Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

unable to boot Windows 10 with HDMI cable

Started by housema , Mar 11 2019 12:10 AM

This topic is locked

20 replies to this topic

#1 housema

Advanced Member

Full Member
137 posts

Posted 11 March 2019 - 12:10 AM

Hello,

It's been a while since I posted. My monitor died and bought a new monitor that has a Display Port and HDMI port only. My old monitor was hooked up by VDI port. I currently have a TV connected to my computer via VGA. My tower has both the HDMI and display port connection. When I plug in the HDMI cable the computer does not load windows, but it does boot up in Safe Mode. Windows comes up but it does not go past the window picture and screen stays black. The Intel Graphic driver has been updated. I disabled Intel Graphic driver and then enabled it. It did not work I cannot figure out why I can't use my new monitor. I also updated the bios today. Please advise. Thank you.

EDIT: Please post log directly into topic (unless specifically asked to attach) so that helpers can see them without first having to download them. While the risk is small, it does increase the risk if helpers need to download files posted by people seeking help. We provide ample room to post in the topic.

Attached Files

Addition.txt 944bytes 3 downloads
FRST.txt 100bytes 4 downloads
SALog.txt 1.19KB 1 downloads

Edited by Budfred, 11 March 2019 - 09:25 AM.

Back to top

#2 housema

Advanced Member

Full Member
137 posts

Posted 11 March 2019 - 09:52 AM

I apologize, here are my scans

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 3/10/19

Scan Time: 10:52 PM

Log File: ae0f877a-43a8-11e9-b1a7-f46d0490ac87.json

-Software Information-

Version: 3.7.1.2839

Components Version: 1.0.538

Update Package Version: 1.0.9626

License: Trial

-System Information-

OS: Windows 10 (Build 17134.407)

CPU: x64

File System: NTFS

User: LINDA-PC\linda

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 358336

Threats Detected: 0

Threats Quarantined: 0

Time Elapsed: 11 min, 15 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 0

(No malicious items detected)

Physical Sector: 0

(No malicious items detected)

WMI: 0

(No malicious items detected)

(end)

==================== Memory info ===========================

Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz

Percentage of memory in use: 28%

Total physical RAM: 16281.15 MB

Available physical RAM: 11598.29 MB

Total Virtual: 32665.15 MB

Available Virtual: 28137.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.07 GB) (Free:759.87 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{2bd2c32a-0000-0000-0000-b0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)

Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=449 MB) - (Type=27)

==================== End of Addition.txt ============================

LastRegBack: 2018-06-22 08:41

==================== End of FRST.txt ============================

Result of Security Analysis by Rocket Grannie (x86) Updated: 16th, december 2018

Running from:C:\Users\linda\Desktop (00:58:21 - 03/11/2019)

***---------------------------------------------------------***

Microsoft Windows 10 Pro X64

UAC is Enabled

Internet Explorer 11

Default Browser: Google Chrome

***------------Antivirus - Antispyware - Firewall-----------***

Windows Defender (Disabled - up to Date)

Malwarebytes (Enabled - up to Date)

Trend Micro Maximum Security (Enabled - up to Date)

Spybot - Search and Destroy (Enabled - up to Date)

Malwarebytes (Enabled - up to Date)

Trend Micro Maximum Security (Enabled - up to Date)

Windows Defender (Disabled - up to Date)

Windows Firewall (Enabled)

No other Firewall Installed

***-------Security Programs - Browsers - Miscellaneous------***

Adobe Flash Player NPAPI (32.0.0.142)

Adobe Acrobat Reader DC (19.010.20098)

CCleaner (5.54)

Google Chrome (72.0.3626.121)

Malwarebytes (3.6.1.2711)

Microsoft Silverlight (5.1.50918.0)

Pale Moon (28.4.0)

Spybot - Search & Destroy (2.7.64.0)

SpywareBlaster (5.5.0)

Windows Live Essentials (16.4.3528.0331) ==> is no longer supported

***----------------Analysis Complete-------------------------***

I ran the first FRST64.exe, and RGSA.exe before I cleaned up my comp with a few programs, like Spybot, CCleaner, CleanUp and Spywareblster and the FRST.txt and Addition.txt log files were extremely large. I then ran your tools the second time and the file logs were very short. Would you like to see the first run logs.

Edited by housema, 11 March 2019 - 09:53 AM.

Back to top

#3 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 12 March 2019 - 05:31 AM

Hi housema

The FRST and Addition logs posted are not complete.

Open them with Notepad and see what I mean.

I need the complete logs.

Please attach them one more time and make sure the complete logs were copied.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#4 housema

Advanced Member

Full Member
137 posts

Posted 12 March 2019 - 06:39 AM

Good Morning Nasdaq

Thank you for getting back to me. Here are my logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2019

Ran by linda (12-03-2019 08:13:07)

Running from C:\Users\linda\Desktop\spyware forum 2nd run

Windows 10 Pro Version 1803 17134.590 (X64) (2018-06-22 13:33:21)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3023927834-737669077-2965008529-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-3023927834-737669077-2965008529-503 - Limited - Disabled)

Guest (S-1-5-21-3023927834-737669077-2965008529-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3023927834-737669077-2965008529-1004 - Limited - Enabled)

linda (S-1-5-21-3023927834-737669077-2965008529-1001 - Administrator - Enabled) => C:\Users\linda

WDAGUtilityAccount (S-1-5-21-3023927834-737669077-2965008529-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AV: Trend Micro Maximum Security (Enabled - Up to date) {90387C74-1C56-9484-893C-8ADCB2906C3D}

AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Trend Micro Maximum Security (Enabled - Up to date) {2B599D90-3A6C-9B0A-B38C-B1AEC9172680}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)

Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

BrLauncher (HKLM-x32\...\{EF7AC07F-8DC8-4446-918B-3FD544496894}) (Version: 2.0.10.0 - Brother Industries Ltd.) Hidden

BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden

Brother iPrint&Scan (HKLM-x32\...\{0BAF6C40-0B74-4331-8EAA-06ECF6445182}) (Version: 3.0.0.10 - Brother Industries, Ltd.) Hidden

Brother iPrint&Scan (HKLM-x32\...\{80e3f154-59fa-491e-911b-98caf1c71120}) (Version: 3.0.0.10 - Brother Industries, Ltd.)

Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 0.0.20.0 - Brother Industries, Ltd.)

Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden

Brother Port Driver (HKLM-x32\...\{76627C3B-4CE9-498A-B587-02063E190005}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden

Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)

Brother Printer Driver (HKLM-x32\...\{00B68BA3-39B0-47CF-850C-BD92253C3D1A}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden

Brother Scanner Driver (HKLM-x32\...\{BECAE854-AD40-4351-87F8-998C34EFE54A}) (Version: 1.0.13.1 - Brother Industries Ltd.) Hidden

BrSupportTools (HKLM-x32\...\{85B3C0BD-7326-4860-9471-A5D97A1F7D59}) (Version: 1.0.19.0 - Brother Industries Ltd.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )

ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden

ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden

Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKLM-x32\...\Dropbox) (Version: 68.4.102 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)

FlashPeak SlimBrowser (HKLM-x32\...\SlimBrowser) (Version: 8.00.005 - FlashPeak Inc.)

FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 9.0.7.0 - FlashPeak Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)

iMyFone D-Back 6.2.1.0 (HKLM-x32\...\{071B9303-5881-4BC6-B9E9-2E2D22C015C1}_is1) (Version: 6.2.1.0 - Shenzhen iMyFone Technology Co., Ltd.)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab) Hidden

Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)

Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

Marketsplash Shortcuts (HKLM-x32\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)

marvell 61xx (HKLM-x32\...\mv61xxDriver) (Version: 1.2.0.7600 - Marvell)

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)

Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.5101.1002 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

Network Play System (Patching) (HKLM-x32\...\Network Play System (Patching)) (Version: - )

NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden

Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)

Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)

Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden

Pale Moon 28.4.0 (x64 en-US) (HKLM\...\Pale Moon 28.4.0 (x64 en-US)) (Version: 28.4.0 - Moonchild Productions)

Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)

PC-FAXReceive (HKLM-x32\...\{DE8708D3-A79A-46ED-BCB4-3B2F01321704}) (Version: 1.7.5.0 - Brother Insutries Ltd.) Hidden

PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden

PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 3.5.0.0 - iMobie Inc.)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)

PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{4FC4433D-E687-43D5-B8A8-88D40F5AD8B4}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)

RemoteSetup (HKLM-x32\...\{B14AD0FC-6ED6-4596-B379-24DC590855AC}) (Version: 3.9.3.1 - Brother Industries Ltd.) Hidden

Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)

ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden

Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)

SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)

StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden

thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)

Trend Micro DirectPass (HKLM\...\{F059D68A-2911-4ea7-BA2B-3FBF2DD9D1CB}) (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden

Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 15.0 - Trend Micro Inc.)

Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.)

Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0 - Trend Micro Inc.)

TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)

UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden

VCRT for DirectPass x64 (HKLM\...\{92124FFB-5113-4D64-A6BA-7D6D362A6265}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden

VCRT for DirectPass x64 (HKLM\...\{E9EC941D-16E5-46FD-AB44-928ED7839CCC}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden

VCRT for DirectPass x86 (HKLM-x32\...\{44334193-827E-47B4-AB2A-E49F2A102E21}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden

VCRT for DirectPass x86 (HKLM-x32\...\{FD45B178-B1C1-4D2A-B8C8-CD7B4F687F1C}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Zoom (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

Zoom (HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2014-06-20 12:16]

CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2014-06-20 12:16]

ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc. -> Apple Inc.)

ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09826FCA-27AD-40EC-B470-BF3DF47D2F5C} - System32\Tasks\{D111D56E-978F-4528-80E6-391E3CFCF292} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)

Task: {0BD4355B-D024-44B0-9EC1-8FE52D58B907} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {0C07BA5C-DB39-41E0-A81D-6271B929BC5A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {0F515DB6-10CF-48F4-8061-D74E8269CE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {10B641E1-E538-43D3-846C-F16FC2BA6E4C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {14631472-94AF-4ED1-A33A-4D53BE3EB4AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)

Task: {1523CC87-0A89-45B6-A8CC-567241482AD4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Microsoft Corporation -> Microsoft)

Task: {183CB342-62BD-49B3-A5AD-810E49119615} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {2478EB6A-EEFE-43B9-9F76-96FA72452C83} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Apple Inc. -> Apple Inc.)

Task: {2A23ACFF-6AFE-4723-8633-9D5496E7E223} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {2AAD68AE-4C5F-4A5E-BB9F-4A05556892EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

Task: {2AFFC901-C791-485C-89B2-1FD13769EF65} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {2CB09070-C0E0-44E7-84F5-3A64A7EC1084} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {2D0237AF-C194-4C27-9DBB-FE4A9761A6A1} - System32\Tasks\{52FF0B8C-85A6-48C0-9003-9F5AFFB0DAAE} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)

Task: {2E778071-E964-4067-9D6F-149D43D44D92} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

Task: {2F8C5FD4-2952-46B5-B74D-5BDB5236F2D4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {2FD8CE17-A146-4C46-B9B6-6D551F553487} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

Task: {3476A4CA-411F-4430-99D5-7ABDF48E220A} - System32\Tasks\{29C4A4D8-97E6-4483-8162-01139FF87B2E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Task: {353385C4-040C-4A3F-A3CA-9D8A10F52FFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

Task: {3B98D082-45AF-43B0-B854-689F72685AEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {4533D54D-E7E5-42AC-89AA-2A0C4A2D9075} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {470BD81B-4067-44D5-80AB-22D3F0650CEC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {482BEDFB-E470-4D49-A6D4-855A5650E8B4} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn

Task: {482BEDFB-E470-4D49-A6D4-855A5650E8B4} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run

Task: {4BB5E24D-BFC1-434E-B574-6310BE2D724E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {51D3404C-F355-443A-9EF9-895C942346FE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

Task: {55042098-EF5F-4233-9299-9CBE379DD5BC} - System32\Tasks\{991F1586-B70A-4D22-89EB-92AFD28D3C5E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)

Task: {57CA693C-0644-4F21-803F-590111F171FB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)

Task: {5D909684-2E15-4AED-861E-64ACAB2291A9} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION

Task: {603DE783-32BD-4B26-9A03-843B8BEEF66D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {6105C577-5F1F-4DE8-B7E0-CAAFC2AE2D53} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {62226037-49EA-4F15-BD46-055A8C4CEFEF} - System32\Tasks\{5CF1A5EC-E8FB-46DC-AF13-46A36D4E06D3} => C:\Windows\system32\pcalua.exe -a "D:\WINDOWS98SE DRIVER\DVR-II-WIN98SE.exe" -d "D:\WINDOWS98SE DRIVER"

Task: {64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION

Task: {693EECFE-FDEF-4B9D-8D3D-F537BDD19CAD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {6CE95874-5564-43CF-9820-505D1E423F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {6D2FC01A-339E-44E3-9234-31AE4A25E306} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: {715210BF-A3FA-4DAC-AF73-3F77018D7841} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {79BDD76B-CEE9-41AF-B45E-E3AA9547925A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

Task: {7A36E012-83A2-4223-A701-3A250A8E1303} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {820955A2-369A-4C52-8802-9E06663FA6DB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {86AF2008-CEFC-470F-9937-6A67E3F44F25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

Task: {8B44BC34-944A-4347-8795-C91A11692584} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {9106FCBE-A2F0-42B6-B986-D4B517690072} - System32\Tasks\{FD66D8F8-32E8-420E-88E5-002001BFA10F} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)

Task: {9216821C-D9F9-45F6-84F5-34850A0E857B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {94305511-925A-4DAB-B955-45AA039436E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION

Task: {9768D244-BA85-4C1C-B84C-D652F6DD9B53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Task: {98FFE96D-42E9-4338-81B2-41C0022C30D7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {9D8FF85C-5513-4470-A02F-17A6BE9AD81D} - System32\Tasks\{EAF53645-5F3A-4C57-8D60-F5459680B13E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Task: {A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION

Task: {ABA92A36-5183-4FCA-B599-596C62996E38} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe (Trend Micro, Inc. -> Trend Micro Inc.)

Task: {B6F66695-B2B4-49F2-9F1F-90AA9E5D2C37} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {B925A23E-C23B-4410-9CC7-62DDA2328A71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {C3EC2A0E-316D-44C0-A521-2F8E07C5968B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {C746A1CA-3E4A-4E5D-B785-25B5EE4201A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {CBD42AC2-BCC1-4880-8093-EEF56B8DC974} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

Task: {CE00280D-094F-4EA8-9D4C-650BF0AA0833} - System32\Tasks\{3DEB3272-AF80-4D10-818E-08FA1A7487AB} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)

Task: {D9DBB3C6-6B05-421D-B0AE-315BEF684F6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {DADC4484-5651-4FED-9A35-7A402314A789} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {DCCCB5AD-6765-4806-978C-3460B8AE5C4D} - System32\Tasks\{3EB4F00D-600F-494E-A7DE-95D98FDF7046} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)

Task: {DDA0A80A-DA61-440C-BF6F-C57EF9920C73} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {DDA500E9-304D-4B79-9F69-2122B6802DB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {E24D1B5B-C6BA-46AF-B666-8E95FD61DFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)

Task: {E436FBA1-6ED8-4719-A358-7A2BF7AE665C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

Task: {E6E1C586-06F2-42E2-8F86-150F8048DFA9} - System32\Tasks\{528748A9-8911-4C8F-B738-FD6E89F1B65E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)

Task: {EABA37E2-BC91-43AB-B656-D2369AFD74A8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {EDD2BCE5-C325-4836-BDAB-8596B14D7955} - System32\Tasks\{6DB3ACA1-3D08-4FC3-9C37-20128910E4E5} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)

Task: {F7304BF7-80DC-4921-BD9E-75937AA31793} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)

Task: {FC603551-7705-4E12-90F3-C9706031CF5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\linda\Desktop\Linda - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) ==============

2015-08-13 07:57 - 2015-06-29 05:49 - 003117568 _____ (Trend Micro Inc.) [File not signed] C:\Program Files\Trend Micro\TMIDS\CorridorService.dll

2011-04-27 11:23 - 2010-01-21 17:11 - 000045056 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe

2017-04-04 19:48 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll

2017-04-04 19:48 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll

2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe

2011-04-27 11:23 - 2010-04-28 17:56 - 000921600 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtWlan.exe

2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe

2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

2018-05-22 20:54 - 2009-02-27 16:38 - 000225280 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe

2014-06-16 00:42 - 2014-06-16 00:42 - 000121312 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prtransp.ppl

2014-06-16 00:40 - 2014-06-16 00:40 - 000383456 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl

2015-01-03 13:53 - 2015-01-03 13:53 - 001662976 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.6e86633e63e607038cfa66d3f88c5d60

2015-01-03 13:53 - 2015-01-03 13:53 - 000273920 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.4d87815dc55a0ea5f712a61bb640573a

2015-01-03 13:53 - 2015-01-03 13:53 - 000458752 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.6f421f0667a2208fb2f4dc2a03912f82

2015-01-03 13:53 - 2015-01-03 13:53 - 000369152 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.855e976d16841a9bbaa528a886998eee

2015-01-03 13:53 - 2015-01-03 13:53 - 000187904 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.ba76be53c8245ddbd0e2864e74f8f638

2018-05-22 20:54 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll

2018-05-22 20:55 - 2017-12-22 12:53 - 000180224 _____ () [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll

2018-05-22 20:55 - 2017-12-22 12:53 - 000122880 _____ ( ) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll

2018-05-22 20:55 - 2017-12-22 12:53 - 000025299 _____ () [File not signed] C:\Program Files (x86)\Browny02\brlm03a.dll

2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll

2011-04-27 15:06 - 2011-02-01 15:53 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll

2011-04-27 15:06 - 2011-02-01 15:57 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll

2018-12-14 14:11 - 2019-02-06 12:48 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll

2019-02-06 12:48 - 2019-02-06 12:48 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

2011-04-27 11:23 - 2009-12-10 00:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\EnumDevLib.dll

2011-04-27 11:23 - 2009-01-21 14:33 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\IpLib.dll

2011-04-27 11:23 - 2010-02-22 18:22 - 000430080 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlLib.dll

2011-04-27 11:23 - 2010-01-27 14:09 - 000036864 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlICS.dll

2011-04-27 11:23 - 2010-02-02 18:08 - 000233472 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlIhvOid.dll

2011-04-27 11:23 - 2006-07-05 09:45 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\LIBEAY32.dll

2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll

2018-05-22 20:55 - 2017-11-07 19:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll

2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll

2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll

2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll

2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7946 more sites.

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0411dd.com -> 0411dd.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0511zfhl.com -> 0511zfhl.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0632qyw.com -> 0632qyw.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12764 more sites.

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0411dd.com -> 0411dd.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0511zfhl.com -> 0511zfhl.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0632qyw.com -> 0632qyw.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\1-2005-search.com -> www.1-2005-search.com

There are 12764 more sites.

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123simsen.com -> www.123simsen.com

There are 7946 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2019-03-10 23:37 - 000454382 ____R C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1

Back to top

#5 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 12 March 2019 - 12:21 PM

Hi,

Please attach the FRST.TXT and ADDITION.TXT logs.

The logs are too long and are truncated.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#6 housema

Advanced Member

Full Member
137 posts

Posted 12 March 2019 - 03:46 PM

HI

I re-scanned the the files, I accidentally deleted them. They are very long. Sorry, little rusty, haven't posted for a while. When you say attach do you mean copy and paste them or attach them as a file. I will be leaving for a few days will be back next week. If I don't answer will reply then. Thank you.

Back to top

#7 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 13 March 2019 - 06:40 AM

Hi,

Attaching the file is a 2 steps process.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Run the Farbar program one more time.
Make sure the box to create a fresh Addition.txt log is checked.
Do this for for files the FRST.TXT and ADDITIONL.TXT.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#8 housema

Advanced Member

Full Member
137 posts

Posted 18 March 2019 - 11:09 AM

Hello nasdaq

I tried attaching the file but it gives me an error saying file too big to upload for both files. I also tried the advanced uploader

Back to top

#9 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 19 March 2019 - 05:33 AM

Attach one file only in your next reply.

If that works the attach the other file in a other post.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#10 housema

Advanced Member

Full Member
137 posts

Posted 19 March 2019 - 08:05 AM

Good morning nasdaq

I tried attaching one file and still getting same error. "This file was too big to upoad.

Back to top

#11 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 19 March 2019 - 12:17 PM

Break the .txt logs into 2 or 3 pages.

Make sure you send everything.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#12 housema

Advanced Member

Full Member
137 posts

Posted 19 March 2019 - 10:37 PM

Hi

It will not allow me to load both pages in the same post. I will send them to you separately.

I tried sending you page 2 of Addition.txt in a separate post but apparently it will only allow me to send a file totaling 53.86kb. Meaning I only have 2.36kb file left to post. Addition.txt file is approximately 80kb and FRST.tx file is approximately 116kb. Would you like me to zip the files? Please advise. Thank you

Attached Files

Addition.txt 51.5KB 3 downloads

Edited by housema, 19 March 2019 - 10:57 PM.

Back to top

#13 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 21 March 2019 - 06:04 AM

Yes do that zip the files.

If that fails the I only need to see the FRST.TXt log as the Addition.txt is good.

The information I need from that file is all the items reported in the sections listed below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019 02
Ran by shabba (administrator) on SHABBA-PC (23-01-2016 15:05:42)
Running from C:\Users\shabba\Desktop
Loaded Profiles: shabba & DefaultAppPool (Available Profiles: shabba & Guest & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

==================== Registry (Whitelisted) ===========================

==================== Internet (Whitelisted) ====================

==================== Services (Whitelisted) ========================

===================== Drivers (Whitelisted) ==========================

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#14 housema

Advanced Member

Full Member
137 posts

Posted 21 March 2019 - 08:33 PM

Still cannot send you the zip file, same error occurs. It will not allow me to attach the file. I will copy/paste on the post.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019

Ran by linda (administrator) on LINDA-PC (20-03-2019 00:14:15)

Running from C:\Users\linda\Downloads

Loaded Profiles: linda (Available Profiles: linda & DefaultAppPool)

Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe

(Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Kaspersky Lab -> Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe

(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe

(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\10011\8.0.2070\8.0.2070\TmsaInstance64.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtWLan.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Well Known Media Ltd -> ) C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe

(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1902.633.0_x64__8wekyb3d8bbwe\Time.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2047216 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [245840 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1246200 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]

HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-05-10] (Microsoft Windows Hardware Compatibility Publisher -> )

HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)

HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab -> Kaspersky Lab ZAO)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] (Well Known Media Ltd -> )

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]

HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)

HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2018-08-06]

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-08-30]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation -> Microsoft Corporation)

BootExecute: autocheck autochk * sdnclean64.exe

GroupPolicy: Restriction - Chrome <==== ATTENTION

GroupPolicy\User: Restriction ? <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{6de5cecf-6c0e-45fd-b79f-13413a023ff9}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{c393a88d-d0ed-43c0-9f33-c49f4715c39b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {7797F01D-60FE-FEAB-DBB6-B4B57792FCE2} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF

BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-11-14] (Microsoft Corporation -> Microsoft Corporation)

BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-12-11] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)

BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File

Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)

Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)

Toolbar: HKLM-x32 - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: HKLM-x32 {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=1643671464

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - No File

Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

FireFox:

========

FF DefaultProfile: bxz8gbn7.default

FF ProfilePath: C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default [2019-03-19]

FF Extension: (Adblock Latitude) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-11] [Legacy] [not signed]

FF Extension: (Flashblock) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2018-01-03] [Legacy]

FF HKLM\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi

FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2018-11-07]

FF HKLM-x32\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )

FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-12] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-03] (Visan Industries -> RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\linda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-01-04] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-03-01] (TD Ameritrade -> TD Ameritrade)

FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-03-01] (TD Ameritrade -> TD Ameritrade)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}

CHR DefaultSearchKeyword: Default -> bing.com

CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default [2019-03-20]

CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]

CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]

CHR Extension: (Honey) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-02-15]

CHR Extension: (Google Search) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]

CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24]

CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-28]

CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]

CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2019-03-12]

CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhdchlgkaelnphlklcdddpigfiblbhb [2018-10-24]

CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11]

CHR Extension: (CouponCabin Sidekick - Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcihjlbjjghnbohanlafcldoddloecfo [2019-03-12]

CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]

CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]

CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-04]

CHR Extension: (Slides) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28]

CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28]

CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28]

CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28]

CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-28]

CHR Extension: (Sheets) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28]

CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-28]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-28]

CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-28]

CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]

CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-28]

CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-28]

CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-04]

CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [376016 2018-07-23] (Trend Micro, Inc. -> Trend Micro Inc.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab -> Kaspersky Lab ZAO)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1127416 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)

R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333856 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)

R2 RealtekPCIE; C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-10] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-10] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

R3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [317440 2010-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-03-12] (Malwarebytes Corporation -> Malwarebytes)

R0 mv61xx; C:\WINDOWS\System32\drivers\mv61xx.sys [179752 2010-10-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)

S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek Semiconductor Corp -> Realtek )

R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [620032 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [147712 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)

R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [464136 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)

R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-04] (Trend Micro, Inc. -> Trend Micro Inc.)

R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.)

S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [38408 2018-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)

R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [148736 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)

R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.)

R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [149816 2019-02-20] (Trend Micro, Inc. -> Trend Micro Inc.)

R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137360 2018-03-28] (Trend Micro, Inc. -> Trend Micro Inc.)

U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-03-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-03-10] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-10] (Microsoft Windows -> Microsoft Corporation)

S3 ALSysIO; \??\C:\Users\linda\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION

U3 idsvc; no ImagePath

U2 TMAgent; no ImagePath

Back to top

#15 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 22 March 2019 - 07:05 AM

Hi,

I make is that Trend Micro is your Security program.
I sugges you remove all traces of Kaspersky from this computer.
Download and run their uninstaller tool from this site.
https://support.kaspersky.com/1464

Restart the computer when the removal is completed.
-----

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\linda\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U2 TMAgent; no ImagePath

ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {0BD4355B-D024-44B0-9EC1-8FE52D58B907} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0F515DB6-10CF-48F4-8061-D74E8269CE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {10B641E1-E538-43D3-846C-F16FC2BA6E4C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3B98D082-45AF-43B0-B854-689F72685AEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4BB5E24D-BFC1-434E-B574-6310BE2D724E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51D3404C-F355-443A-9EF9-895C942346FE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5D909684-2E15-4AED-861E-64ACAB2291A9} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {6CE95874-5564-43CF-9820-505D1E423F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D2FC01A-339E-44E3-9234-31AE4A25E306} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {715210BF-A3FA-4DAC-AF73-3F77018D7841} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7A36E012-83A2-4223-A701-3A250A8E1303} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {86AF2008-CEFC-470F-9937-6A67E3F44F25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9216821C-D9F9-45F6-84F5-34850A0E857B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94305511-925A-4DAB-B955-45AA039436E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {C3EC2A0E-316D-44C0-A521-2F8E07C5968B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D9DBB3C6-6B05-421D-B0AE-315BEF684F6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DDA500E9-304D-4B79-9F69-2122B6802DB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

Reboot:

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Let me know what issues you are now having with this computer.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#16 housema

Advanced Member

Full Member
137 posts

Posted 22 March 2019 - 10:13 AM

Hi,

Update, my monitor is up and running, I needed to update the display driver directly form Intel. No sound though, the monitor does not have any speakers built in, need to add speakers. I would still like a tune-up on my computer, should I follow your last post instructions?

Yes, Trendmicro is my security program.

Back to top

#17 nasdaq

Forum Deity

Global Moderator
49,258 posts

Posted 23 March 2019 - 06:19 AM

Yes and post the Fixlog.txt for my review.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#18 housema

Advanced Member

Full Member
137 posts

Posted 23 March 2019 - 12:38 PM

Here is my log

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019

Ran by linda (23-03-2019 14:25:31) Run:1

Running from C:\Users\linda\Downloads

Loaded Profiles: linda (Available Profiles: linda & DefaultAppPool)

Boot Mode: Normal

==============================================

fixlist content:

*****************

start

CreateRestorePoint:

EmptyTemp:

CloseProcesses:

(Microsoft Corporation -> � 2015 Microsoft Corporation) C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe

HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> � 2015 Microsoft Corporation)