT.DLL [29184 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\W32X86\hpfpp70w.dll [315904 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3200 series: C:\Windows\system32\CNMLMB8.DLL [314880 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [329728 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMNPPM.DLL [380928 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\Windows\system32\hpf3l70w.dll [123904 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2018-12-26]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-12-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2019-04-10]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-02-25]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Handy Address Book.lnk [2018-11-26]
ShortcutTarget: Handy Address Book.lnk -> C:\Program Files\Handy Address Book\habook.exe (Beiley Software -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2020-03-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemindMe.lnk [2020-09-05]
ShortcutTarget: RemindMe.lnk -> C:\Program Files\Remind-Me\RemindMe.exe (Beiley Software, Inc. -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinCal.exe - Shortcut.lnk [2013-01-05]
ShortcutTarget: WinCal.exe - Shortcut.lnk -> C:\Program Files\Windows Calendar\Windows Calendar\WinCal.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {08655404-22B9-41B6-86D4-970511E09F7B} - System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.259&LastError=404
Task: {0F6E12E3-4226-417A-A231-53393B08F929} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {170C7E52-0CB8-4349-BB7B-117CE0AA881A} - System32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {17AC67E4-293E-4C78-BAD6-CC608EA648DF} - System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {24712E3A-6DD3-46F7-8614-A8F26CFBEE9B} - System32\Tasks\{E4604945-0C1D-4044-8048-72C82689A17A} => C:\Windows\system32\pcalua.exe -a C:\Users\Roger\AppData\Local\Temp\Temp1_spa-v1.0.0.1.zip\spa-v1.0.0.1.exe <==== ATTENTION
Task: {2546E1CE-F973-4AF8-BBA4-0077818B38A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {26742495-0591-4860-923B-B85A1E34C04E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => c:\program files\real\RealDownloader\recordingmanager.exe [959784 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {280A4ED5-C61C-43AB-9BF1-688833FD45AA} - System32\Tasks\ArcSoft Connect => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
Task: {280C85C2-8484-411D-974C-DC74B31DFEAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {32DDA9B8-1A15-4D5D-A67B-F3FA4EC05BDE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3379336 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {331A22D7-8DEF-4DEB-8DCF-B22219DA1373} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {3A4EE802-316A-41AB-841F-694DB5D71FA0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {41D7B4E7-84C5-4357-A95B-19AA94A23816} - System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.22.73.109.456/en/go/help.faq.installer?LastError=1618
Task: {466366D4-E832-48C8-A10A-7A0C3F53E18E} - System32\Tasks\{C95291DD-5623-4D68-8ABC-DA127FE40FF6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVG\AVG10\avgmfapx.exe" -d C:\Windows\system32 -c /AppMode=DOWNLOADMANAGER /SummerUpdate /PackageType=Free /ProductType=Free
Task: {4E7D70B3-AAF7-4C4D-9962-CEEDA955CAA0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {5F49632E-DF83-4CBA-971E-6A56A3204572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {628D1309-5D6D-4D72-BF99-94C68AA1B6AB} - System32\Tasks\{F67A763C-4647-406A-B1BD-3E92E71A0249} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}
Task: {6C764E46-C424-4A1E-82DD-FA3803122A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {79354257-799D-4945-84BC-D0C9A5431230} - System32\Tasks\AVG EUpdate Task => C:\Program Files\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {7A614177-6323-482B-B0DA-DBE2587D59D9} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1067384 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {819AB425-01A0-4D2B-9FFE-FB5C85BF9636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {82090DEC-2A5B-4196-ABC3-CB50678CB7C4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {926FE819-46EA-4EBF-8E4F-3B4A7F11E35C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {AFC6934B-C020-4201-BF83-5FF93C12F66B} - System32\Tasks\{ADFC604C-A639-463A-A9E4-7AFF6F2FEC97} => C:\Windows\system32\pcalua.exe -a "I:\DOWNLOADS\Officeworks Photobook\OfficeworksPhotobooks.exe" -d "I:\DOWNLOADS\Officeworks Photobook"
Task: {BA2E76E0-3D3D-42F5-8065-758A8A066D1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {BCFA692A-3548-4F2C-8262-95AA24956894} - System32\Tasks\{18275A14-5BCE-45CE-AB72-69AFAE5EB945} => C:\Windows\system32\pcalua.exe -a H:\Setup.exe -d H:\
Task: {C140EB10-A5DC-4F74-8303-858CCEA65E25} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3AA7C8C-4045-4D9D-B0ED-A7954CB763FD} - System32\Tasks\{86AC117D-F25A-4ADE-A95D-73AE2C88C14B} => C:\Windows\system32\pcalua.exe -a "I:\Program Files\Data Recovery Wizard\uninst.exe" -d "I:\Program Files\Data Recovery Wizard"
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {D3A0C160-1CD9-41FD-A6B7-D1E3E2F0E013} - System32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {D7163909-EE65-4E55-92C0-99D9F415783D} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {DC5AF3DC-7B6F-4E1A-AD7F-7BD52D193D39} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1441928 2020-03-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E49C989F-E328-46F2-B389-F65D3A56B192} - System32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {E6C28341-1C15-49CA-AE24-B631664A87CE} - System32\Tasks\RealDownloader Update Check => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
Task: {EF82AFBE-C61C-4528-9973-749FD0E3BF36} - System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: {EFA9F5B8-4E2A-40C5-8187-CC04B9A56687} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {FCBF0D38-0B46-45E5-92C2-D3218F29F709} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE0BCC74-33E8-4762-9D71-7FF40F44B491} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 11 C:\Program Files\VMware\VMware Player\vsocklib.dll [346736 2010-11-11] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 12 C:\Program Files\VMware\VMware Player\vsocklib.dll [346736 2010-11-11] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2E28A1D1-7DDB-4547-B6E4-64478D788640}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{92EFEF13-D0D7-471D-84B5-B8499FF31EE2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AD353DAA-B25B-4B5C-B251-01DED43CECF9}: [NameServer] 100.120.116.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.5,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.88.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.159.1,1]
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/?gws_rd=ssl
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc. -> McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -  No File
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  No File
SearchScopes: HKLM -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> DefaultScope {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2019-02-20] (RealNetworks, Inc. -> RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~2\WONDER~1\VIDEOC~1\WSBROW~1.DLL => No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> I:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-09]
Edge HomePage: Default -> hxxps://www.google.com.au/?gws_rd=ssl
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-08-31]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-09] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor [2012-11-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi => not found
FF HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Firefox\Extensions: [[email protected]] - I:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> I:\Program Files\Picasa\Picasa3\npPicasa3.dll [2014-06-06] (Google Inc -> Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @real.com/nppl3260;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2019-04-10] (RealNetworks, Inc. -> RealPlayer)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-18] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default [2020-09-08]
CHR Notifications: Default -> hxxps://book.qantas.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521","hxxp://www.google.com/"
CHR Extension: (YouTube) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google Search) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (AVG AntiTrack) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncnfnokfcpgpflfikmgpncmleckjllf [2020-01-04]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-11-13]
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx <not found>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [328768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [963224 2020-08-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6954944 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189832 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corporation -> Microsoft Corp.)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [37384 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
R3 hpqcxs08; I:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; I:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [398784 2019-04-22] (Canon Inc. -> )
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [95232 2012-10-23] (McAfee, Inc. -> McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\program files\real\UpdateService\RealPlayerUpdateSvc.exe [38032 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [990856 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 SecureVpn; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [6909048 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [5228896 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 ufad-ws60; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc. -> VMware, Inc.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [38752 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [113264 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [334448 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [539248 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [404080 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Technologies CZ, s.r.o. -> AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
R2 WO_LiveService; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [884608 2012-05-14] (Ashampoo GmbH & Co. KG -> )
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [112560 2020-04-21] (Wondershare Technology Co.,Ltd -> Wondershare)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> ITETech)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (ArcSoft, Inc. -> Arcsoft, Inc.)
S3 APL531; C:\Windows\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1221632 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [175320 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [188552 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [154760 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [56456 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [40792 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [147768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [374240 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2017-12-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [94248 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [72896 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [691120 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [393544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [163368 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [49136 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [277008 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2013-10-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [508632 2014-03-25] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [152400 2012-05-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [175144 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [33832 2011-09-18] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [18728 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-04] () [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [32368 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 LiveTunerPM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor32.sys [12696 2011-03-08] (ashampoo GmbH & Co. KG -> )
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2011-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [154664 2009-05-12] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R3 PKWCap; C:\Windows\System32\DRIVERS\PKWCap.sys [1056384 2007-03-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation -> Corel Corporation)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-19] (Sokno S.R.L. -> Almico Software)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44704 2010-10-04] (Acronis, Inc -> Acronis)
R3 TotRec7; C:\Windows\System32\drivers\TotRec7.sys [131152 2010-04-12] (High Criteria Inc -> High Criteria inc.)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [91216 2010-04-12] (High Criteria Inc -> High Criteria inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-11-15] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [24688 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16560 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [36400 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26352 2010-11-11] (VMware, Inc. -> VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [854128 2010-11-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-ws60; C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [22448 2010-08-19] (VMware, Inc. -> VMware, Inc.)
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation -> Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
Error(1) reading file: "C:\Windows\system32\Tasks\RealPlayer (32-bit) "
2029-01-01 00:02 - 2029-01-01 00:02 - 000000000 ____D C:\Users\Roger\AppData\Local\{A674C75E-E10E-4AD4-8C52-14C3C6C6B6DF}
2020-09-09 17:17 - 2020-09-09 17:23 - 000052453 _____ C:\Users\Roger\Desktop\FRST.txt
2020-09-09 17:04 - 2020-09-09 17:04 - 000003328 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-09 16:10 - 2020-09-09 16:11 - 000000000 ____D C:\Users\Public\Desktop\CC Support
2020-09-09 12:18 - 2020-09-09 12:18 - 000000000 _____ C:\Users\Roger\AppData\Local\{3BF8C1D0-A3F8-418B-969F-093B886AA622}
2020-09-09 12:09 - 2020-09-09 12:09 - 000000000 ____D C:\Users\Roger\Downloads\ServicesRepair
2020-09-09 12:03 - 2020-09-09 12:04 - 003433903 _____ C:\Users\Roger\Downloads\ServicesRepair.zip
2020-09-08 15:34 - 2020-09-09 17:21 - 000000000 ____D C:\FRST
2020-09-08 10:40 - 2020-09-08 10:35 - 002014208 _____ (Farbar) C:\Users\Roger\Desktop\FRST.exe
2020-09-02 10:02 - 2020-09-09 17:04 - 000003194 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-08-27 17:24 - 2020-08-27 17:26 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (2).exe
2020-08-27 17:23 - 2020-08-27 17:25 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (1).exe
2020-08-27 16:33 - 2020-08-27 16:33 - 000000000 ____D C:\Program Files (x86)
2020-08-25 11:19 - 2020-08-25 11:21 - 000000000 ____D C:\Users\Roger\AppData\Local\{E07BE30A-AED0-4C2C-96D8-F35DFAA8CBDE}
2020-08-20 17:19 - 2020-08-20 17:19 - 000010313 _____ C:\Users\Roger\Documents\amelie 1.xlsx
2020-08-19 15:41 - 2020-08-19 15:44 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller.exe
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
2020-08-15 11:54 - 2020-08-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-08-14 19:25 - 2020-08-13 12:06 - 000283272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-08-13 12:08 - 2020-08-14 19:26 - 000048496 _____ () C:\Windows\system32\Drivers\staport.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000163368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000147768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000037384 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-08-10 16:15 - 2020-08-10 16:15 - 000000000 ____D C:\Users\Roger\AppData\Local\{1BBEE513-FB95-47EA-810E-76E67DCBC4D4}
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-09 17:16 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-09 17:16 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-09 17:08 - 2020-01-03 15:18 - 000000000 ____D C:\Users\Roger\AppData\Roaming\epm
2020-09-09 17:08 - 2017-05-30 11:36 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-09-09 17:05 - 2011-03-02 15:40 - 000000000 ____D C:\ProgramData\VMware
2020-09-09 17:03 - 2016-04-08 11:44 - 000000890 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-09-09 17:03 - 2010-11-07 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-09 17:03 - 2009-07-14 14:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-09 16:58 - 2013-07-15 23:23 - 000000000 ____D C:\Windows\system32\MRT
2020-09-09 16:44 - 2016-04-08 11:44 - 000000894 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-09-09 16:40 - 2010-10-04 12:07 - 126817144 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-09 16:35 - 2018-01-30 18:25 - 000000000 ____D C:\Program Files\Wondershare
2020-09-09 16:34 - 2018-01-30 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-09-09 16:13 - 2015-10-24 17:20 - 000000000 ____D C:\ProgramData\Avg
2020-09-09 16:05 - 2016-09-21 13:44 - 000003588 _____ C:\Windows\system32\Tasks\AVG EUpdate Task
2020-09-09 15:59 - 2010-10-02 07:49 - 000786658 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-09 15:59 - 2009-07-14 12:37 - 000000000 ____D C:\Windows\inf
2020-09-09 12:13 - 2009-07-14 14:53 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-09-09 08:56 - 2013-05-03 17:06 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-08 15:31 - 2020-04-18 08:58 - 000000000 ____D C:\Users\Roger\Downloads\Viral videos
2020-09-08 15:30 - 2015-11-09 11:30 - 000000000 ____D C:\Users\Roger\Downloads\FileZilla
2020-09-08 14:24 - 2017-08-30 14:31 - 004036096 ___SH C:\Users\Roger\Desktop\Thumbs.db
2020-09-07 14:19 - 2020-07-01 19:24 - 000000000 ____D C:\Users\Roger\Documents\Wondershare Filmora
2020-09-07 14:18 - 2020-07-01 19:52 - 000002796 _____ C:\Users\Roger\Documents\starburn.txt
2020-09-07 14:18 - 2019-04-04 13:41 - 000000000 ____D C:\Users\Roger\AppData\Roaming\obs-studio
2020-09-06 20:20 - 2011-05-15 16:45 - 000000000 ____D C:\Users\Roger\AppData\Roaming\FileZilla
2020-09-06 20:19 - 2010-10-04 11:16 - 000001191 _____ C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2020-09-06 17:52 - 2013-02-01 21:01 - 000000000 ____D C:\Users\Roger\Documents\ConvertXToDVD
2020-09-06 17:50 - 2018-07-15 16:07 - 000000000 ____D C:\Users\Roger\AppData\Local\CrashDumps
2020-09-06 17:31 - 2010-10-04 11:16 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Vso
2020-09-03 15:52 - 2020-08-06 16:09 - 000003490 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger
2020-09-03 15:52 - 2020-03-24 18:26 - 000003368 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-03 15:52 - 2020-03-24 18:26 - 000003240 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-03 15:52 - 2019-05-01 19:45 - 000003354 _____ C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-03 15:52 - 2018-10-09 07:55 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-03 15:52 - 2017-12-01 15:07 - 000003738 _____ C:\Windows\system32\Tasks\ArcSoft Connect
2020-09-03 15:52 - 2017-12-01 15:07 - 000003680 _____ C:\Windows\system32\Tasks\Java Platform SE Auto Updater
2020-09-03 15:52 - 2016-07-05 08:35 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd
2020-09-03 15:52 - 2016-07-05 08:35 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459
2020-09-03 15:52 - 2016-04-18 15:50 - 000003098 _____ C:\Windows\system32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263}
2020-09-03 15:52 - 2016-04-08 11:44 - 000003900 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-09-03 15:52 - 2016-04-08 11:44 - 000003648 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-09-03 15:52 - 2015-06-28 16:37 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-03 15:52 - 2012-06-21 11:03 - 000003328 _____ C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-03 15:52 - 2012-06-21 11:03 - 000003194 _____ C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-02 10:25 - 2020-03-24 18:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-22 13:20 - 2015-12-20 15:18 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-15 11:55 - 2016-04-08 11:44 - 000000000 ____D C:\Program Files\Dropbox
2020-08-13 12:08 - 2017-05-30 11:36 - 000277008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-08-13 12:06 - 2020-04-10 16:51 - 000374240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-08-13 12:06 - 2019-01-27 16:37 - 000188552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-08-13 12:06 - 2019-01-27 16:36 - 000056456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-08-13 12:06 - 2019-01-27 16:35 - 000154760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-08-13 12:06 - 2018-10-21 12:46 - 000040792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-08-13 12:06 - 2017-11-28 14:51 - 000175320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000691120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000393544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000094248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000072896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
 
==================== Files in the root of some directories ========
 
2016-08-27 10:06 - 2019-03-30 13:18 - 000363520 _____ () C:\Users\Roger\AppData\Roaming\albumworks Prefsv3
2011-02-21 21:19 - 2014-05-25 09:53 - 000000075 _____ () C:\Users\Roger\AppData\Roaming\AVSMediaPlayer.m3u
2016-08-01 11:37 - 2017-05-31 14:41 - 000087608 _____ () C:\Users\Roger\AppData\Roaming\inst.exe
2012-05-18 10:32 - 2016-04-26 20:08 - 000002048 _____ () C:\Users\Roger\AppData\Roaming\Officeworks Photobooks Prefs
2016-08-01 11:37 - 2017-05-31 14:41 - 000007887 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.cat
2016-08-01 11:37 - 2017-05-31 14:41 - 000001144 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.inf
2016-08-01 11:37 - 2017-05-31 14:41 - 000000055 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.log
2016-08-01 11:37 - 2017-05-31 14:41 - 000047360 _____ (VSO Software) C:\Users\Roger\AppData\Roaming\pcouffin.sys
2010-10-04 11:16 - 2020-09-06 20:19 - 000001191 _____ () C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2012-10-24 20:35 - 2016-12-13 13:21 - 000012800 _____ () C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-29 11:03 - 2011-01-29 11:03 - 000000093 _____ () C:\Users\Roger\AppData\Local\fusioncache.dat
2012-10-16 15:55 - 2012-10-16 15:55 - 000000017 _____ () C:\Users\Roger\AppData\Local\resmon.resmoncfg
2020-09-09 12:18 - 2020-09-09 12:18 - 000000000 _____ () C:\Users\Roger\AppData\Local\{3BF8C1D0-A3F8-418B-969F-093B886AA622}
2020-07-03 17:12 - 2020-07-03 17:12 - 000000000 _____ () C:\Users\Roger\AppData\Local\{77F8A647-26CF-4D65-B3B8-4952CA0B9481}
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ () C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2016-02-20 07:04
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-08-2020
Ran by Roger (09-09-2020 17:27:45)
Running from C:\Users\Roger\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 21:47:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3345017777-2939274015-3433995129-500 - Administrator - Disabled)
Guest (S-1-5-21-3345017777-2939274015-3433995129-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3345017777-2939274015-3433995129-1002 - Limited - Enabled)
Roger (S-1-5-21-3345017777-2939274015-3433995129-1001 - Administrator - Enabled) => C:\Users\Roger
__vmware_user__ (S-1-5-21-3345017777-2939274015-3433995129-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510af_Help (HKLM\...\{C175D5B0-ED04-42C9-B23F-D8BD406173E7}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (HKLM\...\{8B9F50F9-BA6F-47c5-990B-76A74A1C68B0}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (HKLM\...\{3EB6F78A-66E3-434f-BD0E-76C7D078DB5E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
AIO_Scan (HKLM\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
albumworks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\albumworks) (Version: albumworks 2015.2.0 - albumworks)
Apple Application Support (32-bit) (HKLM\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7A575C48-96BC-4D2F-BD35-51AEF4B9BB0D}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM\...\{EE72C3F7-4B98-493E-9263-AECFADBC8184}) (Version: 3.5.35.318 - ArcSoft)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Studio v.1.0.17 (HKLM\...\{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1) (Version: 1.0.17 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 4.0.3 (HKLM\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Recovery (HKLM\...\{BB339C1F-E203-2A07-CBAF-6329C61FE1CC}_is1) (Version: 1.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 4 (HKLM\...\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1) (Version: 4.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.10 (HKLM\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
Assessment and Deployment Kit (HKLM\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
AtomTime Pro 3.1a (HKLM\...\AtomTime Pro_is1) (Version: 3.1a - Naissan Innovations, LLC)
Auto Power-on & Shut-down 2.50 (HKLM\...\Auto Power-on & Shut-down_is1) (Version:  - LifSoft, Inc.)
AVG 2016 (HKLM\...\{D329E340-285C-43EA-9F89-E7524324656B}) (Version: 16.0.4533 - AVG Technologies) Hidden
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG PC TuneUp (HKLM\...\{29BA5B43-1BFC-468D-8C8D-4DAC29524387}) (Version: 16.80.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.80.3.38236 - AVG Technologies)
AVG Secure VPN (HKLM\...\{078F51FA-D92F-419A-9E69-08BC59265F7E}_is1) (Version: 1.6.667 - AVG)
AVS Audio Converter 9.1.3 (HKLM\...\AVS Audio Converter_is1) (Version: 9.1.3.601 - Online Media Technologies Ltd.)
AVS Audio Editor 9.1.3 (HKLM\...\AVS Audio Editor_is1) (Version: 9.1.3.541 - Online Media Technologies Ltd.)
AVS Disc Creator 6.1.9 (HKLM\...\AVS Disc Creator_is1) (Version: 6.1.9.559 - Online Media Technologies Ltd.)
AVS Document Converter 4.2.4 (HKLM\...\AVS Document Converter_is1) (Version: 4.2.4.269 - Online Media Technologies Ltd.)
AVS Image Converter 5.2.4 (HKLM\...\AVS Image Converter_is1) (Version: 5.2.4.303 - Online Media Technologies Ltd.)
AVS Media Player 5.1.4 (HKLM\...\AVS Media Player_is1) (Version: 5.1.4.137 - Online Media Technologies Ltd.)
AVS Photo Editor 3.2.4 (HKLM\...\AVS Photo Editor_is1) (Version: 3.2.4.168 - Online Media Technologies Ltd.)
AVS Registry Cleaner 4.1.5 (HKLM\...\AVS Registry Cleaner_is1) (Version: 4.1.5.291 - Online Media Technologies Ltd.)
AVS Video Converter 12.0.3 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.3.654 - Online Media Technologies Ltd.)
AVS Video Editor 9.3.1 (HKLM\...\AVS Video Editor_is1) (Version: 9.3.1.354 - Online Media Technologies Ltd.)
AVS Video ReMaker 6.3.4 (HKLM\...\AVS Video ReMaker_is1) (Version: 6.3.4.238 - Online Media Technologies Ltd.)
AVS Video Tools 5.6 (HKLM\...\AVS Video Tools 5_is1) (Version:  - Online Media Technologies Ltd.)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 6.0.3 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Codec-TS SDK (HKLM\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version:  - ArcSoft)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
De-interlace SDK (HKLM\...\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}) (Version:  - ArcSoft)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DocMgr (HKLM\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 104.4.175 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
DV STUDIO2 (HKLM\...\DvStudio2) (Version:  - )
EaseUS Tools M Beta 0.6.1 (HKLM\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version:  - EaseUS)
Elements 11 Organizer (HKLM\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
e-tax 2011 (HKLM\...\{C078C299-C2C2-4110-A6EF-8D5E66C228DA}) (Version: 10.1.671 - ATO)
e-tax 2012 (HKLM\...\{B0F1B02F-47A6-411D-A38B-E44CC7F53CCC}) (Version: 6.0.577 - Australian Taxation Office)
e-tax 2013 (HKLM\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.7.491 - Australian Taxation Office)
e-tax 2015 (HKLM\...\{9D19C250-CE9A-4BF0-91C8-031665D54D16}) (Version: 2.10.541 - Australian Taxation Office)
Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.48.1 (HKLM\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
FLV Player (remove only) (HKLM\...\FLVM Player) (Version:  - ) <==== ATTENTION
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
FMW 1 (HKLM\...\{C22DCE85-A6B0-4D3D-81AC-460D7726CCA5}) (Version: 1.227.45 - AVG Technologies) Hidden
FreeFileSync 6.0 (HKLM\...\FreeFileSync) (Version: 6.0 - Zenju)
GoldWave v5.70 (HKLM\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Handy Address Book (HKLM\...\Handy Address Book) (Version:  - Beiley Software)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
IR (HKLM\...\{6838CBD8-FA1B-43B3-90BD-8C327C4F0D2E}) (Version: 1.00.0000 - My Company Name)
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{A7272984-8320-42D2-9D2A-4CB36A3114D9}) (Version: 12.10.7.3 - Apple Inc.)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karen's Replicator (HKLM\...\Karen's Replicator) (Version: 3.6.0.9 - Karen Kenworthy)
Kits Configuration Installer (HKLM\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Codec Pack 8.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
Lukas Ara (HKLM\...\{E59C270C-1D8C-477E-843C-060F85AC1139}) (Version: 1.8.7 - Lukas)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
marvell 61xx (HKLM\...\mv61xxDriver) (Version: 1.2.0.69 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.6.164 - McAfee, Inc.)
MediaInfo 0.7.38 (HKLM\...\MediaInfo) (Version: 0.7.38 - MediaArea.net)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
MiVue Manager (HKLM\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.35.1 - Mio Technology Corporation)
Momento 5.6.1 (HKLM\...\Momento) (Version:  - )
Moyea FLV Editor Lite version: 1.1.1.846 (HKLM\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OBS Studio (HKLM\...\OBS Studio) (Version: 23.0.2 - OBS Project)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officeworks Photobooks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Officeworks Photobooks) (Version: Officeworks Photobooks 2.5.8 - Officeworks Photobooks)
OVT Scanner X86 (HKLM\...\{6B566EFE-DC1D-471F-93DD-84832663F140}) (Version: 1.00.0000 - OVT)
PDF24 Creator 3.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSE11 STI Installer (HKLM\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pure Motion EditStudio 3 (HKLM\...\{B33E1335-67DB-4C38-A5BC-F49E86C23280}) (Version: 03.00.15000 - Pure Motion)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM\...\{2C1A45EC-8ED5-4CFF-B8B4-417DA850F67E}) (Version: 18.1.16.215 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 18.1) (Version: 18.1.16 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recorder Devices for ShareX 0.12.10 (HKLM\...\Recorder Devices for ShareX_is1) (Version: 0.12.10 - )
Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform)
Remind-Me (HKLM\...\Remind-Me) (Version:  - Beiley Software)
Revo Uninstaller Pro 2.5.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.16 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Status (HKLM\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.3.1.12 - 2BrightSparks)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TAT Viewer 5G 2.1.14 (HKLM\...\TAT Viewer 5G) (Version: 2.1.14 - ESV)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Toolkit Documentation (HKLM\...\{AB1F3428-D2C6-895F-1966-BA55647B40D8}) (Version: 8.59.25584 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Total Recorder 8.1 (HKLM\...\TotalRecorder) (Version:  - )
TrayApp (HKLM\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
TT-SB SDK (HKLM\...\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}) (Version:  - ArcSoft)
TurboCAD v6 (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\TurboCAD v6) (Version:  - )
TurboCAD v6 Symbols (HKLM\...\TurboCAD v6 Symbols) (Version:  - )
Uninstall OVT Scanner (HKLM\...\OVT Scanner) (Version:  - )
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAP11G (HKLM\...\{2C73154B-F7F9-4B53-AF56-D06846C99EC4}_is1) (Version: 5.0.17.0 for WIN7/VISTA/WINXP - ShenZhen HouTian Network Communication Techlogy Co.Ltd)
vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VMware Player (HKLM\...\{A53A11EA-0095-493F-86FA-A15E8A86A405}) (Version: 3.1.3.14951 - VMware, Inc.) Hidden
VMware Player (HKLM\...\VMware_Player) (Version: 3.1.3.14951 - VMware, Inc)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinFast DAB (HKLM\...\{AC497343-E0D3-4A07-9496-ACB829A7338D}) (Version: 10.11.10.7 - Leadtek)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.5.1) (HKLM\...\UniConverter_is1) (Version: 11.7.5.1 - Wondershare Software)
Wondershare Video Converter Pro(Build 9.0.2.1) (HKLM\...\Wondershare Video Converter Pro_is1) (Version: 9.0.2.1 - Wondershare Software)
Yodot Recovery Software (HKLM\...\{3D0B1313-049A-4C70-B8CC-9AFB84109F89}_is1) (Version: 1.0.0.3 - Yodot Software)
YTD Video Downloader 3.9.4 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version:  - GreenTree Applications SRL) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{6F44AD55-3DAA-4D63-B2D6-5BB1748BAA7B}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2010-08-12] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [151552 2011-07-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\system32\vmnc.dll [252528 2010-11-11] (VMware, Inc. -> VMware, Inc.)
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [74752 2011-11-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2013-04-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2019-12-07 12:06 - 2019-12-07 12:05 - 048920064 _____ () [File not signed] C:\Program Files\AVG\UiDll\2623\libcef.dll
2018-01-30 18:26 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-30 18:26 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-04-10 22:19 - 2019-02-23 07:21 - 000059904 _____ () [File not signed] C:\Program Files\Recorder Devices for ShareX\screen-capture-recorder.dll
2018-03-15 14:58 - 2015-02-27 13:38 - 000214528 _____ () [File not signed] C:\Windows\System32\WSCM32.dll
2016-02-04 10:25 - 2009-08-21 02:49 - 000028672 _____ (afa) [File not signed] C:\Windows\System32\AF15BDAEX.dll
2016-02-25 17:12 - 2008-09-05 14:04 - 000155648 _____ (arcsoft) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\uEpg.dll
2019-09-19 14:08 - 2015-01-09 08:46 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2019-09-19 14:08 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-11-13 18:22 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJPLM\CNMPU.DLL
2018-11-13 19:33 - 2015-03-17 07:50 - 000380928 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMNPPM.DLL
2009-05-21 22:13 - 2009-05-21 22:13 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] i:\program files\hp\digital imaging\bin\hpqddsvc.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-06-15 21:27 - 2011-06-15 21:27 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\ucrtbase.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\VCRUNTIME140.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\imageformats\qgif.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\imageformats\qico.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\platforms\qwindows.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 004679168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Core.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 005026816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Gui.dll
2020-01-03 15:18 - 2019-09-10 16:19 - 004480512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5Widgets.dll
2020-01-03 15:18 - 2019-12-10 12:28 - 000229888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\EaseUS\EaseUS Tools M\bin\Qt5WinExtras.dll
2018-01-30 18:26 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE [128]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (2).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\spcsite.exe:SmartScreen [7]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:04 - 2019-01-22 18:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\ArcSoft\Bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Acronis\SnapAPI\;C:\Program Files\Windows Live\Shared;C:\Program Files\Common Files\HP\Digital Imaging\bin;I:\Program Files\HP\Digital Imaging\bin\;I:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\QuickTime\QTSystem\
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.120.116.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.5.lnk => C:\Windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.5.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start OpdiTracker.lnk => C:\Windows\pss\Start OpdiTracker.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Handy Address Book.LNK => C:\Windows\pss\Handy Address Book.LNK.Startup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 7\ashsnap.exe
MSCONFIG\startupreg: AutoPowerOn => I:\DOWNLOADS\AutoPowerOn\WinScheduler.exe
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Copernic Desktop Search - Home => "I:\Program Files\Copernic Search\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
MSCONFIG\startupreg: facemoods => "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Google Update => "C:\Users\Roger\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => I:\Program Files\SuperAntiSpyware\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files\VMware\VMware Player\hqtray.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FFEA91E9-B20E-48DD-8E76-F7DBE9430B9E}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{141187BE-D94B-4C43-B7AE-EE9F24464819}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{54F7D0AD-CB8C-4B32-80A6-AFA2EEA4ADD9}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50371EF4-F689-4AAC-A73B-8081F20528D7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFA23E1B-A3F6-4F03-AB94-FB34AF8C887E}] => (Allow) LPort=2869
FirewallRules: [{5CCD0CF8-ABB1-45B6-835C-A7BF1CE8AECF}] => (Allow) LPort=1900
FirewallRules: [{B8BF07A1-09E5-4F43-BF7B-3C7718E1DE62}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9152EF9E-0D00-448C-A6F5-6C5F3DD01930}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{5B2873C0-88A2-4643-856B-14741072CB51}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{BA9A6B2D-4F20-4782-A50C-F1330A25DC75}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{24458EFC-4EF6-41AE-9086-621B9D7AEDA3}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{5F85CEB2-5EA6-45DB-BBEF-1C8540C76F3A}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B60F198D-860B-4A95-92BA-A6627A8582E7}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{3ED6A11A-A2B2-4358-8137-29BF41821D6A}] => (Allow) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{B13A82F3-2677-45F8-99A5-75319A18D0E6}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{7684FF4F-F9FD-4A4B-825F-E6CD1F93D4B7}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9D86B58E-D03A-4F5C-9486-DF7B4FBDF861}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{5C280F13-610A-4809-84EF-87F5221A8CE8}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A30CDE31-7D17-4B6C-B657-96992B61DDF0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E45D0EB-C711-4D20-A804-39DECD7D2ACD}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A37E4DD-D314-405F-BD87-631C8613FEB2}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F678E021-A9AB-461F-9049-3E195DC46718}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F26A2BE-A50C-4527-979F-F9BA3FB86FE1}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8F610C7D-60CF-42B4-9179-09D7FB476C35}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1BBCF758-EBF8-442E-9DA7-9CE66784BBB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FC97A9E-FDBB-4204-941A-86166D0D242D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D7645BF1-8DF1-44AC-807D-10C03FF4FFF6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C53DCF4D-7BCB-4E27-BD46-28776C24BF7A}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{94D5D2F1-5B08-4F25-9023-784E7C9927A8}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2E4F5C3C-265F-4247-9194-2CCB69B75808}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{667F3FE4-C427-4BAE-84BC-038C85FF0B64}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{ABA7BABC-FD06-4C41-9249-BF6CC6A4525D}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{30BDFDE9-7B05-4F4A-BD4E-1800BD8FA0DC}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{BCFD1AAC-3654-42F7-8180-24E4F2FD8664}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8AF51F6A-7D12-40C8-A6C9-3FC604EAD0B6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{DF21C5B4-58E0-4864-A22B-5FB55B398786}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{8F2B5175-B318-4BD5-967C-F881C4FC1EE4}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{E2BCB33E-B67C-43D7-B1D3-88EEF67BDA40}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D2C46A53-F14E-48DC-9ACC-1AFEAC27B038}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0EA70D0-E80E-474C-ABAC-32BB49072E9C}] => (Allow) I:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{1FDCC6D6-A42A-4644-9E87-C72B8FD9837E}] => (Allow) I:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{CD90CBBE-A825-45B4-A7C1-2FE59DE1CFAE}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [UDP Query User{B7F9164C-F90C-4C9A-BE20-7F69C4E3D7EB}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{BB33342F-E6C4-4240-AD65-669F2B9F4C68}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{97734015-6DC1-45E3-982B-26818850EB0E}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{2323AADA-6661-41E2-8B1B-0DFDDC85F75E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A78F2304-C303-4E6A-A1D4-B486D8AF574D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1007D23F-93CC-4397-8299-AC6FCF6E3248}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{382FA993-4333-45C6-814A-C57E7366D187}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{BAA4DE0F-1AC8-4539-AA21-AD228D520867}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{531792CB-5EF2-4AD6-B4AC-7961E7BB691A}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{44061AC5-AA23-4FB0-AF06-BFF1730CBE52}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F3CFFB94-FBEE-411D-8EBE-D838E80EDA22}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B7C9594-501B-47DD-9893-656784DAD9D2}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{50F201FC-2D01-4DAA-A886-6727B34AED4C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59E25DBD-367D-4CD9-A0C3-1D6CE429CAF3}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{716D84A6-D986-4D1D-B1D8-3C254BF9E742}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
 
==================== Restore Points =========================
 
27-08-2020 16:20:13 Removed LastPass
27-08-2020 16:27:26 Removed LastPass
27-08-2020 17:43:22 Removed LastPass
27-08-2020 17:45:15 Removed LastPass
27-08-2020 17:48:52 Removed LastPass
09-09-2020 16:39:09 Windows Update
09-09-2020 17:11:04 Removed e-tax 2011
 
==================== Faulty Device Manager Devices ============
 
Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/09/2020 04:11:20 PM) (Source: MsiInstaller) (EventID: 11722) (User: NT AUTHORITY)
Description: Product: AVG PC TuneUp -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action RunWrapExe, location: C:\Windows\TEMP\~_tmpdir\AVGPCTuneupMigration.exe, command:
 
Error: (09/09/2020 12:07:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9750
 
Error: (09/09/2020 12:07:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9750
 
Error: (09/09/2020 12:07:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/09/2020 12:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7644
 
Error: (09/09/2020 12:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7644
 
Error: (09/09/2020 12:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/09/2020 12:07:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2995
 
 
System errors:
=============
Error: (09/09/2020 05:05:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ssnfd
 
Error: (09/09/2020 05:04:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VMware Agent Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/09/2020 05:04:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VMware Agent Service service to connect.
 
Error: (09/09/2020 05:04:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/09/2020 05:03:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Bluetooth Device (RFCOMM Protocol TDI) service failed to start due to the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (09/09/2020 04:29:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ssnfd
 
Error: (09/09/2020 04:29:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VMware Authorization Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/09/2020 04:29:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VMware Authorization Service service to connect.
 
 
CodeIntegrity:
===================================
 
Date: 2015-11-13 13:58:37.218
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:37.140
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:37.062
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:36.969
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2015-11-13 13:58:34.691
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 0502 08/20/2008
Motherboard: ASUSTeK Computer INC. P5Q SE
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 89%
Total physical RAM: 3327.05 MB
Available physical RAM: 363.05 MB
Total Virtual: 6652.48 MB
Available Virtual: 3259.72 MB
 
==================== Drives ================================
 
Drive c: (Windows 7) (Fixed) (Total:931.41 GB) (Free:709.67 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Spare 500Gb Disk) (Fixed) (Total:465.76 GB) (Free:258.2 GB) NTFS
Drive f: (Video Files) (Fixed) (Total:324.49 GB) (Free:237.67 GB) NTFS
Drive i: (Data I) (Fixed) (Total:607.03 GB) (Free:409.62 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 69205244)
Partition 1: (Active) - (Size=607 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=324.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A08FA08F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 6E697373)
No partition Table on disk 2.
 
==================== End of Addition.txt =======================

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

The Service Repair program appears to have worked. 

 

Uninstall:

Ashampoo WinOptimizer

AVG PC TuneUp

AVS Registry Cleaner 4.1.5

Bonjour

EaseUS Tools M Beta 0.6.1
e-tax 2011 (Doubt you still need these 4)
e-tax 2012
e-tax 2013
e-tax 2015

FLV Player

FLV Player 2.0 (build 25)

HiJackThis

HP Customer Participation Program 13.0

Java 8 Update 191

McAfee Security Scan Plus

McAfee SiteAdvisor

Microsoft Silverlight

Shop for HP Supplies

VMware Player

Next two are no longer supported.  Remove if not using:

Windows Live Essentials

Windows Live Sync

 

Do you really need two file backup programs?

FreeFileSync 6.0

Karen's Replicator -Make that 3.  You also have  Ashampoo Backup Pro 11

 

Are you using Dropbox? It is often installed as foistware but some people pay them to save files.  Remove if not using.

 

Do you use both the Canon and the HP printers?  If not uninstall the one you don't need.

 

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   29.36KB   183 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Multiple replies are OK.  Best to post a log as you get it.

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  


Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it.



 

 

 

 

 

 


  • 0

#5
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Hi Ron,

 

Thanks for your instructions.  Successfully uninstalled all in your list except for Ashampoo BackUp Pro, I couldn't find it! Also uninstalled all HP items.  Yes, I use the free Dropbox storage.

 

FRST and Fix .txt files pasted here, other times to follow:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-08-2020
Ran by Roger (administrator) on ASUSWIN7 (10-09-2020 16:38:40)
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
 
Fix result of Farbar Recovery Scan Tool (x86) Version: 29-08-2020
Ran by Roger (10-09-2020 16:17:12) Run:1
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Task: {08655404-22B9-41B6-86D4-970511E09F7B} - System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.259&LastError=404
Task: {17AC67E4-293E-4C78-BAD6-CC608EA648DF} - System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {24712E3A-6DD3-46F7-8614-A8F26CFBEE9B} - System32\Tasks\{E4604945-0C1D-4044-8048-72C82689A17A} => C:\Windows\system32\pcalua.exe -a C:\Users\Roger\AppData\Local\Temp\Temp1_spa-v1.0.0.1.zip\spa-v1.0.0.1.exe <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {41D7B4E7-84C5-4357-A95B-19AA94A23816} - System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.22.73.109.456/en/go/help.faq.installer?LastError=1618
Task: {466366D4-E832-48C8-A10A-7A0C3F53E18E} - System32\Tasks\{C95291DD-5623-4D68-8ABC-DA127FE40FF6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVG\AVG10\avgmfapx.exe" -d C:\Windows\system32 -c /AppMode=DOWNLOADMANAGER /SummerUpdate /PackageType=Free /ProductType=Free
Task: {4E7D70B3-AAF7-4C4D-9962-CEEDA955CAA0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {82090DEC-2A5B-4196-ABC3-CB50678CB7C4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {BCFA692A-3548-4F2C-8262-95AA24956894} - System32\Tasks\{18275A14-5BCE-45CE-AB72-69AFAE5EB945} => C:\Windows\system32\pcalua.exe -a H:\Setup.exe -d H:\
Task: {C3AA7C8C-4045-4D9D-B0ED-A7954CB763FD} - System32\Tasks\{86AC117D-F25A-4ADE-A95D-73AE2C88C14B} => C:\Windows\system32\pcalua.exe -a "I:\Program Files\Data Recovery Wizard\uninst.exe" -d "I:\Program Files\Data Recovery Wizard"
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {D7163909-EE65-4E55-92C0-99D9F415783D} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {EF82AFBE-C61C-4528-9973-749FD0E3BF36} - System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc. -> McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -  No File
URLSearchHook: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  No File
SearchScopes: HKLM -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> DefaultScope {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> {C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} URL = hxxps://duckduckgo.com/?q={searchTerms}&atb=v44-5__
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~2\WONDER~1\VIDEOC~1\WSBROW~1.DLL => No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
oolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor [2012-11-14] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [No File]
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1405662962&from=slbnew&uid=WDCXWD10EALS-00Z8A0_WD-WCATR084052140521","hxxp://www.google.com/"
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-11-13]
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx <not found>
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [95232 2012-10-23] (McAfee, Inc. -> McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc. -> McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [5228896 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [38752 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
C:\Windows\system32\Tasks\RealPlayer (32-bit)
2020-09-03 15:52 - 2017-12-01 15:07 - 000003680 _____ C:\Windows\system32\Tasks\Java Platform SE Auto Updater
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE [128]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller (2).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\LastPassInstaller.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Roger\Downloads\spcsite.exe:SmartScreen [7]
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: facemoods => "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => I:\Program Files\SuperAntiSpyware\SUPERANTISPYWARE.EXE
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe => No File
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files\VMware\VMware Player\hqtray.exe"
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44704 2010-10-04] (Acronis, Inc -> Acronis)
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
Task: {08655404-22B9-41B6-86D4-970511E09F7B} - System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.169.259&LastError=404
Task: {17AC67E4-293E-4C78-BAD6-CC608EA648DF} - System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {41D7B4E7-84C5-4357-A95B-19AA94A23816} - System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.22.73.109.456/en/go/help.faq.installer?LastError=1618
Task: {628D1309-5D6D-4D72-BF99-94C68AA1B6AB} - System32\Tasks\{F67A763C-4647-406A-B1BD-3E92E71A0249} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {EF82AFBE-C61C-4528-9973-749FD0E3BF36} - System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
C:\Program Files\Skype
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corporation -> Microsoft Corp.)
MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
 
 
 
 
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08655404-22B9-41B6-86D4-970511E09F7B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08655404-22B9-41B6-86D4-970511E09F7B}" => removed successfully.
C:\Windows\System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{656C8601-3EA1-4436-8712-E6A52A2E5CDD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17AC67E4-293E-4C78-BAD6-CC608EA648DF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17AC67E4-293E-4C78-BAD6-CC608EA648DF}" => removed successfully.
C:\Windows\System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8D0937C8-0E1D-413A-A349-71146F4ED07C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24712E3A-6DD3-46F7-8614-A8F26CFBEE9B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24712E3A-6DD3-46F7-8614-A8F26CFBEE9B}" => removed successfully.
C:\Windows\System32\Tasks\{E4604945-0C1D-4044-8048-72C82689A17A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E4604945-0C1D-4044-8048-72C82689A17A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41D7B4E7-84C5-4357-A95B-19AA94A23816}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41D7B4E7-84C5-4357-A95B-19AA94A23816}" => removed successfully.
C:\Windows\System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8780AC34-0804-4993-8E69-7AD28AAA6263}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{466366D4-E832-48C8-A10A-7A0C3F53E18E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466366D4-E832-48C8-A10A-7A0C3F53E18E}" => removed successfully.
C:\Windows\System32\Tasks\{C95291DD-5623-4D68-8ABC-DA127FE40FF6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C95291DD-5623-4D68-8ABC-DA127FE40FF6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E7D70B3-AAF7-4C4D-9962-CEEDA955CAA0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E7D70B3-AAF7-4C4D-9962-CEEDA955CAA0}" => removed successfully.
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82090DEC-2A5B-4196-ABC3-CB50678CB7C4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82090DEC-2A5B-4196-ABC3-CB50678CB7C4}" => removed successfully.
C:\Windows\System32\Tasks\Java Platform SE Auto Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Platform SE Auto Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCFA692A-3548-4F2C-8262-95AA24956894}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCFA692A-3548-4F2C-8262-95AA24956894}" => removed successfully.
C:\Windows\System32\Tasks\{18275A14-5BCE-45CE-AB72-69AFAE5EB945} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{18275A14-5BCE-45CE-AB72-69AFAE5EB945}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3AA7C8C-4045-4D9D-B0ED-A7954CB763FD}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3AA7C8C-4045-4D9D-B0ED-A7954CB763FD}" => removed successfully.
C:\Windows\System32\Tasks\{86AC117D-F25A-4ADE-A95D-73AE2C88C14B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{86AC117D-F25A-4ADE-A95D-73AE2C88C14B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7163909-EE65-4E55-92C0-99D9F415783D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7163909-EE65-4E55-92C0-99D9F415783D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayer (32-bit) " => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF82AFBE-C61C-4528-9973-749FD0E3BF36}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF82AFBE-C61C-4528-9973-749FD0E3BF36}" => removed successfully.
C:\Windows\System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{621C6829-BD92-4EDF-A269-B203FFC1501F}" => removed successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft..../?LinkId=69157"=> value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"=> value restored successfully
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\" => not found
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}" => removed successfully.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => removed successfully.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => removed successfully.
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0DD896C-FCCD-4C24-A298-BF5298D0A1ED} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => removed successfully.
HKLM\Software\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF} => removed successfully.
HKLM\Software\Classes\CLSID\{451C804F-C205-4F03-B48E-537EC94937BF} => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" => not found
oolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4A1C6093-14F9-44D7-860E-5D265CFCA9D9}" => removed successfully.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}" => removed successfully.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => removed successfully.
HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => removed successfully.
"HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{124D001A-BDCB-472F-AA59-BBE7E4BC3204}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => removed successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => removed successfully.
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => not found
HKLM\Software\Classes\PROTOCOLS\Handler\linkscanner => removed successfully.
HKLM\Software\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => removed successfully.
HKLM\Software\Classes\PROTOCOLS\Handler\livecall => not found
HKLM\Software\Classes\PROTOCOLS\Handler\msnim => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => removed successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\"Default"="C:\Program Files\Internet Explorer\iexplore.exe" => value restored successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => not found
"C:\Program Files\McAfee\SiteAdvisor" => not found
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle America, Inc." => not found
"C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll" => not found
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle America, Inc." => not found
"C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll" => not found
"HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin -> C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc." => not found
"C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll" => not found
"HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation" => not found
"c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll" => not found
HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.91 => not found
"Chrome StartupUrls" => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => not found
"C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx" => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk => removed successfully.
McAfee SiteAdvisor Service => service not found.
McComponentHostService => service not found.
TuneUp.UtilitiesSvc => service not found.
UxTuneUp => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\UxTuneUp => removed successfully.
UxTuneUp => service removed successfully.
HKLM\System\CurrentControlSet\Services\dbx => removed successfully.
dbx => service removed successfully.
HKLM\System\CurrentControlSet\Services\ssnfd => removed successfully.
ssnfd => service removed successfully.
"C:\Windows\system32\Tasks\RealPlayer (32-bit)" => not found
"C:\Windows\system32\Tasks\Java Platform SE Auto Updater" => not found
C:\ProgramData\TEMP => ":8CE646EE" ADS removed successfully.
C:\Users\Roger\Downloads\LastPassInstaller (1).exe => ":SmartScreen" ADS removed successfully.
C:\Users\Roger\Downloads\LastPassInstaller (2).exe => ":SmartScreen" ADS removed successfully.
C:\Users\Roger\Downloads\LastPassInstaller.exe => ":SmartScreen" ADS removed successfully.
C:\Users\Roger\Downloads\spcsite.exe => ":SmartScreen" ADS removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => removed successfully.
C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TrueImageMonitor.exe => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMP-Out-TCP-x86" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMP-Out-UDP-x86" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMP-In-UDP-x86" => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VMware hqtray => removed successfully.
tifsfilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\tifsfilter => removed successfully.
tifsfilter => service removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acronis Scheduler2 Service => removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SAOB Monitor => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08655404-22B9-41B6-86D4-970511E09F7B} => not found
"C:\Windows\System32\Tasks\{656C8601-3EA1-4436-8712-E6A52A2E5CDD}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{656C8601-3EA1-4436-8712-E6A52A2E5CDD} => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17AC67E4-293E-4C78-BAD6-CC608EA648DF} => not found
"C:\Windows\System32\Tasks\{8D0937C8-0E1D-413A-A349-71146F4ED07C}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8D0937C8-0E1D-413A-A349-71146F4ED07C} => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41D7B4E7-84C5-4357-A95B-19AA94A23816} => not found
"C:\Windows\System32\Tasks\{8780AC34-0804-4993-8E69-7AD28AAA6263}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8780AC34-0804-4993-8E69-7AD28AAA6263} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{628D1309-5D6D-4D72-BF99-94C68AA1B6AB}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{628D1309-5D6D-4D72-BF99-94C68AA1B6AB}" => removed successfully.
C:\Windows\System32\Tasks\{F67A763C-4647-406A-B1BD-3E92E71A0249} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F67A763C-4647-406A-B1BD-3E92E71A0249}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF82AFBE-C61C-4528-9973-749FD0E3BF36} => not found
"C:\Windows\System32\Tasks\{621C6829-BD92-4EDF-A269-B203FFC1501F}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{621C6829-BD92-4EDF-A269-B203FFC1501F} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => removed successfully.
HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => removed successfully.
HKLM\Software\Classes\PROTOCOLS\Handler\skype-ie-addon-data => removed successfully.
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => removed successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
C:\Program Files\Skype => moved successfully
BingDesktopUpdate => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\BingDesktopUpdate => removed successfully.
BingDesktopUpdate => service removed successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BingDesktop => removed successfully.
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 1% complete.Verification 2% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 6% complete.Verification 7% complete.Verification 8% complete.Verification 9% complete.Verification 9% complete.Verification 10% complete.Verification 11% complete.Verification 12% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 16% complete.Verification 17% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 21% complete.Verification 22% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 26% complete.Verification 27% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 31% complete.Verification 32% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 36% complete.Verification 37% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 41% complete.Verification 42% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 46% complete.Verification 47% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 51% complete.Verification 52% complete.Verification 53% complete.Verification 54% complete.Verification 54% complete.Verification 55% complete.Verification 56% complete.Verification 57% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 61% complete.Verification 62% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 66% complete.Verification 67% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 71% complete.Verification 72% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 76% complete.Verification 77% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 81% complete.Verification 82% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 86% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 90% complete.Verification 91% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 95% complete.Verification 96% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 100% complete.
 
 
Windows Resource Protection did not find any integrity violations.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2020-09-10 16:20:41, Info                  CSI    00000009 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:20:41, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-09-10 16:20:49, Info                  CSI    0000000c [SR] Verify complete
2020-09-10 16:20:50, Info                  CSI    0000000d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:20:50, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-09-10 16:20:55, Info                  CSI    00000010 [SR] Verify complete
2020-09-10 16:20:57, Info                  CSI    00000011 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:20:57, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:08, Info                  CSI    00000014 [SR] Verify complete
2020-09-10 16:21:12, Info                  CSI    00000015 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:12, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:16, Info                  CSI    00000018 [SR] Verify complete
2020-09-10 16:21:17, Info                  CSI    00000019 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:17, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:18, Info                  CSI    0000001c [SR] Verify complete
2020-09-10 16:21:22, Info                  CSI    0000001d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:22, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:25, Info                  CSI    00000020 [SR] Verify complete
2020-09-10 16:21:29, Info                  CSI    00000021 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:29, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:34, Info                  CSI    00000024 [SR] Verify complete
2020-09-10 16:21:38, Info                  CSI    00000025 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:38, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:41, Info                  CSI    00000028 [SR] Verify complete
2020-09-10 16:21:44, Info                  CSI    00000029 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:44, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:46, Info                  CSI    0000002c [SR] Verify complete
2020-09-10 16:21:49, Info                  CSI    0000002d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:49, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:52, Info                  CSI    00000030 [SR] Verify complete
2020-09-10 16:21:55, Info                  CSI    00000031 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:21:55, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-09-10 16:21:58, Info                  CSI    00000034 [SR] Verify complete
2020-09-10 16:22:01, Info                  CSI    00000035 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:01, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:05, Info                  CSI    00000038 [SR] Verify complete
2020-09-10 16:22:08, Info                  CSI    00000039 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:08, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:10, Info                  CSI    0000003c [SR] Verify complete
2020-09-10 16:22:14, Info                  CSI    0000003d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:14, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:17, Info                  CSI    00000040 [SR] Verify complete
2020-09-10 16:22:22, Info                  CSI    00000041 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:22, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:26, Info                  CSI    00000044 [SR] Verify complete
2020-09-10 16:22:32, Info                  CSI    00000045 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:32, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:38, Info                  CSI    00000048 [SR] Verify complete
2020-09-10 16:22:44, Info                  CSI    00000049 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:44, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:48, Info                  CSI    0000004c [SR] Verify complete
2020-09-10 16:22:51, Info                  CSI    0000004d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:51, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:53, Info                  CSI    00000050 [SR] Verify complete
2020-09-10 16:22:56, Info                  CSI    00000051 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:22:56, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-09-10 16:22:58, Info                  CSI    00000054 [SR] Verify complete
2020-09-10 16:23:00, Info                  CSI    00000055 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:00, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:02, Info                  CSI    00000058 [SR] Verify complete
2020-09-10 16:23:04, Info                  CSI    00000059 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:04, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:06, Info                  CSI    0000005c [SR] Verify complete
2020-09-10 16:23:09, Info                  CSI    0000005d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:09, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:10, Info                  CSI    00000060 [SR] Verify complete
2020-09-10 16:23:13, Info                  CSI    00000061 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:13, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:15, Info                  CSI    00000064 [SR] Verify complete
2020-09-10 16:23:18, Info                  CSI    00000065 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:18, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:21, Info                  CSI    00000068 [SR] Verify complete
2020-09-10 16:23:23, Info                  CSI    00000069 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:23, Info                  CSI    0000006a [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:25, Info                  CSI    0000006c [SR] Verify complete
2020-09-10 16:23:27, Info                  CSI    0000006d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:27, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:30, Info                  CSI    00000070 [SR] Verify complete
2020-09-10 16:23:32, Info                  CSI    00000071 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:32, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:34, Info                  CSI    00000074 [SR] Verify complete
2020-09-10 16:23:36, Info                  CSI    00000075 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:36, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:39, Info                  CSI    00000078 [SR] Verify complete
2020-09-10 16:23:41, Info                  CSI    00000079 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:41, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:43, Info                  CSI    0000007c [SR] Verify complete
2020-09-10 16:23:45, Info                  CSI    0000007d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:45, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:47, Info                  CSI    00000080 [SR] Verify complete
2020-09-10 16:23:49, Info                  CSI    00000081 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:49, Info                  CSI    00000082 [SR] Beginning Verify and Repair transaction
2020-09-10 16:23:56, Info                  CSI    00000084 [SR] Verify complete
2020-09-10 16:23:59, Info                  CSI    00000085 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:23:59, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:03, Info                  CSI    00000088 [SR] Verify complete
2020-09-10 16:24:06, Info                  CSI    00000089 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:06, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:08, Info                  CSI    0000008c [SR] Verify complete
2020-09-10 16:24:09, Info                  CSI    0000008d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:09, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:13, Info                  CSI    00000090 [SR] Verify complete
2020-09-10 16:24:15, Info                  CSI    00000091 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:15, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:17, Info                  CSI    00000094 [SR] Verify complete
2020-09-10 16:24:18, Info                  CSI    00000095 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:18, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:20, Info                  CSI    00000098 [SR] Verify complete
2020-09-10 16:24:22, Info                  CSI    00000099 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:22, Info                  CSI    0000009a [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:26, Info                  CSI    0000009c [SR] Verify complete
2020-09-10 16:24:28, Info                  CSI    0000009d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:28, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:30, Info                  CSI    000000a0 [SR] Verify complete
2020-09-10 16:24:31, Info                  CSI    000000a1 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:31, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:33, Info                  CSI    000000a4 [SR] Verify complete
2020-09-10 16:24:35, Info                  CSI    000000a5 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:35, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:40, Info                  CSI    000000a8 [SR] Verify complete
2020-09-10 16:24:41, Info                  CSI    000000a9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:41, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:43, Info                  CSI    000000ac [SR] Verify complete
2020-09-10 16:24:45, Info                  CSI    000000ad [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:45, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:46, Info                  CSI    000000b0 [SR] Verify complete
2020-09-10 16:24:48, Info                  CSI    000000b1 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:48, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:51, Info                  CSI    000000b4 [SR] Verify complete
2020-09-10 16:24:53, Info                  CSI    000000b5 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:53, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2020-09-10 16:24:56, Info                  CSI    000000b8 [SR] Verify complete
2020-09-10 16:24:57, Info                  CSI    000000b9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:24:57, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:01, Info                  CSI    000000bc [SR] Verify complete
2020-09-10 16:25:03, Info                  CSI    000000bd [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:03, Info                  CSI    000000be [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:15, Info                  CSI    000000c0 [SR] Verify complete
2020-09-10 16:25:16, Info                  CSI    000000c1 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:16, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:26, Info                  CSI    000000c4 [SR] Verify complete
2020-09-10 16:25:27, Info                  CSI    000000c5 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:27, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:37, Info                  CSI    000000c8 [SR] Verify complete
2020-09-10 16:25:38, Info                  CSI    000000c9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:38, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:45, Info                  CSI    000000cc [SR] Verify complete
2020-09-10 16:25:46, Info                  CSI    000000cd [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:46, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2020-09-10 16:25:57, Info                  CSI    000000d2 [SR] Verify complete
2020-09-10 16:25:58, Info                  CSI    000000d3 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:25:58, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2020-09-10 16:26:05, Info                  CSI    000000d9 [SR] Verify complete
2020-09-10 16:26:06, Info                  CSI    000000da [SR] Verifying 100 (0x00000064) components
2020-09-10 16:26:06, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2020-09-10 16:26:13, Info                  CSI    000000de [SR] Verify complete
2020-09-10 16:26:14, Info                  CSI    000000e1 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:26:14, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2020-09-10 16:26:23, Info                  CSI    000000e6 [SR] Verify complete
2020-09-10 16:26:23, Info                  CSI    000000e7 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:26:23, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2020-09-10 16:26:33, Info                  CSI    000000f2 [SR] Verify complete
2020-09-10 16:26:36, Info                  CSI    000000f3 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:26:36, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2020-09-10 16:26:49, Info                  CSI    000000f8 [SR] Verify complete
2020-09-10 16:26:50, Info                  CSI    000000f9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:26:50, Info                  CSI    000000fa [SR] Beginning Verify and Repair transaction
2020-09-10 16:27:05, Info                  CSI    000000fc [SR] Verify complete
2020-09-10 16:27:09, Info                  CSI    000000fd [SR] Verifying 100 (0x00000064) components
2020-09-10 16:27:09, Info                  CSI    000000fe [SR] Beginning Verify and Repair transaction
2020-09-10 16:27:23, Info                  CSI    00000100 [SR] Verify complete
2020-09-10 16:27:24, Info                  CSI    00000101 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:27:24, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2020-09-10 16:27:36, Info                  CSI    00000104 [SR] Verify complete
2020-09-10 16:27:37, Info                  CSI    00000105 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:27:37, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2020-09-10 16:27:55, Info                  CSI    00000108 [SR] Verify complete
2020-09-10 16:27:56, Info                  CSI    00000109 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:27:56, Info                  CSI    0000010a [SR] Beginning Verify and Repair transaction
2020-09-10 16:28:07, Info                  CSI    0000010c [SR] Verify complete
2020-09-10 16:28:08, Info                  CSI    0000010d [SR] Verifying 100 (0x00000064) components
2020-09-10 16:28:08, Info                  CSI    0000010e [SR] Beginning Verify and Repair transaction
2020-09-10 16:28:31, Info                  CSI    00000112 [SR] Verify complete
2020-09-10 16:28:31, Info                  CSI    00000113 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:28:31, Info                  CSI    00000114 [SR] Beginning Verify and Repair transaction
2020-09-10 16:28:41, Info                  CSI    00000116 [SR] Verify complete
2020-09-10 16:28:42, Info                  CSI    00000117 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:28:42, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2020-09-10 16:28:56, Info                  CSI    0000011a [SR] Verify complete
2020-09-10 16:28:57, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:28:57, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:07, Info                  CSI    0000011e [SR] Verify complete
2020-09-10 16:29:07, Info                  CSI    0000011f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:07, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:10, Info                  CSI    00000122 [SR] Verify complete
2020-09-10 16:29:10, Info                  CSI    00000123 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:10, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:12, Info                  CSI    00000126 [SR] Verify complete
2020-09-10 16:29:13, Info                  CSI    00000127 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:13, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:21, Info                  CSI    0000012d [SR] Verify complete
2020-09-10 16:29:22, Info                  CSI    0000012e [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:22, Info                  CSI    0000012f [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:30, Info                  CSI    0000014a [SR] Verify complete
2020-09-10 16:29:31, Info                  CSI    0000014b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:31, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:35, Info                  CSI    0000014e [SR] Verify complete
2020-09-10 16:29:35, Info                  CSI    0000014f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:35, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:40, Info                  CSI    00000152 [SR] Verify complete
2020-09-10 16:29:41, Info                  CSI    00000153 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:41, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:45, Info                  CSI    00000156 [SR] Verify complete
2020-09-10 16:29:46, Info                  CSI    00000157 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:46, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2020-09-10 16:29:57, Info                  CSI    0000015a [SR] Verify complete
2020-09-10 16:29:59, Info                  CSI    0000015b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:29:59, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:10, Info                  CSI    0000015f [SR] Verify complete
2020-09-10 16:30:11, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:11, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:14, Info                  CSI    00000163 [SR] Verify complete
2020-09-10 16:30:14, Info                  CSI    00000164 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:14, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:18, Info                  CSI    00000167 [SR] Verify complete
2020-09-10 16:30:19, Info                  CSI    00000168 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:19, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:29, Info                  CSI    0000016b [SR] Verify complete
2020-09-10 16:30:29, Info                  CSI    0000016c [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:29, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:38, Info                  CSI    0000016f [SR] Verify complete
2020-09-10 16:30:38, Info                  CSI    00000170 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:38, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:46, Info                  CSI    00000173 [SR] Verify complete
2020-09-10 16:30:47, Info                  CSI    00000174 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:30:47, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2020-09-10 16:30:59, Info                  CSI    00000191 [SR] Verify complete
2020-09-10 16:31:00, Info                  CSI    00000192 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:31:00, Info                  CSI    00000193 [SR] Beginning Verify and Repair transaction
2020-09-10 16:31:08, Info                  CSI    0000019f [SR] Verify complete
2020-09-10 16:31:09, Info                  CSI    000001a0 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:31:09, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2020-09-10 16:31:28, Info                  CSI    000001a3 [SR] Verify complete
2020-09-10 16:31:29, Info                  CSI    000001a4 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:31:29, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2020-09-10 16:31:37, Info                  CSI    000001a7 [SR] Verify complete
2020-09-10 16:31:38, Info                  CSI    000001a8 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:31:38, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2020-09-10 16:31:57, Info                  CSI    000001ac [SR] Verify complete
2020-09-10 16:31:58, Info                  CSI    000001ad [SR] Verifying 100 (0x00000064) components
2020-09-10 16:31:58, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:08, Info                  CSI    000001b0 [SR] Verify complete
2020-09-10 16:32:09, Info                  CSI    000001b1 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:09, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:15, Info                  CSI    000001b4 [SR] Verify complete
2020-09-10 16:32:15, Info                  CSI    000001b5 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:15, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:22, Info                  CSI    000001b8 [SR] Verify complete
2020-09-10 16:32:23, Info                  CSI    000001b9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:23, Info                  CSI    000001ba [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:29, Info                  CSI    000001bd [SR] Verify complete
2020-09-10 16:32:29, Info                  CSI    000001be [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:29, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:43, Info                  CSI    000001c1 [SR] Verify complete
2020-09-10 16:32:44, Info                  CSI    000001c2 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:44, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2020-09-10 16:32:54, Info                  CSI    000001c5 [SR] Verify complete
2020-09-10 16:32:55, Info                  CSI    000001c6 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:32:55, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:03, Info                  CSI    000001ca [SR] Verify complete
2020-09-10 16:33:04, Info                  CSI    000001cb [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:04, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:11, Info                  CSI    000001ce [SR] Verify complete
2020-09-10 16:33:12, Info                  CSI    000001cf [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:12, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:20, Info                  CSI    000001d2 [SR] Verify complete
2020-09-10 16:33:21, Info                  CSI    000001d3 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:21, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:31, Info                  CSI    000001d7 [SR] Verify complete
2020-09-10 16:33:32, Info                  CSI    000001d8 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:32, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:38, Info                  CSI    000001db [SR] Verify complete
2020-09-10 16:33:39, Info                  CSI    000001dc [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:39, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:45, Info                  CSI    000001df [SR] Verify complete
2020-09-10 16:33:46, Info                  CSI    000001e0 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:46, Info                  CSI    000001e1 [SR] Beginning Verify and Repair transaction
2020-09-10 16:33:53, Info                  CSI    000001e4 [SR] Verify complete
2020-09-10 16:33:53, Info                  CSI    000001e5 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:33:53, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:01, Info                  CSI    000001e8 [SR] Verify complete
2020-09-10 16:34:02, Info                  CSI    000001e9 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:02, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:06, Info                  CSI    000001ed [SR] Verify complete
2020-09-10 16:34:06, Info                  CSI    000001ee [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:06, Info                  CSI    000001ef [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:14, Info                  CSI    000001f1 [SR] Verify complete
2020-09-10 16:34:15, Info                  CSI    000001f2 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:15, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:21, Info                  CSI    000001f6 [SR] Verify complete
2020-09-10 16:34:22, Info                  CSI    000001f7 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:22, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:29, Info                  CSI    000001fa [SR] Verify complete
2020-09-10 16:34:30, Info                  CSI    000001fb [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:30, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:37, Info                  CSI    000001fe [SR] Verify complete
2020-09-10 16:34:38, Info                  CSI    000001ff [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:38, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:46, Info                  CSI    00000202 [SR] Verify complete
2020-09-10 16:34:47, Info                  CSI    00000203 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:47, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:56, Info                  CSI    00000206 [SR] Verify complete
2020-09-10 16:34:56, Info                  CSI    00000207 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:34:56, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2020-09-10 16:34:59, Info                  CSI    0000020a [SR] Verify complete
2020-09-10 16:35:00, Info                  CSI    0000020b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:00, Info                  CSI    0000020c [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:06, Info                  CSI    0000020e [SR] Verify complete
2020-09-10 16:35:06, Info                  CSI    0000020f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:06, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:13, Info                  CSI    00000212 [SR] Verify complete
2020-09-10 16:35:14, Info                  CSI    00000213 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:14, Info                  CSI    00000214 [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:19, Info                  CSI    00000216 [SR] Verify complete
2020-09-10 16:35:20, Info                  CSI    00000217 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:20, Info                  CSI    00000218 [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:24, Info                  CSI    0000021a [SR] Verify complete
2020-09-10 16:35:24, Info                  CSI    0000021b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:24, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:30, Info                  CSI    0000021e [SR] Verify complete
2020-09-10 16:35:30, Info                  CSI    0000021f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:30, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2020-09-10 16:35:47, Info                  CSI    00000222 [SR] Verify complete
2020-09-10 16:35:48, Info                  CSI    00000223 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:35:48, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:10, Info                  CSI    00000226 [SR] Verify complete
2020-09-10 16:36:10, Info                  CSI    00000227 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:10, Info                  CSI    00000228 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:19, Info                  CSI    0000022a [SR] Verify complete
2020-09-10 16:36:19, Info                  CSI    0000022b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:19, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:24, Info                  CSI    0000022e [SR] Verify complete
2020-09-10 16:36:24, Info                  CSI    0000022f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:24, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:28, Info                  CSI    00000232 [SR] Verify complete
2020-09-10 16:36:29, Info                  CSI    00000233 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:29, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:33, Info                  CSI    00000236 [SR] Verify complete
2020-09-10 16:36:33, Info                  CSI    00000237 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:33, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:39, Info                  CSI    0000023a [SR] Verify complete
2020-09-10 16:36:40, Info                  CSI    0000023b [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:40, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:40, Info                  CSI    0000023e [SR] Verify complete
2020-09-10 16:36:41, Info                  CSI    0000023f [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:41, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:42, Info                  CSI    00000242 [SR] Verify complete
2020-09-10 16:36:43, Info                  CSI    00000243 [SR] Verifying 100 (0x00000064) components
2020-09-10 16:36:43, Info                  CSI    00000244 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:49, Info                  CSI    00000246 [SR] Verify complete
2020-09-10 16:36:50, Info                  CSI    00000247 [SR] Verifying 23 (0x00000017) components
2020-09-10 16:36:50, Info                  CSI    00000248 [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:51, Info                  CSI    0000024a [SR] Verify complete
2020-09-10 16:36:51, Info                  CSI    0000024b [SR] Repairing 0 components
2020-09-10 16:36:51, Info                  CSI    0000024c [SR] Beginning Verify and Repair transaction
2020-09-10 16:36:51, Info                  CSI    0000024e [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log ArcSoft-TotalMedia10FT-EventLog/Debug. The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled before performing the requested operation.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 16:38:10 ====

  • 0

#6
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Back again,  FRST.txt and Addition.txt after the Fix pasted below

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2020
Ran by Roger (administrator) on ASUSWIN7 (10-09-2020 16:53:41)
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Windows\System32\AFRCtl.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(AVG Technologies CZ, s.r.o. -> AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\Vpn.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(AVG Technologies USA, LLC -> The OpenVPN Project) C:\Program Files\AVG\Secure VPN\OpenVPN\openvpn.exe
(Beiley Software -> Beiley Software Inc.) C:\Program Files\Handy Address Book\habook.exe
(Beiley Software, Inc. -> Beiley Software Inc.) C:\Program Files\Remind-Me\RemindMe.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Canon Inc. -> ) C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\rpbgconverter.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AFRCtl] => C:\Windows\system32\AFRCtl.exe [94208 2009-11-18] () [File not signed]
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [7651840 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Ashampoo Backup PB] => "C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupClient-abpb.exe" --hidden
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [145544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [353064 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM\...\Run: [RealDownloader] => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [EaseUS FixTool] => "C:\Program Files\EaseUS\EaseUS Tools M\bin\UpdateExe.exe" autostart
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [264504 2020-05-20] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\Canon MG3200 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDB8.DLL [29184 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDCT.DLL [29184 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\W32X86\hpfpp70w.dll [315904 2009-04-20] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\W32X86\hpzppw71.dll [280064 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3200 series: C:\Windows\system32\CNMLMB8.DLL [314880 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [329728 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMNPPM.DLL [380928 2015-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [39936 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\Windows\system32\hpf3l70w.dll [123904 2009-04-20] (Hewlett-Packard Company) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2014-07-17] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2018-12-26]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-12-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2019-04-10]
ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2016-02-25]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Handy Address Book.lnk [2018-11-26]
ShortcutTarget: Handy Address Book.lnk -> C:\Program Files\Handy Address Book\habook.exe (Beiley Software -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2020-03-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemindMe.lnk [2020-09-05]
ShortcutTarget: RemindMe.lnk -> C:\Program Files\Remind-Me\RemindMe.exe (Beiley Software, Inc. -> Beiley Software Inc.)
Startup: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinCal.exe - Shortcut.lnk [2013-01-05]
ShortcutTarget: WinCal.exe - Shortcut.lnk -> C:\Program Files\Windows Calendar\Windows Calendar\WinCal.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0F6E12E3-4226-417A-A231-53393B08F929} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {170C7E52-0CB8-4349-BB7B-117CE0AA881A} - System32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2546E1CE-F973-4AF8-BBA4-0077818B38A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {26742495-0591-4860-923B-B85A1E34C04E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => c:\program files\real\RealDownloader\recordingmanager.exe [959784 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {280A4ED5-C61C-43AB-9BF1-688833FD45AA} - System32\Tasks\ArcSoft Connect => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
Task: {280C85C2-8484-411D-974C-DC74B31DFEAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {32DDA9B8-1A15-4D5D-A67B-F3FA4EC05BDE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3379336 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {331A22D7-8DEF-4DEB-8DCF-B22219DA1373} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {3A4EE802-316A-41AB-841F-694DB5D71FA0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\program files\real\RealDownloader\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5F49632E-DF83-4CBA-971E-6A56A3204572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {6824702A-3723-4A41-BF3F-06D2C5AB6CE7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}
Task: {6C764E46-C424-4A1E-82DD-FA3803122A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {79354257-799D-4945-84BC-D0C9A5431230} - System32\Tasks\AVG EUpdate Task => C:\Program Files\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {7A614177-6323-482B-B0DA-DBE2587D59D9} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1067384 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {819AB425-01A0-4D2B-9FFE-FB5C85BF9636} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {AFC6934B-C020-4201-BF83-5FF93C12F66B} - System32\Tasks\{ADFC604C-A639-463A-A9E4-7AFF6F2FEC97} => C:\Windows\system32\pcalua.exe -a "I:\DOWNLOADS\Officeworks Photobook\OfficeworksPhotobooks.exe" -d "I:\DOWNLOADS\Officeworks Photobook"
Task: {BA2E76E0-3D3D-42F5-8065-758A8A066D1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {D3A0C160-1CD9-41FD-A6B7-D1E3E2F0E013} - System32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {DC5AF3DC-7B6F-4E1A-AD7F-7BD52D193D39} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1441928 2020-03-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E05268D0-78FD-4EA2-9F6A-15CAF64DB704} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [135464 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E49C989F-E328-46F2-B389-F65D3A56B192} - System32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-12] (Google Inc -> Google Inc.)
Task: {E6C28341-1C15-49CA-AE24-B631664A87CE} - System32\Tasks\RealDownloader Update Check => c:\program files\real\RealDownloader\downloader2.exe [1263400 2019-02-20] (RealNetworks, Inc. -> )
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {FCBF0D38-0B46-45E5-92C2-D3218F29F709} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE0BCC74-33E8-4762-9D71-7FF40F44B491} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2E28A1D1-7DDB-4547-B6E4-64478D788640}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{92EFEF13-D0D7-471D-84B5-B8499FF31EE2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AD353DAA-B25B-4B5C-B251-01DED43CECF9}: [NameServer] 100.120.114.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.5,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.88.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.159.1,1]
 
Internet Explorer:
==================
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/?gws_rd=ssl
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2019-02-20] (RealNetworks, Inc. -> RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-10]
Edge HomePage: Default -> hxxps://www.google.com.au/?gws_rd=ssl
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Roger\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-09-10]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi => not found
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> I:\Program Files\Picasa\Picasa3\npPicasa3.dll [2014-06-06] (Google Inc -> Google, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin: @real.com/nppl3260;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=18.1.16.215 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2019-04-10] (RealNetworks, Inc. -> RealPlayer)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-18] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default [2020-09-10]
CHR Notifications: Default -> hxxps://book.qantas.com; hxxps://www.youtube.com
CHR Extension: (YouTube) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google Search) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (AVG AntiTrack) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncnfnokfcpgpflfikmgpncmleckjllf [2020-01-04]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-08-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-08]
CHR HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [328768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [963224 2020-08-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6954944 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [37384 2020-08-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [398784 2019-04-22] (Canon Inc. -> )
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\program files\real\UpdateService\RealPlayerUpdateSvc.exe [38032 2019-02-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [990856 2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 SecureVpn; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [6909048 2020-08-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Technologies CZ, s.r.o. -> AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [112560 2020-04-21] (Wondershare Technology Co.,Ltd -> Wondershare)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> ITETech)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (ArcSoft, Inc. -> Arcsoft, Inc.)
S3 APL531; C:\Windows\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1221632 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [175320 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [188552 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [154760 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [56456 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [40792 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [147768 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [374240 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2017-12-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [94248 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [72896 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [691120 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [393544 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [163368 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgTap; C:\Windows\System32\DRIVERS\avgTap.sys [49136 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [277008 2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2013-10-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [508632 2014-03-25] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [152400 2012-05-02] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\DRIVERS\btwavdt.sys [175144 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [33832 2011-09-18] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [18728 2012-03-06] (Broadcom Corporation -> Broadcom Corporation.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-04] () [File not signed]
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [48640 2009-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2011-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [154664 2009-05-12] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
R3 PKWCap; C:\Windows\System32\DRIVERS\PKWCap.sys [1056384 2007-03-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation -> Corel Corporation)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188520 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2011-05-17] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-19] (Sokno S.R.L. -> Almico Software)
R3 TotRec7; C:\Windows\System32\drivers\TotRec7.sys [131152 2010-04-12] (High Criteria Inc -> High Criteria inc.)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [91216 2010-04-12] (High Criteria Inc -> High Criteria inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation -> Microsoft Corporation)
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
Error(1) reading file: "C:\Windows\system32\Tasks\RealPlayer (32-bit) "
2029-01-01 00:02 - 2029-01-01 00:02 - 000000000 ____D C:\Users\Roger\AppData\Local\{A674C75E-E10E-4AD4-8C52-14C3C6C6B6DF}
2020-09-10 16:53 - 2020-09-10 16:56 - 000033660 _____ C:\Users\Roger\Desktop\FRST.txt
2020-09-10 16:53 - 2020-09-10 16:53 - 000000000 ____D C:\Users\Roger\Desktop\FRST-OlderVersion
2020-09-10 15:34 - 2020-09-10 15:34 - 000000020 _____ C:\Windows\ο
2020-09-10 14:43 - 2020-09-10 14:44 - 000000000 ____D C:\Users\Roger\AppData\Local\AvgSetupLog
2020-09-09 17:04 - 2020-09-10 16:41 - 000003328 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-09 12:18 - 2020-09-09 12:18 - 000000000 _____ C:\Users\Roger\AppData\Local\{3BF8C1D0-A3F8-418B-969F-093B886AA622}
2020-09-09 12:09 - 2020-09-09 12:09 - 000000000 ____D C:\Users\Roger\Downloads\ServicesRepair
2020-09-09 12:03 - 2020-09-09 12:04 - 003433903 _____ C:\Users\Roger\Downloads\ServicesRepair.zip
2020-09-08 15:34 - 2020-09-10 16:55 - 000000000 ____D C:\FRST
2020-09-08 10:40 - 2020-09-10 16:53 - 002013184 _____ (Farbar) C:\Users\Roger\Desktop\FRST.exe
2020-09-02 10:02 - 2020-09-10 16:41 - 000003194 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-08-27 17:24 - 2020-08-27 17:26 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (2).exe
2020-08-27 17:23 - 2020-08-27 17:25 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller (1).exe
2020-08-27 16:33 - 2020-08-27 16:33 - 000000000 ____D C:\Program Files (x86)
2020-08-25 11:19 - 2020-08-25 11:21 - 000000000 ____D C:\Users\Roger\AppData\Local\{E07BE30A-AED0-4C2C-96D8-F35DFAA8CBDE}
2020-08-20 17:19 - 2020-08-20 17:19 - 000010313 _____ C:\Users\Roger\Documents\amelie 1.xlsx
2020-08-19 15:41 - 2020-08-19 15:44 - 091460120 _____ (LogMeIn Inc.) C:\Users\Roger\Downloads\LastPassInstaller.exe
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
2020-08-15 11:54 - 2020-08-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-08-14 19:25 - 2020-08-13 12:06 - 000283272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-08-13 12:08 - 2020-08-14 19:26 - 000048496 _____ () C:\Windows\system32\Drivers\staport.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000163368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-08-13 12:07 - 2020-08-13 12:06 - 000147768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000037384 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-08-12 11:35 - 2020-08-12 11:35 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-10 16:54 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-10 16:54 - 2009-07-14 14:34 - 000026928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-10 16:49 - 2015-10-24 17:20 - 000000000 ____D C:\ProgramData\Avg
2020-09-10 16:46 - 2017-05-30 11:36 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-09-10 16:41 - 2009-07-14 14:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-09-10 16:40 - 2010-11-07 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-10 16:20 - 2010-11-07 13:12 - 000000000 ____D C:\Windows\pss
2020-09-10 16:09 - 2018-07-16 10:36 - 000524112 _____ C:\Windows\system32\FNTCACHE.DAT
2020-09-10 16:06 - 2010-10-03 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-09-10 16:05 - 2010-10-03 18:20 - 000000000 ____D C:\ProgramData\HP
2020-09-10 16:05 - 2009-07-14 12:37 - 000000000 ____D C:\Windows\inf
2020-09-10 15:53 - 2020-08-06 16:09 - 000003490 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-ASUSWIN7-Roger
2020-09-10 15:53 - 2020-03-24 18:26 - 000003368 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-10 15:53 - 2020-03-24 18:26 - 000003240 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-10 15:53 - 2019-05-01 19:45 - 000003354 _____ C:\Windows\system32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-10 15:53 - 2018-10-09 07:55 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-09-10 15:53 - 2017-12-01 15:07 - 000003738 _____ C:\Windows\system32\Tasks\ArcSoft Connect
2020-09-10 15:53 - 2016-07-05 08:35 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d1d6445fbdc9cd
2020-09-10 15:53 - 2016-07-05 08:35 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d1d6445df98459
2020-09-10 15:53 - 2016-04-08 11:44 - 000003900 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-09-10 15:53 - 2016-04-08 11:44 - 000003648 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-09-10 15:53 - 2015-06-28 16:37 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-10 15:53 - 2012-06-21 11:03 - 000003328 _____ C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-10 15:53 - 2012-06-21 11:03 - 000003194 _____ C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-3345017777-2939274015-3433995129-1001
2020-09-10 15:39 - 2010-11-15 20:57 - 000000000 ____D C:\ProgramData\McAfee
2020-09-10 15:36 - 2010-10-03 18:56 - 000000000 ____D C:\Program Files\Windows Live
2020-09-10 15:34 - 2011-11-22 17:40 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2020-09-10 15:30 - 2009-07-14 12:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-09-10 15:19 - 2010-10-03 18:27 - 000000000 ____D C:\Program Files\HP
2020-09-10 15:16 - 2011-03-02 15:40 - 000000000 ____D C:\ProgramData\VMware
2020-09-10 15:14 - 2011-03-02 15:44 - 000000000 ____D C:\Users\Roger\AppData\Roaming\VMware
2020-09-10 15:09 - 2010-10-04 09:57 - 000000000 ____D C:\Program Files\Java
2020-09-10 14:59 - 2014-07-18 15:55 - 000000000 ____D C:\Program Files\FLVM Player
2020-09-10 14:51 - 2020-04-23 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2020-09-10 14:51 - 2020-04-23 16:18 - 000000000 ____D C:\Program Files\AVS4YOU
2020-09-10 14:51 - 2015-10-20 14:01 - 000000000 ____D C:\Program Files\etax2015
2020-09-10 14:50 - 2013-07-11 18:11 - 000000000 ____D C:\Program Files\etax2013
2020-09-10 14:49 - 2012-07-06 22:31 - 000000000 ____D C:\Program Files\etax2012
2020-09-10 14:47 - 2011-07-19 17:02 - 000000000 ____D C:\Program Files\etax2011
2020-09-10 14:44 - 2010-10-03 18:18 - 000000000 ____D C:\Program Files\AVG
2020-09-10 14:40 - 2011-03-18 10:07 - 000000000 ____D C:\Program Files\Ashampoo
2020-09-10 14:40 - 2010-10-04 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-09-10 10:24 - 2020-01-03 15:18 - 000000000 ____D C:\Users\Roger\AppData\Roaming\epm
2020-09-09 16:58 - 2013-07-15 23:23 - 000000000 ____D C:\Windows\system32\MRT
2020-09-09 16:40 - 2010-10-04 12:07 - 126817144 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-09 16:35 - 2018-01-30 18:25 - 000000000 ____D C:\Program Files\Wondershare
2020-09-09 16:34 - 2018-01-30 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-09-09 16:05 - 2016-09-21 13:44 - 000003588 _____ C:\Windows\system32\Tasks\AVG EUpdate Task
2020-09-09 15:59 - 2010-10-02 07:49 - 000786658 _____ C:\Windows\system32\PerfStringBackup.INI
2020-09-09 12:13 - 2009-07-14 14:53 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-09-09 08:56 - 2013-05-03 17:06 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-08 15:31 - 2020-04-18 08:58 - 000000000 ____D C:\Users\Roger\Downloads\Viral videos
2020-09-08 15:30 - 2015-11-09 11:30 - 000000000 ____D C:\Users\Roger\Downloads\FileZilla
2020-09-08 14:24 - 2017-08-30 14:31 - 004036096 ___SH C:\Users\Roger\Desktop\Thumbs.db
2020-09-07 14:19 - 2020-07-01 19:24 - 000000000 ____D C:\Users\Roger\Documents\Wondershare Filmora
2020-09-07 14:18 - 2020-07-01 19:52 - 000002796 _____ C:\Users\Roger\Documents\starburn.txt
2020-09-07 14:18 - 2019-04-04 13:41 - 000000000 ____D C:\Users\Roger\AppData\Roaming\obs-studio
2020-09-06 20:20 - 2011-05-15 16:45 - 000000000 ____D C:\Users\Roger\AppData\Roaming\FileZilla
2020-09-06 20:19 - 2010-10-04 11:16 - 000001191 _____ C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2020-09-06 17:52 - 2013-02-01 21:01 - 000000000 ____D C:\Users\Roger\Documents\ConvertXToDVD
2020-09-06 17:50 - 2018-07-15 16:07 - 000000000 ____D C:\Users\Roger\AppData\Local\CrashDumps
2020-09-06 17:31 - 2010-10-04 11:16 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Vso
2020-09-02 10:25 - 2020-03-24 18:28 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-22 13:20 - 2015-12-20 15:18 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-15 11:55 - 2016-04-08 11:44 - 000000000 ____D C:\Program Files\Dropbox
2020-08-13 12:08 - 2017-05-30 11:36 - 000277008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-08-13 12:06 - 2020-04-10 16:51 - 000374240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-08-13 12:06 - 2019-01-27 16:37 - 000188552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-08-13 12:06 - 2019-01-27 16:36 - 000056456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-08-13 12:06 - 2019-01-27 16:35 - 000154760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-08-13 12:06 - 2018-10-21 12:46 - 000040792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-08-13 12:06 - 2017-11-28 14:51 - 000175320 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000691120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000393544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000094248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-08-13 12:06 - 2017-05-30 11:36 - 000072896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
 
==================== Files in the root of some directories ========
 
2016-08-27 10:06 - 2019-03-30 13:18 - 000363520 _____ () C:\Users\Roger\AppData\Roaming\albumworks Prefsv3
2011-02-21 21:19 - 2014-05-25 09:53 - 000000075 _____ () C:\Users\Roger\AppData\Roaming\AVSMediaPlayer.m3u
2016-08-01 11:37 - 2017-05-31 14:41 - 000087608 _____ () C:\Users\Roger\AppData\Roaming\inst.exe
2012-05-18 10:32 - 2016-04-26 20:08 - 000002048 _____ () C:\Users\Roger\AppData\Roaming\Officeworks Photobooks Prefs
2016-08-01 11:37 - 2017-05-31 14:41 - 000007887 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.cat
2016-08-01 11:37 - 2017-05-31 14:41 - 000001144 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.inf
2016-08-01 11:37 - 2017-05-31 14:41 - 000000055 _____ () C:\Users\Roger\AppData\Roaming\pcouffin.log
2016-08-01 11:37 - 2017-05-31 14:41 - 000047360 _____ (VSO Software) C:\Users\Roger\AppData\Roaming\pcouffin.sys
2010-10-04 11:16 - 2020-09-06 20:19 - 000001191 _____ () C:\Users\Roger\AppData\Roaming\vso_ts_preview.xml
2012-10-24 20:35 - 2016-12-13 13:21 - 000012800 _____ () C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-29 11:03 - 2011-01-29 11:03 - 000000093 _____ () C:\Users\Roger\AppData\Local\fusioncache.dat
2012-10-16 15:55 - 2012-10-16 15:55 - 000000017 _____ () C:\Users\Roger\AppData\Local\resmon.resmoncfg
2020-09-09 12:18 - 2020-09-09 12:18 - 000000000 _____ () C:\Users\Roger\AppData\Local\{3BF8C1D0-A3F8-418B-969F-093B886AA622}
2020-07-03 17:12 - 2020-07-03 17:12 - 000000000 _____ () C:\Users\Roger\AppData\Local\{77F8A647-26CF-4D65-B3B8-4952CA0B9481}
2020-08-15 20:27 - 2020-08-15 20:27 - 000000000 _____ () C:\Users\Roger\AppData\Local\{D4C5DC9D-3679-4739-AFB4-624A329C52B6}
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2016-02-20 07:04
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-09-2020
Ran by Roger (10-09-2020 16:59:49)
Running from C:\Users\Roger\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-10-01 21:47:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3345017777-2939274015-3433995129-500 - Administrator - Disabled)
Guest (S-1-5-21-3345017777-2939274015-3433995129-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3345017777-2939274015-3433995129-1002 - Limited - Enabled)
Roger (S-1-5-21-3345017777-2939274015-3433995129-1001 - Administrator - Enabled) => C:\Users\Roger
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 11 (HKLM\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
AIO_Scan (HKLM\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
albumworks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\albumworks) (Version: albumworks 2015.2.0 - albumworks)
Apple Application Support (32-bit) (HKLM\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7A575C48-96BC-4D2F-BD35-51AEF4B9BB0D}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version: 6.1.8.146 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM\...\{EE72C3F7-4B98-493E-9263-AECFADBC8184}) (Version: 3.5.35.318 - ArcSoft)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Movie Studio v.1.0.17 (HKLM\...\{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1) (Version: 1.0.17 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 4.0.3 (HKLM\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Recovery (HKLM\...\{BB339C1F-E203-2A07-CBAF-6329C61FE1CC}_is1) (Version: 1.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 4 (HKLM\...\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1) (Version: 4.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 7 v.7.0.10 (HKLM\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Assessment and Deployment Kit (HKLM\...\{fc46d1b2-9557-4c1f-baac-04af4d2db7e4}) (Version: 8.59.25584 - Microsoft Corporation)
AtomTime Pro 3.1a (HKLM\...\AtomTime Pro_is1) (Version: 3.1a - Naissan Innovations, LLC)
Auto Power-on & Shut-down 2.50 (HKLM\...\Auto Power-on & Shut-down_is1) (Version:  - LifSoft, Inc.)
AVG 2016 (HKLM\...\{D329E340-285C-43EA-9F89-E7524324656B}) (Version: 16.0.4533 - AVG Technologies) Hidden
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure VPN (HKLM\...\{078F51FA-D92F-419A-9E69-08BC59265F7E}_is1) (Version: 1.6.667 - AVG)
AVS Audio Converter 9.1.3 (HKLM\...\AVS Audio Converter_is1) (Version: 9.1.3.601 - Online Media Technologies Ltd.)
AVS Audio Editor 9.1.3 (HKLM\...\AVS Audio Editor_is1) (Version: 9.1.3.541 - Online Media Technologies Ltd.)
AVS Disc Creator 6.1.9 (HKLM\...\AVS Disc Creator_is1) (Version: 6.1.9.559 - Online Media Technologies Ltd.)
AVS Document Converter 4.2.4 (HKLM\...\AVS Document Converter_is1) (Version: 4.2.4.269 - Online Media Technologies Ltd.)
AVS Image Converter 5.2.4 (HKLM\...\AVS Image Converter_is1) (Version: 5.2.4.303 - Online Media Technologies Ltd.)
AVS Media Player 5.1.4 (HKLM\...\AVS Media Player_is1) (Version: 5.1.4.137 - Online Media Technologies Ltd.)
AVS Photo Editor 3.2.4 (HKLM\...\AVS Photo Editor_is1) (Version: 3.2.4.168 - Online Media Technologies Ltd.)
AVS Video Converter 12.0.3 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.3.654 - Online Media Technologies Ltd.)
AVS Video Editor 9.3.1 (HKLM\...\AVS Video Editor_is1) (Version: 9.3.1.354 - Online Media Technologies Ltd.)
AVS Video ReMaker 6.3.4 (HKLM\...\AVS Video ReMaker_is1) (Version: 6.3.4.238 - Online Media Technologies Ltd.)
AVS Video Tools 5.6 (HKLM\...\AVS Video Tools 5_is1) (Version:  - Online Media Technologies Ltd.)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 6.0.3 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Codec-TS SDK (HKLM\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version:  - ArcSoft)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CPUID CPU-Z 1.56 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
De-interlace SDK (HKLM\...\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}) (Version:  - ArcSoft)
DJ_AIO_Software (HKLM\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 104.4.175 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
DV STUDIO2 (HKLM\...\DvStudio2) (Version:  - )
Elements 11 Organizer (HKLM\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
FileZilla Client 3.48.1 (HKLM\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
GoldWave v5.70 (HKLM\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Handy Address Book (HKLM\...\Handy Address Book) (Version:  - Beiley Software)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
IR (HKLM\...\{6838CBD8-FA1B-43B3-90BD-8C327C4F0D2E}) (Version: 1.00.0000 - My Company Name)
IrfanView 4.51 (32-bit) (HKLM\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{A7272984-8320-42D2-9D2A-4CB36A3114D9}) (Version: 12.10.7.3 - Apple Inc.)
Kits Configuration Installer (HKLM\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Codec Pack 8.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.0.0 - )
Lukas Ara (HKLM\...\{E59C270C-1D8C-477E-843C-060F85AC1139}) (Version: 1.8.7 - Lukas)
marvell 61xx (HKLM\...\mv61xxDriver) (Version: 1.2.0.69 - Marvell)
MediaInfo 0.7.38 (HKLM\...\MediaInfo) (Version: 0.7.38 - MediaArea.net)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
MiVue Manager (HKLM\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.35.1 - Mio Technology Corporation)
Momento 5.6.1 (HKLM\...\Momento) (Version:  - )
Moyea FLV Editor Lite version: 1.1.1.846 (HKLM\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OBS Studio (HKLM\...\OBS Studio) (Version: 23.0.2 - OBS Project)
Officeworks Photobooks (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\Officeworks Photobooks) (Version: Officeworks Photobooks 2.5.8 - Officeworks Photobooks)
OVT Scanner X86 (HKLM\...\{6B566EFE-DC1D-471F-93DD-84832663F140}) (Version: 1.00.0000 - OVT)
PDF24 Creator 3.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSE11 STI Installer (HKLM\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pure Motion EditStudio 3 (HKLM\...\{B33E1335-67DB-4C38-A5BC-F49E86C23280}) (Version: 03.00.15000 - Pure Motion)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM\...\{2C1A45EC-8ED5-4CFF-B8B4-417DA850F67E}) (Version: 18.1.16.215 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 18.1) (Version: 18.1.16 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recorder Devices for ShareX 0.12.10 (HKLM\...\Recorder Devices for ShareX_is1) (Version: 0.12.10 - )
Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform)
Remind-Me (HKLM\...\Remind-Me) (Version:  - Beiley Software)
Revo Uninstaller Pro 2.5.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.16 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.3.1.12 - 2BrightSparks)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TAT Viewer 5G 2.1.14 (HKLM\...\TAT Viewer 5G) (Version: 2.1.14 - ESV)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Toolkit Documentation (HKLM\...\{AB1F3428-D2C6-895F-1966-BA55647B40D8}) (Version: 8.59.25584 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Total Recorder 8.1 (HKLM\...\TotalRecorder) (Version:  - )
TT-SB SDK (HKLM\...\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}) (Version:  - ArcSoft)
TurboCAD v6 (HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\...\TurboCAD v6) (Version:  - )
TurboCAD v6 Symbols (HKLM\...\TurboCAD v6 Symbols) (Version:  - )
Uninstall OVT Scanner (HKLM\...\OVT Scanner) (Version:  - )
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAP11G (HKLM\...\{2C73154B-F7F9-4B53-AF56-D06846C99EC4}_is1) (Version: 5.0.17.0 for WIN7/VISTA/WINXP - ShenZhen HouTian Network Communication Techlogy Co.Ltd)
vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinFast DAB (HKLM\...\{AC497343-E0D3-4A07-9496-ACB829A7338D}) (Version: 10.11.10.7 - Leadtek)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.5.1) (HKLM\...\UniConverter_is1) (Version: 11.7.5.1 - Wondershare Software)
Wondershare Video Converter Pro(Build 9.0.2.1) (HKLM\...\Wondershare Video Converter Pro_is1) (Version: 9.0.2.1 - Wondershare Software)
Yodot Recovery Software (HKLM\...\{3D0B1313-049A-4C70-B8CC-9AFB84109F89}_is1) (Version: 1.0.0.3 - Yodot Software)
YTD Video Downloader 3.9.4 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version:  - GreenTree Applications SRL) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{6F44AD55-3DAA-4D63-B2D6-5BB1748BAA7B}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
CustomCLSID: HKU\S-1-5-21-3345017777-2939274015-3433995129-1001_Classes\CLSID\{E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9}\InprocServer32 -> C:\Users\Roger\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\ImageUploader8.ocx (Photobox Limited -> PhotoBox)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2019-04-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll -> No File
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.44.0.dll [2020-08-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-08-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2010-08-12] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-25] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [151552 2011-07-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2007-02-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-25] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [74752 2011-11-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2013-04-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2018-01-30 18:26 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-30 18:26 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-04-10 22:19 - 2019-02-23 07:21 - 000059904 _____ () [File not signed] C:\Program Files\Recorder Devices for ShareX\screen-capture-recorder.dll
2018-03-15 14:58 - 2015-02-27 13:38 - 000214528 _____ () [File not signed] C:\Windows\System32\WSCM32.dll
2016-02-04 10:25 - 2009-08-21 02:49 - 000028672 _____ (afa) [File not signed] C:\Windows\System32\AF15BDAEX.dll
2016-02-25 17:12 - 2008-09-05 14:04 - 000155648 _____ (arcsoft) [File not signed] C:\Program Files\ArcSoft\TotalMedia 3.5\uEpg.dll
2019-09-19 14:08 - 2015-01-09 08:46 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2019-09-19 14:08 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2018-11-13 18:22 - 2017-12-07 11:25 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJPLM\CNMPU.DLL
2018-11-13 18:22 - 2017-12-07 11:25 - 000139264 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\IJPLM\CNMWSD.DLL
2018-11-13 19:33 - 2015-03-17 07:50 - 000380928 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMNPPM.DLL
2012-06-09 21:06 - 2009-04-20 12:23 - 000123904 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpf3l70w.dll
2012-06-09 21:10 - 2009-04-20 12:23 - 000315904 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\hpfpp70w.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000044544 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-06-15 21:27 - 2011-06-15 21:27 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\ucrtbase.DLL
2020-07-14 15:42 - 2020-07-14 15:42 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVG\Antivirus\1033\avg.local_vc142.crt\VCRUNTIME140.dll
2018-01-30 18:26 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:04 - 2019-01-22 18:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\ArcSoft\Bin;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Acronis\SnapAPI\;C:\Program Files\Common Files\HP\Digital Imaging\bin;I:\Program Files\HP\Digital Imaging\bin\;I:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\QuickTime\QTSystem\
HKU\S-1-5-21-3345017777-2939274015-3433995129-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.120.114.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.5.lnk => C:\Windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.5.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start OpdiTracker.lnk => C:\Windows\pss\Start OpdiTracker.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Handy Address Book.LNK => C:\Windows\pss\Handy Address Book.LNK.Startup
MSCONFIG\startupfolder: C:^Users^Roger^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AshSnap => C:\Program Files\Ashampoo\Ashampoo Snap 7\ashsnap.exe
MSCONFIG\startupreg: AutoPowerOn => I:\DOWNLOADS\AutoPowerOn\WinScheduler.exe
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Copernic Desktop Search - Home => "I:\Program Files\Copernic Search\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
MSCONFIG\startupreg: Google Update => "C:\Users\Roger\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => I:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{FFEA91E9-B20E-48DD-8E76-F7DBE9430B9E}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{141187BE-D94B-4C43-B7AE-EE9F24464819}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{54F7D0AD-CB8C-4B32-80A6-AFA2EEA4ADD9}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50371EF4-F689-4AAC-A73B-8081F20528D7}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe => No File
FirewallRules: [{BFA23E1B-A3F6-4F03-AB94-FB34AF8C887E}] => (Allow) LPort=2869
FirewallRules: [{5CCD0CF8-ABB1-45B6-835C-A7BF1CE8AECF}] => (Allow) LPort=1900
FirewallRules: [{B8BF07A1-09E5-4F43-BF7B-3C7718E1DE62}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{9152EF9E-0D00-448C-A6F5-6C5F3DD01930}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{B13A82F3-2677-45F8-99A5-75319A18D0E6}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{7684FF4F-F9FD-4A4B-825F-E6CD1F93D4B7}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9D86B58E-D03A-4F5C-9486-DF7B4FBDF861}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{5C280F13-610A-4809-84EF-87F5221A8CE8}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{A30CDE31-7D17-4B6C-B657-96992B61DDF0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E45D0EB-C711-4D20-A804-39DECD7D2ACD}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A37E4DD-D314-405F-BD87-631C8613FEB2}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F678E021-A9AB-461F-9049-3E195DC46718}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F26A2BE-A50C-4527-979F-F9BA3FB86FE1}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8F610C7D-60CF-42B4-9179-09D7FB476C35}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe (AVG Technologies -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1BBCF758-EBF8-442E-9DA7-9CE66784BBB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3FC97A9E-FDBB-4204-941A-86166D0D242D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D7645BF1-8DF1-44AC-807D-10C03FF4FFF6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe => No File
FirewallRules: [{C53DCF4D-7BCB-4E27-BD46-28776C24BF7A}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqste08.exe => No File
FirewallRules: [{94D5D2F1-5B08-4F25-9023-784E7C9927A8}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe => No File
FirewallRules: [{2E4F5C3C-265F-4247-9194-2CCB69B75808}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposfx08.exe => No File
FirewallRules: [{667F3FE4-C427-4BAE-84BC-038C85FF0B64}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{ABA7BABC-FD06-4C41-9249-BF6CC6A4525D}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe => No File
FirewallRules: [{30BDFDE9-7B05-4F4A-BD4E-1800BD8FA0DC}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpoews01.exe => No File
FirewallRules: [{BCFD1AAC-3654-42F7-8180-24E4F2FD8664}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe => No File
FirewallRules: [{8AF51F6A-7D12-40C8-A6C9-3FC604EAD0B6}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe => No File
FirewallRules: [{DF21C5B4-58E0-4864-A22B-5FB55B398786}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe => No File
FirewallRules: [{8F2B5175-B318-4BD5-967C-F881C4FC1EE4}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe => No File
FirewallRules: [{E2BCB33E-B67C-43D7-B1D3-88EEF67BDA40}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{D2C46A53-F14E-48DC-9ACC-1AFEAC27B038}] => (Allow) I:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{F0EA70D0-E80E-474C-ABAC-32BB49072E9C}] => (Allow) I:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{1FDCC6D6-A42A-4644-9E87-C72B8FD9837E}] => (Allow) I:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe => No File
FirewallRules: [TCP Query User{CD90CBBE-A825-45B4-A7C1-2FE59DE1CFAE}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [UDP Query User{B7F9164C-F90C-4C9A-BE20-7F69C4E3D7EB}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{BB33342F-E6C4-4240-AD65-669F2B9F4C68}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{97734015-6DC1-45E3-982B-26818850EB0E}] => (Block) C:\program files\real\realplayer\realplay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{2323AADA-6661-41E2-8B1B-0DFDDC85F75E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{382FA993-4333-45C6-814A-C57E7366D187}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{BAA4DE0F-1AC8-4539-AA21-AD228D520867}] => (Allow) C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{531792CB-5EF2-4AD6-B4AC-7961E7BB691A}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{44061AC5-AA23-4FB0-AF06-BFF1730CBE52}] => (Allow) C:\Program Files\AVG\Secure VPN\VpnUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{F3CFFB94-FBEE-411D-8EBE-D838E80EDA22}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B7C9594-501B-47DD-9893-656784DAD9D2}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{50F201FC-2D01-4DAA-A886-6727B34AED4C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59E25DBD-367D-4CD9-A0C3-1D6CE429CAF3}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{716D84A6-D986-4D1D-B1D8-3C254BF9E742}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
 
==================== Restore Points =========================
 
27-08-2020 16:20:13 Removed LastPass
27-08-2020 16:27:26 Removed LastPass
27-08-2020 17:43:22 Removed LastPass
27-08-2020 17:45:15 Removed LastPass
27-08-2020 17:48:52 Removed LastPass
09-09-2020 16:39:09 Windows Update
09-09-2020 17:11:04 Removed e-tax 2011
10-09-2020 14:46:40 Removed e-tax 2011
10-09-2020 14:48:28 Removed e-tax 2012
10-09-2020 14:49:41 Removed e-tax 2013
10-09-2020 14:50:33 Removed e-tax 2015
10-09-2020 14:52:35 Removed HiJackThis
10-09-2020 15:05:30 Removed Java 8 Update 191
10-09-2020 15:20:09 Removed Microsoft Silverlight
10-09-2020 15:29:42 Windows Live Essentials
10-09-2020 15:30:34 WLSetup
10-09-2020 15:59:08 Removed Bonjour
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (09/10/2020 04:42:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/10/2020 04:38:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 0502 08/20/2008
Motherboard: ASUSTeK Computer INC. P5Q SE
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 84%
Total physical RAM: 3327.05 MB
Available physical RAM: 502.84 MB
Total Virtual: 6652.48 MB
Available Virtual: 2530.71 MB
 
==================== Drives ================================
 
Drive c: (Windows 7) (Fixed) (Total:931.41 GB) (Free:710.58 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Spare 500Gb Disk) (Fixed) (Total:465.76 GB) (Free:258.2 GB) NTFS
Drive f: (Video Files) (Fixed) (Total:324.49 GB) (Free:237.67 GB) NTFS
Drive i: (Data I) (Fixed) (Total:607.03 GB) (Free:409.84 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A08FA08F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 6E697373)
No partition Table on disk 1.
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 69205244)
Partition 1: (Active) - (Size=607 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=324.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

  • 0

#7
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

System Process report follows:

 

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 82.89 0 K 24 K 0
procexp.exe 11.57 26,552 K 40,392 K 4488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AVGSvc.exe 2.34 111,240 K 45,388 K 1564 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
procexp.exe 1.40 20,828 K 27,324 K 5444 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AVGUI.exe 1.11 36,908 K 18,368 K 2192 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
Interrupts 0.99 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.58 18,692 K 11,112 K 576 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
aswidsagent.exe 0.50 26,260 K 15,392 K 6008 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
explorer.exe 0.48 61,616 K 39,724 K 2036 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.44 266,888 K 147,588 K 2148 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
System 0.66 76 K 828 K 4
VpnSvc.exe 0.29 11,664 K 9,716 K 3932 AVG VPN Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AFRCtl.exe 0.27 1,612 K 2,504 K 2124 Remote Control (No signature was present in the subject) 
lsass.exe 0.18 5,108 K 4,748 K 632 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.18 12,172 K 6,208 K 1012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.17 3,360 K 3,132 K 796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Vpn.exe 0.13 12,876 K 8,612 K 4976 AVG SecureVPN AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
rpbgconverter.exe 0.13 7,584 K 1,368 K 5464 RealConverter RealNetworks, Inc. (Verified) RealNetworks, Inc.
msedge.exe 0.08 149,628 K 153,368 K 6804 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 0.08 170,808 K 76,472 K 6468 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
rpdsvc.exe 0.07 29,920 K 3,772 K 3820 RealTimes Desktop Service RealNetworks, Inc. (Verified) RealNetworks, Inc.
openvpn.exe 0.06 2,996 K 1,332 K 3320 OpenVPN Daemon The OpenVPN Project (Verified) AVG Technologies USA, LLC
msedge.exe 0.06 168,560 K 79,288 K 1572 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.04 21,664 K 19,112 K 1168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 0.04 8,580 K 10,788 K 7344 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
habook.exe 0.04 2,284 K 1,352 K 5448 Handy Address Book Client Beiley Software Inc. (Verified) Beiley Software
services.exe 0.03 4,300 K 3,432 K 612 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
msedge.exe 0.03 120,436 K 19,092 K 6896 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.02 3,640 K 3,376 K 948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 13,740 K 7,052 K 1452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 113,980 K 112,176 K 4020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.02 44,112 K 18,408 K 4360 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 0.01 1,736 K 1,612 K 4904 iPod Service Apple Inc. (Verified) Apple Inc.
QtWebEngineProcess.exe 0.01 32,008 K 33,128 K 6984 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
CNMNSST.exe 0.01 1,076 K 536 K 2788 Canon IJ Network Scanner Selector EX CANON INC. (Verified) Canon Inc.
svchost.exe 0.01 9,192 K 9,060 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 0.01 1,516 K 1,500 K 644 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
RemindMe.exe 0.01 10,624 K 1,736 K 5480 Remind-Me Beiley Software Inc. (Verified) Beiley Software, Inc.
AppleMobileDeviceService.exe 0.01 2,576 K 1,316 K 3212 MobileDeviceService Apple Inc. (Verified) Apple Inc.
instup.exe 0.01 4,032 K 4,632 K 5192 AVG Antivirus Installer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
NvBackend.exe 0.01 1,648 K 820 K 2116 NVIDIA Update Backend NVIDIA Corporation (Verified) NVIDIA Corporation
MSOSYNC.EXE < 0.01 4,240 K 2,432 K 4964 Microsoft Office Document Cache Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe < 0.01 1,696 K 1,720 K 512 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 9,524 K 7,824 K 6524 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe < 0.01 4,824 K 2,408 K 2312 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
rpsystray.exe < 0.01 14,912 K 3,792 K 5296 RealPlayer with RealTimes RealNetworks, Inc. (Verified) RealNetworks, Inc.
Dropbox.exe < 0.01 4,848 K 1,196 K 2912 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
nvvsvc.exe < 0.01 3,364 K 1,272 K 1388 NVIDIA Driver Helper Service, Version 341.44 NVIDIA Corporation (Verified) NVIDIA Corporation
iTunesHelper.exe < 0.01 3,100 K 1,204 K 1652 iTunesHelper Apple Inc. (Verified) Apple Inc.
nvSCPAPISvr.exe < 0.01 2,200 K 924 K 912 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
PhotoshopElementsFileAgent.exe < 0.01 1,916 K 792 K 4584 Adobe Photoshop Elements 11.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
svchost.exe < 0.01 19,828 K 16,324 K 1808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WSHelper.exe 8,600 K 1,940 K 2848 Wondershare Studio Wondershare (Verified) Wondershare Technology Co.,Ltd
WsAppService.exe 16,552 K 5,360 K 1708 Wondershare Passport Wondershare (Verified) Wondershare Technology Co.,Ltd
WmiPrvSE.exe 2,108 K 5,196 K 4392 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1,744 K 1,260 K 704 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 968 K 256 K 564 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,088 K 1,592 K 1900 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
ToolbarUpdater.exe 996 K 420 K 4076 ToolbarU Application AVG Secure Search (Verified) AVG Technologies CZ, s.r.o.
TMMonitor.exe 7,080 K 4,000 K 5332 TMMonitor ArcSoft, Inc. (No signature was present in the subject) ArcSoft, Inc.
taskeng.exe 1,108 K 1,924 K 396 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,356 K 5,560 K 1092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 680 K 468 K 3756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,224 K 3,360 K 3580 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,064 K 520 K 3352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,856 K 1,576 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 724 K 440 K 3692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,028 K 772 K 4704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,404 K 780 K 4000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,284 K 5,936 K 3468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,028 K 4,040 K 1724 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 264 K 464 K 340 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
realsched.exe 2,264 K 492 K 2396 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks, Inc.
RealPlayerUpdateSvc.exe 1,904 K 3,216 K 3776 RealPlayer RealNetworks, Inc. (Verified) RealNetworks, Inc.
QtWebEngineProcess.exe 32,248 K 12,584 K 1220 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
overseer.exe 1,432 K 5,124 K 6788 AVG Overseer AVG Technologies (Verified) AVG Technologies USA, LLC
nvxdsync.exe 5,004 K 8,552 K 1380 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 2,116 K 2,600 K 888 NVIDIA Driver Helper Service, Version 341.44 NVIDIA Corporation (Verified) NVIDIA Corporation
msedge.exe 169,976 K 55,072 K 7856 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 138,868 K 20,276 K 7208 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 185,116 K 54,868 K 6872 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 111,628 K 4,624 K 7412 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 117,172 K 120,412 K 5504 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 1,896 K 1,384 K 6300 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
MSCamS32.exe 3,752 K 832 K 3672 MsCamSvc.exe Microsoft Corporation (Verified) Microsoft Corporation
ijplmsvc.exe 5,676 K 3,936 K 3616 Inkjet Printer/Scanner/Fax Extended Survey Program Service (Verified) Canon Inc.
dwm.exe 1,544 K 1,904 K 1996 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
DropboxUpdate.exe 1,744 K 404 K 1120 Dropbox Update Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe 1,552 K 800 K 2872 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe 1,164 K 4,356 K 7172 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe 2,432 K 500 K 3412 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
conhost.exe 616 K 280 K 4832 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
btwdins.exe 1,988 K 632 K 3384 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
BTTray.exe 8,840 K 1,632 K 4984 Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
AVGUI.exe 11,720 K 2,860 K 6224 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
audiodg.exe 17,920 K 16,780 K 384 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
aswEngSrv.exe 34,372 K 63,560 K 2452 AVG Antivirus engine server AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
armsvc.exe 716 K 500 K 3188 Adobe Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
afwServ.exe 10,348 K 8,320 K 2604 AVG firewall service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
ACService.exe 896 K 440 K 3152 ArcSoft Connect Service ArcSoft Inc. (Verified) ArcSoft, Inc.

  • 0

#8
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Process Explorer report follows:

 

 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       340 N/A                                         
csrss.exe                      512 N/A                                         
wininit.exe                    564 N/A                                         
csrss.exe                      576 N/A                                         
services.exe                   612 N/A                                         
lsass.exe                      632 EFS, KeyIso, SamSs                          
lsm.exe                        644 N/A                                         
winlogon.exe                   704 N/A                                         
svchost.exe                    796 DcomLaunch, PlugPlay, Power                 
nvvsvc.exe                     888 nvsvc                                       
nvSCPAPISvr.exe                912 Stereo Service                              
svchost.exe                    948 RpcEptMapper, RpcSs                         
svchost.exe                   1012 Audiosrv, Dhcp, eventlog, lmhosts, wscsvc   
svchost.exe                   1092 AudioEndpointBuilder, IPBusEnum, Netman,    
                                   PcaSvc, TrkWks, UxSms, Wlansvc              
svchost.exe                   1128 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, SstpSvc, WdiServiceHost,               
                                   WinHttpAutoProxySvc                         
svchost.exe                   1168 AeLookupSvc, Appinfo, BITS, Browser,        
                                   EapHost, IKEEXT, iphlpsvc, LanmanServer,    
                                   MMCSS, ProfSvc, RasMan, Schedule, SENS,     
                                   ShellHWDetection, Themes, Winmgmt, wuauserv 
svchost.exe                   1288 gpsvc                                       
nvxdsync.exe                  1380 N/A                                         
nvvsvc.exe                    1388 N/A                                         
svchost.exe                   1452 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc, TapiSrv                             
AVGSvc.exe                    1564 AVG Antivirus                               
spoolsv.exe                   1724 Spooler                                     
svchost.exe                   1808 BFE, DPS, MpsSvc                            
dwm.exe                       1996 N/A                                         
explorer.exe                  2036 N/A                                         
taskeng.exe                    396 N/A                                         
DropboxUpdate.exe             1120 N/A                                         
NvBackend.exe                 2116 N/A                                         
AFRCtl.exe                    2124 N/A                                         
Dropbox.exe                   2148 N/A                                         
AVGUI.exe                     2192 N/A                                         
dllhost.exe                   2312 N/A                                         
realsched.exe                 2396 N/A                                         
aswEngSrv.exe                 2452 N/A                                         
afwServ.exe                   2604 AVG Firewall                                
CNMNSST.exe                   2788 N/A                                         
Dropbox.exe                   2872 N/A                                         
Dropbox.exe                   2912 N/A                                         
ACService.exe                 3152 ACDaemon                                    
armsvc.exe                    3188 AdobeARMservice                             
AppleMobileDeviceService.     3212 Apple Mobile Device                         
svchost.exe                   3352 bthserv                                     
btwdins.exe                   3384 btwdins                                     
DbxSvc.exe                    3412 DbxSvc                                      
svchost.exe                   3468 DiagTrack                                   
svchost.exe                   3580 FDResPub, SSDPSRV, upnphost                 
ijplmsvc.exe                  3616 IJPLMSVC                                    
MSCamS32.exe                  3672 MSCamSvc                                    
svchost.exe                   3692 Net Driver HPZ12                            
svchost.exe                   3756 Pml Driver HPZ12                            
RealPlayerUpdateSvc.exe       3776 RealPlayerUpdateSvc                         
rpdsvc.exe                    3820 RealTimes Desktop Service                   
VpnSvc.exe                    3932 SecureVpn                                   
svchost.exe                   4000 StiSvc                                      
svchost.exe                   4020 SysMain                                     
ToolbarUpdater.exe            4076 vToolbarUpdater18.5.0                       
WsAppService.exe              1708 WsAppService                                
unsecapp.exe                  1900 N/A                                         
WSHelper.exe                  2848 N/A                                         
iTunesHelper.exe              1652 N/A                                         
SearchIndexer.exe             4360 WSearch                                     
svchost.exe                   4704 PolicyAgent                                 
MSOSYNC.EXE                   4964 N/A                                         
Vpn.exe                       4976 N/A                                         
BTTray.exe                    4984 N/A                                         
rpsystray.exe                 5296 N/A                                         
TMMonitor.exe                 5332 N/A                                         
habook.exe                    5448 N/A                                         
rpbgconverter.exe             5464 N/A                                         
RemindMe.exe                  5480 N/A                                         
aswidsagent.exe               6008 avgbIDSAgent                                
PhotoshopElementsFileAgen     4584 AdobeActiveFileMonitor11.0                  
openvpn.exe                   3320 N/A                                         
conhost.exe                   4832 N/A                                         
iPodService.exe               4904 iPod Service                                
msedge.exe                    1572 N/A                                         
msedge.exe                    6300 N/A                                         
wmpnetwk.exe                  6524 WMPNetworkSvc                               
msedge.exe                    6872 N/A                                         
msedge.exe                    6896 N/A                                         
msedge.exe                    7208 N/A                                         
msedge.exe                    7856 N/A                                         
msedge.exe                    7412 N/A                                         
msedge.exe                    6468 N/A                                         
AVGUI.exe                     6224 N/A                                         
QtWebEngineProcess.exe        6984 N/A                                         
QtWebEngineProcess.exe        1220 N/A                                         
msedge.exe                    6804 N/A                                         
msedge.exe                    5504 N/A                                         
procexp.exe                   4488 N/A                                         
procexp.exe                   5444 N/A                                         
WmiPrvSE.exe                  4392 N/A                                         
audiodg.exe                   7280 N/A                                         
cmd.exe                       7496 N/A                                         
conhost.exe                   7520 N/A                                         
tasklist.exe                  3008 N/A                                         
WmiPrvSE.exe                  5824 N/A                                         

  • 0

#9
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

System Idle Process.txt follows:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 82.89 0 K 24 K 0
procexp.exe 11.57 26,552 K 40,392 K 4488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AVGSvc.exe 2.34 111,240 K 45,388 K 1564 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
procexp.exe 1.40 20,828 K 27,324 K 5444 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AVGUI.exe 1.11 36,908 K 18,368 K 2192 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
Interrupts 0.99 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.58 18,692 K 11,112 K 576 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
aswidsagent.exe 0.50 26,260 K 15,392 K 6008 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
explorer.exe 0.48 61,616 K 39,724 K 2036 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.44 266,888 K 147,588 K 2148 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
System 0.66 76 K 828 K 4
VpnSvc.exe 0.29 11,664 K 9,716 K 3932 AVG VPN Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AFRCtl.exe 0.27 1,612 K 2,504 K 2124 Remote Control (No signature was present in the subject) 
lsass.exe 0.18 5,108 K 4,748 K 632 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.18 12,172 K 6,208 K 1012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.17 3,360 K 3,132 K 796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Vpn.exe 0.13 12,876 K 8,612 K 4976 AVG SecureVPN AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
rpbgconverter.exe 0.13 7,584 K 1,368 K 5464 RealConverter RealNetworks, Inc. (Verified) RealNetworks, Inc.
msedge.exe 0.08 149,628 K 153,368 K 6804 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 0.08 170,808 K 76,472 K 6468 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
rpdsvc.exe 0.07 29,920 K 3,772 K 3820 RealTimes Desktop Service RealNetworks, Inc. (Verified) RealNetworks, Inc.
openvpn.exe 0.06 2,996 K 1,332 K 3320 OpenVPN Daemon The OpenVPN Project (Verified) AVG Technologies USA, LLC
msedge.exe 0.06 168,560 K 79,288 K 1572 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.04 21,664 K 19,112 K 1168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 0.04 8,580 K 10,788 K 7344 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
habook.exe 0.04 2,284 K 1,352 K 5448 Handy Address Book Client Beiley Software Inc. (Verified) Beiley Software
services.exe 0.03 4,300 K 3,432 K 612 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
msedge.exe 0.03 120,436 K 19,092 K 6896 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.02 3,640 K 3,376 K 948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 13,740 K 7,052 K 1452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 113,980 K 112,176 K 4020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.02 44,112 K 18,408 K 4360 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 0.01 1,736 K 1,612 K 4904 iPod Service Apple Inc. (Verified) Apple Inc.
QtWebEngineProcess.exe 0.01 32,008 K 33,128 K 6984 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
CNMNSST.exe 0.01 1,076 K 536 K 2788 Canon IJ Network Scanner Selector EX CANON INC. (Verified) Canon Inc.
svchost.exe 0.01 9,192 K 9,060 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 0.01 1,516 K 1,500 K 644 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
RemindMe.exe 0.01 10,624 K 1,736 K 5480 Remind-Me Beiley Software Inc. (Verified) Beiley Software, Inc.
AppleMobileDeviceService.exe 0.01 2,576 K 1,316 K 3212 MobileDeviceService Apple Inc. (Verified) Apple Inc.
instup.exe 0.01 4,032 K 4,632 K 5192 AVG Antivirus Installer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
NvBackend.exe 0.01 1,648 K 820 K 2116 NVIDIA Update Backend NVIDIA Corporation (Verified) NVIDIA Corporation
MSOSYNC.EXE < 0.01 4,240 K 2,432 K 4964 Microsoft Office Document Cache Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe < 0.01 1,696 K 1,720 K 512 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 9,524 K 7,824 K 6524 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe < 0.01 4,824 K 2,408 K 2312 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
rpsystray.exe < 0.01 14,912 K 3,792 K 5296 RealPlayer with RealTimes RealNetworks, Inc. (Verified) RealNetworks, Inc.
Dropbox.exe < 0.01 4,848 K 1,196 K 2912 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
nvvsvc.exe < 0.01 3,364 K 1,272 K 1388 NVIDIA Driver Helper Service, Version 341.44 NVIDIA Corporation (Verified) NVIDIA Corporation
iTunesHelper.exe < 0.01 3,100 K 1,204 K 1652 iTunesHelper Apple Inc. (Verified) Apple Inc.
nvSCPAPISvr.exe < 0.01 2,200 K 924 K 912 Stereo Vision Control Panel API Server NVIDIA Corporation (Verified) NVIDIA Corporation
PhotoshopElementsFileAgent.exe < 0.01 1,916 K 792 K 4584 Adobe Photoshop Elements 11.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
svchost.exe < 0.01 19,828 K 16,324 K 1808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WSHelper.exe 8,600 K 1,940 K 2848 Wondershare Studio Wondershare (Verified) Wondershare Technology Co.,Ltd
WsAppService.exe 16,552 K 5,360 K 1708 Wondershare Passport Wondershare (Verified) Wondershare Technology Co.,Ltd
WmiPrvSE.exe 2,108 K 5,196 K 4392 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1,744 K 1,260 K 704 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 968 K 256 K 564 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,088 K 1,592 K 1900 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
ToolbarUpdater.exe 996 K 420 K 4076 ToolbarU Application AVG Secure Search (Verified) AVG Technologies CZ, s.r.o.
TMMonitor.exe 7,080 K 4,000 K 5332 TMMonitor ArcSoft, Inc. (No signature was present in the subject) ArcSoft, Inc.
taskeng.exe 1,108 K 1,924 K 396 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 7,356 K 5,560 K 1092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 680 K 468 K 3756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,224 K 3,360 K 3580 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,064 K 520 K 3352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,856 K 1,576 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 724 K 440 K 3692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,028 K 772 K 4704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,404 K 780 K 4000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,284 K 5,936 K 3468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 8,028 K 4,040 K 1724 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 264 K 464 K 340 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
realsched.exe 2,264 K 492 K 2396 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks, Inc.
RealPlayerUpdateSvc.exe 1,904 K 3,216 K 3776 RealPlayer RealNetworks, Inc. (Verified) RealNetworks, Inc.
QtWebEngineProcess.exe 32,248 K 12,584 K 1220 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
overseer.exe 1,432 K 5,124 K 6788 AVG Overseer AVG Technologies (Verified) AVG Technologies USA, LLC
nvxdsync.exe 5,004 K 8,552 K 1380 NVIDIA User Experience Driver Component NVIDIA Corporation (Verified) NVIDIA Corporation
nvvsvc.exe 2,116 K 2,600 K 888 NVIDIA Driver Helper Service, Version 341.44 NVIDIA Corporation (Verified) NVIDIA Corporation
msedge.exe 169,976 K 55,072 K 7856 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 138,868 K 20,276 K 7208 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 185,116 K 54,868 K 6872 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 111,628 K 4,624 K 7412 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 117,172 K 120,412 K 5504 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
msedge.exe 1,896 K 1,384 K 6300 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
MSCamS32.exe 3,752 K 832 K 3672 MsCamSvc.exe Microsoft Corporation (Verified) Microsoft Corporation
ijplmsvc.exe 5,676 K 3,936 K 3616 Inkjet Printer/Scanner/Fax Extended Survey Program Service (Verified) Canon Inc.
dwm.exe 1,544 K 1,904 K 1996 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
DropboxUpdate.exe 1,744 K 404 K 1120 Dropbox Update Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe 1,552 K 800 K 2872 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe 1,164 K 4,356 K 7172 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe 2,432 K 500 K 3412 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
conhost.exe 616 K 280 K 4832 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
btwdins.exe 1,988 K 632 K 3384 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
BTTray.exe 8,840 K 1,632 K 4984 Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
AVGUI.exe 11,720 K 2,860 K 6224 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
audiodg.exe 17,920 K 16,780 K 384 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
aswEngSrv.exe 34,372 K 63,560 K 2452 AVG Antivirus engine server AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
armsvc.exe 716 K 500 K 3188 Adobe Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
afwServ.exe 10,348 K 8,320 K 2604 AVG firewall service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
ACService.exe 896 K 440 K 3152 ArcSoft Connect Service ArcSoft Inc. (Verified) ArcSoft, Inc.

  • 0

#10
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Junk.txt report follows:

 

 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       340 N/A                                         
csrss.exe                      512 N/A                                         
wininit.exe                    564 N/A                                         
csrss.exe                      576 N/A                                         
services.exe                   612 N/A                                         
lsass.exe                      632 EFS, KeyIso, SamSs                          
lsm.exe                        644 N/A                                         
winlogon.exe                   704 N/A                                         
svchost.exe                    796 DcomLaunch, PlugPlay, Power                 
nvvsvc.exe                     888 nvsvc                                       
nvSCPAPISvr.exe                912 Stereo Service                              
svchost.exe                    948 RpcEptMapper, RpcSs                         
svchost.exe                   1012 Audiosrv, Dhcp, eventlog, lmhosts, wscsvc   
svchost.exe                   1092 AudioEndpointBuilder, IPBusEnum, Netman,    
                                   PcaSvc, TrkWks, UxSms, Wlansvc              
svchost.exe                   1128 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, SstpSvc, WdiServiceHost,               
                                   WinHttpAutoProxySvc                         
svchost.exe                   1168 AeLookupSvc, Appinfo, BITS, Browser,        
                                   EapHost, IKEEXT, iphlpsvc, LanmanServer,    
                                   MMCSS, ProfSvc, RasMan, Schedule, SENS,     
                                   ShellHWDetection, Themes, Winmgmt, wuauserv 
svchost.exe                   1288 gpsvc                                       
nvxdsync.exe                  1380 N/A                                         
nvvsvc.exe                    1388 N/A                                         
svchost.exe                   1452 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc, TapiSrv                             
AVGSvc.exe                    1564 AVG Antivirus                               
spoolsv.exe                   1724 Spooler                                     
svchost.exe                   1808 BFE, DPS, MpsSvc                            
dwm.exe                       1996 N/A                                         
explorer.exe                  2036 N/A                                         
taskeng.exe                    396 N/A                                         
DropboxUpdate.exe             1120 N/A                                         
NvBackend.exe                 2116 N/A                                         
AFRCtl.exe                    2124 N/A                                         
Dropbox.exe                   2148 N/A                                         
AVGUI.exe                     2192 N/A                                         
dllhost.exe                   2312 N/A                                         
realsched.exe                 2396 N/A                                         
aswEngSrv.exe                 2452 N/A                                         
afwServ.exe                   2604 AVG Firewall                                
CNMNSST.exe                   2788 N/A                                         
Dropbox.exe                   2872 N/A                                         
Dropbox.exe                   2912 N/A                                         
ACService.exe                 3152 ACDaemon                                    
armsvc.exe                    3188 AdobeARMservice                             
AppleMobileDeviceService.     3212 Apple Mobile Device                         
svchost.exe                   3352 bthserv                                     
btwdins.exe                   3384 btwdins                                     
DbxSvc.exe                    3412 DbxSvc                                      
svchost.exe                   3468 DiagTrack                                   
svchost.exe                   3580 FDResPub, SSDPSRV, upnphost                 
ijplmsvc.exe                  3616 IJPLMSVC                                    
MSCamS32.exe                  3672 MSCamSvc                                    
svchost.exe                   3692 Net Driver HPZ12                            
svchost.exe                   3756 Pml Driver HPZ12                            
RealPlayerUpdateSvc.exe       3776 RealPlayerUpdateSvc                         
rpdsvc.exe                    3820 RealTimes Desktop Service                   
VpnSvc.exe                    3932 SecureVpn                                   
svchost.exe                   4000 StiSvc                                      
svchost.exe                   4020 SysMain                                     
ToolbarUpdater.exe            4076 vToolbarUpdater18.5.0                       
WsAppService.exe              1708 WsAppService                                
unsecapp.exe                  1900 N/A                                         
WSHelper.exe                  2848 N/A                                         
iTunesHelper.exe              1652 N/A                                         
SearchIndexer.exe             4360 WSearch                                     
svchost.exe                   4704 PolicyAgent                                 
MSOSYNC.EXE                   4964 N/A                                         
Vpn.exe                       4976 N/A                                         
BTTray.exe                    4984 N/A                                         
rpsystray.exe                 5296 N/A                                         
TMMonitor.exe                 5332 N/A                                         
habook.exe                    5448 N/A                                         
rpbgconverter.exe             5464 N/A                                         
RemindMe.exe                  5480 N/A                                         
aswidsagent.exe               6008 avgbIDSAgent                                
PhotoshopElementsFileAgen     4584 AdobeActiveFileMonitor11.0                  
openvpn.exe                   3320 N/A                                         
conhost.exe                   4832 N/A                                         
iPodService.exe               4904 iPod Service                                
msedge.exe                    1572 N/A                                         
msedge.exe                    6300 N/A                                         
wmpnetwk.exe                  6524 WMPNetworkSvc                               
msedge.exe                    6872 N/A                                         
msedge.exe                    6896 N/A                                         
msedge.exe                    7208 N/A                                         
msedge.exe                    7856 N/A                                         
msedge.exe                    7412 N/A                                         
msedge.exe                    6468 N/A                                         
AVGUI.exe                     6224 N/A                                         
QtWebEngineProcess.exe        6984 N/A                                         
QtWebEngineProcess.exe        1220 N/A                                         
msedge.exe                    6804 N/A                                         
msedge.exe                    5504 N/A                                         
procexp.exe                   4488 N/A                                         
procexp.exe                   5444 N/A                                         
WmiPrvSE.exe                  4392 N/A                                         
audiodg.exe                   7280 N/A                                         
cmd.exe                       7496 N/A                                         
conhost.exe                   7520 N/A                                         
tasklist.exe                  3008 N/A                                         
WmiPrvSE.exe                  5824 N/A                                         

  • 0

Advertisements


#11
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Speccy file attached

Attached Files


  • 0

#12
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Latency Monitor Report follows, screenshots attached

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:00:30  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        ASUSWIN7
OS version:                                           Windows 7 Service Pack 1, 6.1, build: 7601 (x86)
Hardware:                                             P5Q SE, System manufacturer
CPU:                                                  GenuineIntel Intel® Core™2 Duo CPU E7400 @ 2.80GHz
Logical processors:                                   2
Processor groups:                                     1
RAM:                                                  3327 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2793 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   4333.867261
Average measured interrupt to process latency (µs):   4.753519
 
Highest measured interrupt to DPC latency (µs):       3767.432533
Average measured interrupt to DPC latency (µs):       0.751442
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              47.932331
Driver with highest ISR routine execution time:       ndis.sys - NDIS 6.20 driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.014123
Driver with highest ISR total time:                   ataport.SYS - ATAPI Driver Extension, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.032742
 
ISR count (execution time <250 µs):                   3743
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              7336.127820
Driver with highest DPC routine execution time:       ndis.sys - NDIS 6.20 driver, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.164629
Driver with highest DPC total execution time:         rspLLL32.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
 
Total time spent in DPCs (%)                          0.284386
 
DPC count (execution time <250 µs):                   97994
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              2
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              1
DPC count (execution time >=4000 µs):                 1
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 svchost.exe
 
Total number of hard pagefaults                       12
Hard pagefault count of hardest hit process:          6
Number of processes hit:                              5
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.278701
CPU 0 ISR highest execution time (µs):                47.932331
CPU 0 ISR total execution time (s):                   0.014431
CPU 0 ISR count:                                      2716
CPU 0 DPC highest execution time (µs):                7336.127820
CPU 0 DPC total execution time (s):                   0.160842
CPU 0 DPC count:                                      96562
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.149209
CPU 1 ISR highest execution time (µs):                46.022556
CPU 1 ISR total execution time (s):                   0.005540
CPU 1 ISR count:                                      1027
CPU 1 DPC highest execution time (µs):                231.796992
CPU 1 DPC total execution time (s):                   0.012623
CPU 1 DPC count:                                      1436
_________________________________________________________________________________________________________
 

Attached Thumbnails

  • Drivers Tab screen.jpg
  • Hard page Faults screenshot.jpg

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Speccy says it is running hot.  Normally I would have you run Speedfan to double check but even your hard drives are reporting high temps.  Time to shut it down, leave it connected to the wall plug and open it up.  Use a vacuum cleaner with a hose to clear the dust from the heatsink, fans and all air vents.  Especially check the vents on the case and the power supply as well as the fan on the graphics card.  Hopefully you don't have it sitting near the radiator.  Turn it on and verify that all fans, start up quickly,  are working and are not making noise.

 

All three of your hard drives show bad sectors have been replaced.  The Western Digital drive shows it has several pending bad sectors.  I would run the extended (long) test from Western Digital's

 

Data Lifeguard Diagnostic for Windows

https://support.wdc....ds.aspx?lang=en

on the Western Digital drive

 

and

 

SeaTools for Windows:

https://www.seagate....ols-win-master/

on the other two.

 

You are using AVG's VPN which slows down your network interface and put a load on the network.  Can you turn it off?

 

Give me a new Speccy log and also new Latency Monitor when done.


  • 0

#14
rogerbid

rogerbid

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Hi again,

 

I have done my best to clean the internals, the fans were pretty dusty though the air vents on the case were not too bad.

 

I have run the WD Data Lifeguard and finished up with a screen asking if I wanted to repair, please see the attached .jpg file.  I didn't click anything, preferring to wait to hear what you wanted.  Maybe I should think about a new HDD?

 

The SeaTools program scanned but Seagate drives and presented a screen seeking instructions.  I was not sure which option to select, again please see the attached .jpg file.

 

The system appeared to start without any adverse effects after the cleaning.  Oh, the heat-sink paste was dry, and ineffective I guess.

 

Sorry I forgot to turn off the VPN, you asked me to with the laptop earlier!  It has been off during the current scan.

 

I look forward to hearing from you in due course and will continue with  the scanning when I know what is required.

 

Thanks,

 

Roger

 

Attached Thumbnails

  • Data lifeguard.jpg
  • SeaTools.jpg

  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I would let the Western Digital program try to fix the drive.  For the Seagate you want the Long Generic test.

 

Probably a good idea to let Windows check the file system and system files afterward

1. Double-click (My) Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs.  Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc.  This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

Copy the next two lines:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt
notepad %UserProfile%\desktop\junk.txt


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.  Close nOtepad.  Close the Command Window.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

 

Does Speccy show an improvement in the temps?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP