Jump to content


Photo

unable to boot Windows 10 with HDMI cable


  • This topic is locked This topic is locked
20 replies to this topic

#1 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 11 March 2019 - 12:10 AM

Hello,

It's been a while since I posted.   My monitor died and bought a new monitor that has a Display Port and HDMI port only.  My old monitor was hooked up by VDI port. I currently  have a TV connected to my computer via VGA.   My tower has both the HDMI and display port connection.  When I plug in the HDMI cable the computer does not load windows, but it does boot up in Safe Mode. Windows comes up but it does not go past the window picture and screen stays black.  The Intel Graphic driver has been updated.  I disabled Intel Graphic driver and then enabled it.  It did not work  I cannot figure out why I can't use my new monitor.  I also updated the bios today.  Please advise.  Thank you.

 

 

 

EDIT: Please post log directly into topic (unless specifically asked to attach) so that helpers can see them without first having to download them.  While the risk is small, it does increase the risk if helpers need to download files posted by people seeking help.  We provide ample room to post in the topic.

Attached Files


Edited by Budfred, 11 March 2019 - 09:25 AM.


#2 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 11 March 2019 - 09:52 AM

I apologize, here are my scans
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 3/10/19
Scan Time: 10:52 PM
Log File: ae0f877a-43a8-11e9-b1a7-f46d0490ac87.json
 
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9626
License: Trial
 
-System Information-
OS: Windows 10 (Build 17134.407)
CPU: x64
File System: NTFS
User: LINDA-PC\linda
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 358336
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 11 min, 15 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 16281.15 MB
Available physical RAM: 11598.29 MB
Total Virtual: 32665.15 MB
Available Virtual: 28137.73 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.07 GB) (Free:759.87 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
\\?\Volume{2bd2c32a-0000-0000-0000-b0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
 
==================== End of Addition.txt ============================
 
 
LastRegBack: 2018-06-22 08:41
 
==================== End of FRST.txt ============================
 
Result of Security Analysis by Rocket Grannie (x86) Updated: 16th, december 2018
Running from:C:\Users\linda\Desktop (00:58:21 - 03/11/2019)
***---------------------------------------------------------***
Microsoft Windows 10 Pro X64
UAC is Enabled
Internet Explorer 11
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Disabled - up to Date)
Malwarebytes (Enabled - up to Date)
Trend Micro Maximum Security (Enabled - up to Date)
Spybot - Search and Destroy (Enabled - up to Date)
Malwarebytes (Enabled - up to Date)
Trend Micro Maximum Security (Enabled - up to Date)
Windows Defender (Disabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (32.0.0.142)
Adobe Acrobat Reader DC (19.010.20098)
CCleaner (5.54)
Google Chrome (72.0.3626.121)
Malwarebytes (3.6.1.2711)
Microsoft Silverlight (5.1.50918.0)
Pale Moon (28.4.0)
Spybot - Search & Destroy (2.7.64.0)
SpywareBlaster (5.5.0)
Windows Live Essentials (16.4.3528.0331) ==> is no longer supported
 
***----------------Analysis Complete-------------------------***
 
 
I  ran the first FRST64.exe, and RGSA.exe before I cleaned up my comp with  a few programs, like Spybot, CCleaner, CleanUp and Spywareblster and the FRST.txt and Addition.txt log files were extremely large.   I then ran your tools the second time and the file logs were very short.  Would you like to see the first run logs.
 

Edited by housema, 11 March 2019 - 09:53 AM.


#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 12 March 2019 - 05:31 AM

Hi housema

The FRST and Addition logs posted are not complete.

Open them with Notepad and see what I mean.

I need the complete logs.

Please attach them one more time and make sure the complete logs were copied.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 12 March 2019 - 06:39 AM

Good Morning Nasdaq

 

Thank you for getting back to me.  Here are my logs

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2019
Ran by linda (12-03-2019 08:13:07)
Running from C:\Users\linda\Desktop\spyware forum 2nd run
Windows 10 Pro Version 1803 17134.590 (X64) (2018-06-22 13:33:21)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3023927834-737669077-2965008529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3023927834-737669077-2965008529-503 - Limited - Disabled)
Guest (S-1-5-21-3023927834-737669077-2965008529-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3023927834-737669077-2965008529-1004 - Limited - Enabled)
linda (S-1-5-21-3023927834-737669077-2965008529-1001 - Administrator - Enabled) => C:\Users\linda
WDAGUtilityAccount (S-1-5-21-3023927834-737669077-2965008529-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Trend Micro Maximum Security (Enabled - Up to date) {90387C74-1C56-9484-893C-8ADCB2906C3D}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Trend Micro Maximum Security (Enabled - Up to date) {2B599D90-3A6C-9B0A-B38C-B1AEC9172680}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{EF7AC07F-8DC8-4446-918B-3FD544496894}) (Version: 2.0.10.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0BAF6C40-0B74-4331-8EAA-06ECF6445182}) (Version: 3.0.0.10 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{80e3f154-59fa-491e-911b-98caf1c71120}) (Version: 3.0.0.10 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 0.0.20.0 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{76627C3B-4CE9-498A-B587-02063E190005}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{00B68BA3-39B0-47CF-850C-BD92253C3D1A}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{BECAE854-AD40-4351-87F8-998C34EFE54A}) (Version: 1.0.13.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{85B3C0BD-7326-4860-9471-A5D97A1F7D59}) (Version: 1.0.19.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 68.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FlashPeak SlimBrowser (HKLM-x32\...\SlimBrowser) (Version: 8.00.005 - FlashPeak Inc.)
FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 9.0.7.0 - FlashPeak Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
iMyFone D-Back 6.2.1.0 (HKLM-x32\...\{071B9303-5881-4BC6-B9E9-2E2D22C015C1}_is1) (Version: 6.2.1.0 - Shenzhen iMyFone Technology Co., Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Marketsplash Shortcuts (HKLM-x32\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
marvell 61xx (HKLM-x32\...\mv61xxDriver) (Version: 1.2.0.7600 - Marvell)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Play System (Patching) (HKLM-x32\...\Network Play System (Patching)) (Version:  - )
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Pale Moon 28.4.0 (x64 en-US) (HKLM\...\Pale Moon 28.4.0 (x64 en-US)) (Version: 28.4.0 - Moonchild Productions)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{DE8708D3-A79A-46ED-BCB4-3B2F01321704}) (Version: 1.7.5.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 3.5.0.0 - iMobie Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{4FC4433D-E687-43D5-B8A8-88D40F5AD8B4}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{B14AD0FC-6ED6-4596-B379-24DC590855AC}) (Version: 3.9.3.1 - Brother Industries Ltd.) Hidden
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trend Micro DirectPass (HKLM\...\{F059D68A-2911-4ea7-BA2B-3FBF2DD9D1CB}) (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 15.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.)
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0 - Trend Micro Inc.)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VCRT for DirectPass x64 (HKLM\...\{92124FFB-5113-4D64-A6BA-7D6D362A6265}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x64 (HKLM\...\{E9EC941D-16E5-46FD-AB44-928ED7839CCC}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{44334193-827E-47B4-AB2A-E49F2A102E21}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{FD45B178-B1C1-4D2A-B8C8-CD7B4F687F1C}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2014-06-20 12:16]
CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2014-06-20 12:16]
ShellIconOverlayIdentifiers: [    FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09826FCA-27AD-40EC-B470-BF3DF47D2F5C} - System32\Tasks\{D111D56E-978F-4528-80E6-391E3CFCF292} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)
Task: {0BD4355B-D024-44B0-9EC1-8FE52D58B907} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0C07BA5C-DB39-41E0-A81D-6271B929BC5A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {0F515DB6-10CF-48F4-8061-D74E8269CE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {10B641E1-E538-43D3-846C-F16FC2BA6E4C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {14631472-94AF-4ED1-A33A-4D53BE3EB4AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1523CC87-0A89-45B6-A8CC-567241482AD4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Microsoft Corporation -> Microsoft)
Task: {183CB342-62BD-49B3-A5AD-810E49119615} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2478EB6A-EEFE-43B9-9F76-96FA72452C83} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Apple Inc. -> Apple Inc.)
Task: {2A23ACFF-6AFE-4723-8633-9D5496E7E223} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {2AAD68AE-4C5F-4A5E-BB9F-4A05556892EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {2AFFC901-C791-485C-89B2-1FD13769EF65} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2CB09070-C0E0-44E7-84F5-3A64A7EC1084} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2D0237AF-C194-4C27-9DBB-FE4A9761A6A1} - System32\Tasks\{52FF0B8C-85A6-48C0-9003-9F5AFFB0DAAE} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {2E778071-E964-4067-9D6F-149D43D44D92} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2F8C5FD4-2952-46B5-B74D-5BDB5236F2D4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FD8CE17-A146-4C46-B9B6-6D551F553487} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3476A4CA-411F-4430-99D5-7ABDF48E220A} - System32\Tasks\{29C4A4D8-97E6-4483-8162-01139FF87B2E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {353385C4-040C-4A3F-A3CA-9D8A10F52FFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3B98D082-45AF-43B0-B854-689F72685AEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4533D54D-E7E5-42AC-89AA-2A0C4A2D9075} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {470BD81B-4067-44D5-80AB-22D3F0650CEC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {482BEDFB-E470-4D49-A6D4-855A5650E8B4} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {482BEDFB-E470-4D49-A6D4-855A5650E8B4} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {4BB5E24D-BFC1-434E-B574-6310BE2D724E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51D3404C-F355-443A-9EF9-895C942346FE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {55042098-EF5F-4233-9299-9CBE379DD5BC} - System32\Tasks\{991F1586-B70A-4D22-89EB-92AFD28D3C5E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {57CA693C-0644-4F21-803F-590111F171FB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {5D909684-2E15-4AED-861E-64ACAB2291A9} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {603DE783-32BD-4B26-9A03-843B8BEEF66D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6105C577-5F1F-4DE8-B7E0-CAAFC2AE2D53} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62226037-49EA-4F15-BD46-055A8C4CEFEF} - System32\Tasks\{5CF1A5EC-E8FB-46DC-AF13-46A36D4E06D3} => C:\Windows\system32\pcalua.exe -a "D:\WINDOWS98SE DRIVER\DVR-II-WIN98SE.exe" -d "D:\WINDOWS98SE DRIVER"
Task: {64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {693EECFE-FDEF-4B9D-8D3D-F537BDD19CAD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6CE95874-5564-43CF-9820-505D1E423F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D2FC01A-339E-44E3-9234-31AE4A25E306} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {715210BF-A3FA-4DAC-AF73-3F77018D7841} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {79BDD76B-CEE9-41AF-B45E-E3AA9547925A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7A36E012-83A2-4223-A701-3A250A8E1303} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {820955A2-369A-4C52-8802-9E06663FA6DB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {86AF2008-CEFC-470F-9937-6A67E3F44F25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {8B44BC34-944A-4347-8795-C91A11692584} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {9106FCBE-A2F0-42B6-B986-D4B517690072} - System32\Tasks\{FD66D8F8-32E8-420E-88E5-002001BFA10F} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)
Task: {9216821C-D9F9-45F6-84F5-34850A0E857B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94305511-925A-4DAB-B955-45AA039436E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {9768D244-BA85-4C1C-B84C-D652F6DD9B53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {98FFE96D-42E9-4338-81B2-41C0022C30D7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D8FF85C-5513-4470-A02F-17A6BE9AD81D} - System32\Tasks\{EAF53645-5F3A-4C57-8D60-F5459680B13E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {ABA92A36-5183-4FCA-B599-596C62996E38} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {B6F66695-B2B4-49F2-9F1F-90AA9E5D2C37} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B925A23E-C23B-4410-9CC7-62DDA2328A71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C3EC2A0E-316D-44C0-A521-2F8E07C5968B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C746A1CA-3E4A-4E5D-B785-25B5EE4201A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CBD42AC2-BCC1-4880-8093-EEF56B8DC974} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {CE00280D-094F-4EA8-9D4C-650BF0AA0833} - System32\Tasks\{3DEB3272-AF80-4D10-818E-08FA1A7487AB} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)
Task: {D9DBB3C6-6B05-421D-B0AE-315BEF684F6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DADC4484-5651-4FED-9A35-7A402314A789} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCCCB5AD-6765-4806-978C-3460B8AE5C4D} - System32\Tasks\{3EB4F00D-600F-494E-A7DE-95D98FDF7046} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)
Task: {DDA0A80A-DA61-440C-BF6F-C57EF9920C73} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DDA500E9-304D-4B79-9F69-2122B6802DB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E24D1B5B-C6BA-46AF-B666-8E95FD61DFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {E436FBA1-6ED8-4719-A358-7A2BF7AE665C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6E1C586-06F2-42E2-8F86-150F8048DFA9} - System32\Tasks\{528748A9-8911-4C8F-B738-FD6E89F1B65E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {EABA37E2-BC91-43AB-B656-D2369AFD74A8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EDD2BCE5-C325-4836-BDAB-8596B14D7955} - System32\Tasks\{6DB3ACA1-3D08-4FC3-9C37-20128910E4E5} => C:\Program Files (x86)\SlimBrowser\sbframe.exe (FlashPeak Inc. -> FlashPeak Inc.)
Task: {F7304BF7-80DC-4921-BD9E-75937AA31793} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FC603551-7705-4E12-90F3-C9706031CF5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\linda\Desktop\Linda - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-13 07:57 - 2015-06-29 05:49 - 003117568 _____ (Trend Micro Inc.) [File not signed] C:\Program Files\Trend Micro\TMIDS\CorridorService.dll
2011-04-27 11:23 - 2010-01-21 17:11 - 000045056 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe
2017-04-04 19:48 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2017-04-04 19:48 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2011-04-27 11:23 - 2010-04-28 17:56 - 000921600 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtWlan.exe
2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2018-05-22 20:54 - 2009-02-27 16:38 - 000225280 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
2014-06-16 00:42 - 2014-06-16 00:42 - 000121312 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prtransp.ppl
2014-06-16 00:40 - 2014-06-16 00:40 - 000383456 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl
2015-01-03 13:53 - 2015-01-03 13:53 - 001662976 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.6e86633e63e607038cfa66d3f88c5d60
2015-01-03 13:53 - 2015-01-03 13:53 - 000273920 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.4d87815dc55a0ea5f712a61bb640573a
2015-01-03 13:53 - 2015-01-03 13:53 - 000458752 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.6f421f0667a2208fb2f4dc2a03912f82
2015-01-03 13:53 - 2015-01-03 13:53 - 000369152 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.855e976d16841a9bbaa528a886998eee
2015-01-03 13:53 - 2015-01-03 13:53 - 000187904 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.ba76be53c8245ddbd0e2864e74f8f638
2018-05-22 20:54 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-05-22 20:55 - 2017-12-22 12:53 - 000180224 _____ () [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-05-22 20:55 - 2017-12-22 12:53 - 000122880 _____ ( ) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll
2018-05-22 20:55 - 2017-12-22 12:53 - 000025299 _____ () [File not signed] C:\Program Files (x86)\Browny02\brlm03a.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2011-04-27 15:06 - 2011-02-01 15:53 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2011-04-27 15:06 - 2011-02-01 15:57 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-12-14 14:11 - 2019-02-06 12:48 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-06 12:48 - 2019-02-06 12:48 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2011-04-27 11:23 - 2009-12-10 00:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\EnumDevLib.dll
2011-04-27 11:23 - 2009-01-21 14:33 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\IpLib.dll
2011-04-27 11:23 - 2010-02-22 18:22 - 000430080 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlLib.dll
2011-04-27 11:23 - 2010-01-27 14:09 - 000036864 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlICS.dll
2011-04-27 11:23 - 2010-02-02 18:08 - 000233472 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlIhvOid.dll
2011-04-27 11:23 - 2006-07-05 09:45 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\LIBEAY32.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-05-22 20:55 - 2017-11-07 19:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7946 more sites.
 
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12764 more sites.
 
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065306680\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12764 more sites.
 
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03122019065311738\...\123simsen.com -> www.123simsen.com
 
There are 7946 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2019-03-10 23:37 - 000454382 ____R C:\WINDOWS\system32\drivers\etc\hosts
 
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1

#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 12 March 2019 - 12:21 PM

Hi,

Please attach the FRST.TXT and ADDITION.TXT logs.

The logs are too long and are truncated.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 12 March 2019 - 03:46 PM

HI 

I re-scanned the the files, I accidentally deleted them.  They are very long.  Sorry, little rusty, haven't posted for a while.  When you say attach do you mean copy and paste them or attach them as a file. I will be leaving for a few days will be back next week.   If I don't answer will reply then.  Thank you.



#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 13 March 2019 - 06:40 AM

Hi,

Attaching the file is a 2 steps process.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Run the Farbar program one more time.
Make sure the box to create a fresh Addition.txt log is checked.
Do this for for files the FRST.TXT and ADDITIONL.TXT.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 18 March 2019 - 11:09 AM

Hello nasdaq

 

I tried attaching the file but it gives me an error saying file too big to upload for both files. I also tried the advanced uploader 

 

 



#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 19 March 2019 - 05:33 AM

Attach one file only in your next reply.

If that works the attach the other file in a other post.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 19 March 2019 - 08:05 AM

Good morning nasdaq

 

I tried attaching one file and still getting same error.  "This file was too big to upoad. 



#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 19 March 2019 - 12:17 PM

Break the .txt logs into 2 or 3 pages.

Make sure you send everything.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 19 March 2019 - 10:37 PM

Hi

It will not allow me to load both pages in the same post.  I will send them to you separately.

 

 

 

 

I tried sending you page 2 of Addition.txt in a separate post but apparently it will only allow me to send a file totaling 53.86kb. Meaning I only have 2.36kb file left to post.   Addition.txt file is approximately 80kb and FRST.tx file is approximately 116kb.  Would you like me to zip the files?  Please advise. Thank you

Attached Files


Edited by housema, 19 March 2019 - 10:57 PM.


#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 21 March 2019 - 06:04 AM

Yes do that zip the files.

If that fails the I only need to see the FRST.TXt log as the Addition.txt is good.

The information I need from that file is all the items reported in the sections listed below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019 02
Ran by shabba (administrator) on SHABBA-PC (23-01-2016 15:05:42)
Running from C:\Users\shabba\Desktop
Loaded Profiles: shabba & DefaultAppPool (Available Profiles: shabba & Guest & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

==================== Registry (Whitelisted) ===========================

==================== Internet (Whitelisted) ====================

==================== Services (Whitelisted) ========================

===================== Drivers (Whitelisted) ==========================

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 21 March 2019 - 08:33 PM

Still cannot send you the zip file, same error occurs.  It will not allow me to attach the file.  I will copy/paste on the post.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by linda (administrator) on LINDA-PC (20-03-2019 00:14:15)
Running from C:\Users\linda\Downloads
Loaded Profiles: linda (Available Profiles: linda & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Kaspersky Lab -> Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\10011\8.0.2070\8.0.2070\TmsaInstance64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtWLan.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Well Known Media Ltd -> ) C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1902.633.0_x64__8wekyb3d8bbwe\Time.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2047216 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [245840 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1246200 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-05-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab -> Kaspersky Lab ZAO)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] (Well Known Media Ltd -> )
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2018-08-06]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-08-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6de5cecf-6c0e-45fd-b79f-13413a023ff9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c393a88d-d0ed-43c0-9f33-c49f4715c39b}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {7797F01D-60FE-FEAB-DBB6-B4B57792FCE2} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-12-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} 
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=1643671464
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
 
FireFox:
========
FF DefaultProfile: bxz8gbn7.default
FF ProfilePath: C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default [2019-03-19]
FF Extension: (Adblock Latitude) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-11] [Legacy] [not signed]
FF Extension: (Flashblock) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2018-01-03] [Legacy]
FF HKLM\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2018-11-07]
FF HKLM-x32\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-03] (Visan Industries -> RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\linda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-01-04] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-03-01] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-03-01] (TD Ameritrade -> TD Ameritrade)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default [2019-03-20]
CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Honey) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-02-15]
CHR Extension: (Google Search) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-28]
CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2019-03-12]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhdchlgkaelnphlklcdddpigfiblbhb [2018-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11]
CHR Extension: (CouponCabin Sidekick - Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcihjlbjjghnbohanlafcldoddloecfo [2019-03-12]
CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-04]
CHR Extension: (Slides) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28]
CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28]
CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28]
CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28]
CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-28]
CHR Extension: (Sheets) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28]
CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-28]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]
CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-28]
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-04]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [376016 2018-07-23] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-03-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab -> Kaspersky Lab ZAO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1127416 2018-07-30] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333856 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 RealtekPCIE; C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [317440 2010-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-03-12] (Malwarebytes Corporation -> Malwarebytes)
R0 mv61xx; C:\WINDOWS\System32\drivers\mv61xx.sys [179752 2010-10-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek Semiconductor Corp -> Realtek )
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [620032 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 tmactmon; C:\WINDOWS\system32\DRIVERS\tmactmon.sys [147712 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)
R0 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [464136 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [72504 2016-01-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [38408 2018-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmevtmgr; C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys [148736 2018-09-28] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [149816 2019-02-20] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137360 2018-03-28] (Trend Micro, Inc. -> Trend Micro Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-03-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\linda\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U2 TMAgent; no ImagePath
 


#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 22 March 2019 - 07:05 AM

Hi,

I make is that Trend Micro is your Security program.
I sugges you remove all traces of Kaspersky from this computer.
Download and run their uninstaller tool from this site.
https://support.kaspersky.com/1464

Restart the computer when the removal is completed.
-----

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\linda\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U2 TMAgent; no ImagePath

ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {0BD4355B-D024-44B0-9EC1-8FE52D58B907} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0F515DB6-10CF-48F4-8061-D74E8269CE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {10B641E1-E538-43D3-846C-F16FC2BA6E4C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3B98D082-45AF-43B0-B854-689F72685AEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4BB5E24D-BFC1-434E-B574-6310BE2D724E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51D3404C-F355-443A-9EF9-895C942346FE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5D909684-2E15-4AED-861E-64ACAB2291A9} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {6CE95874-5564-43CF-9820-505D1E423F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D2FC01A-339E-44E3-9234-31AE4A25E306} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {715210BF-A3FA-4DAC-AF73-3F77018D7841} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7A36E012-83A2-4223-A701-3A250A8E1303} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {86AF2008-CEFC-470F-9937-6A67E3F44F25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9216821C-D9F9-45F6-84F5-34850A0E857B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94305511-925A-4DAB-B955-45AA039436E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {C3EC2A0E-316D-44C0-A521-2F8E07C5968B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D9DBB3C6-6B05-421D-B0AE-315BEF684F6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DDA500E9-304D-4B79-9F69-2122B6802DB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Let me know what issues you are now having with this computer.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#16 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 22 March 2019 - 10:13 AM

Hi,

Update, my monitor is up and running, I needed to update the display driver directly form Intel.  No sound though, the monitor does not have any speakers built in, need to add speakers.    I would still like a tune-up on my computer, should I follow your last post instructions?

 

Yes, Trendmicro is my security program. 



#17 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 23 March 2019 - 06:19 AM

Yes and post the Fixlog.txt for my review.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#18 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 23 March 2019 - 12:38 PM

Here is my log

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by linda (23-03-2019 14:25:31) Run:1
Running from C:\Users\linda\Downloads
Loaded Profiles: linda (Available Profiles: linda & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
(Microsoft Corporation -> � 2015 Microsoft Corporation) C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [BingSvc] => C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> � 2015 Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
BHO-x32: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> No File
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} -  No File
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\linda\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 idsvc; no ImagePath
U2 TMAgent; no ImagePath
 
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {0BD4355B-D024-44B0-9EC1-8FE52D58B907} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0F515DB6-10CF-48F4-8061-D74E8269CE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {10B641E1-E538-43D3-846C-F16FC2BA6E4C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3B98D082-45AF-43B0-B854-689F72685AEB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4BB5E24D-BFC1-434E-B574-6310BE2D724E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {51D3404C-F355-443A-9EF9-895C942346FE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5D909684-2E15-4AED-861E-64ACAB2291A9} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> No File <==== ATTENTION
Task: {64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {6CE95874-5564-43CF-9820-505D1E423F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D2FC01A-339E-44E3-9234-31AE4A25E306} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {715210BF-A3FA-4DAC-AF73-3F77018D7841} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7A36E012-83A2-4223-A701-3A250A8E1303} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {86AF2008-CEFC-470F-9937-6A67E3F44F25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {9216821C-D9F9-45F6-84F5-34850A0E857B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94305511-925A-4DAB-B955-45AA039436E2} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {C3EC2A0E-316D-44C0-A521-2F8E07C5968B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D9DBB3C6-6B05-421D-B0AE-315BEF684F6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DDA500E9-304D-4B79-9F69-2122B6802DB5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
 
Reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\linda\AppData\Local\Microsoft\BingSvc\BingSvc.exe => No running process found
"HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} => removed successfully
HKLM\Software\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\tmbp => removed successfully
HKLM\Software\Classes\CLSID\{1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} => not found
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2018-10-24] => Error: No automatic fix found for this entry.
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-01-11] => Error: No automatic fix found for this entry.
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\olmajmomenlhgihenlbjcfbopoghpckg => removed successfully
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\idkknaphebegndgimgdpfnconcickdfn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\olmajmomenlhgihenlbjcfbopoghpckg => removed successfully
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\TMAgent => removed successfully
TMAgent => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BD4355B-D024-44B0-9EC1-8FE52D58B907}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BD4355B-D024-44B0-9EC1-8FE52D58B907}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F515DB6-10CF-48F4-8061-D74E8269CE8B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F515DB6-10CF-48F4-8061-D74E8269CE8B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10B641E1-E538-43D3-846C-F16FC2BA6E4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10B641E1-E538-43D3-846C-F16FC2BA6E4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B98D082-45AF-43B0-B854-689F72685AEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B98D082-45AF-43B0-B854-689F72685AEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BB5E24D-BFC1-434E-B574-6310BE2D724E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BB5E24D-BFC1-434E-B574-6310BE2D724E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51D3404C-F355-443A-9EF9-895C942346FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51D3404C-F355-443A-9EF9-895C942346FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D909684-2E15-4AED-861E-64ACAB2291A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D909684-2E15-4AED-861E-64ACAB2291A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64A2318F-3BAA-4F0C-A3F3-D34B0C52F68C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CE95874-5564-43CF-9820-505D1E423F21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CE95874-5564-43CF-9820-505D1E423F21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D2FC01A-339E-44E3-9234-31AE4A25E306}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D2FC01A-339E-44E3-9234-31AE4A25E306}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{715210BF-A3FA-4DAC-AF73-3F77018D7841}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{715210BF-A3FA-4DAC-AF73-3F77018D7841}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A36E012-83A2-4223-A701-3A250A8E1303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A36E012-83A2-4223-A701-3A250A8E1303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86AF2008-CEFC-470F-9937-6A67E3F44F25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86AF2008-CEFC-470F-9937-6A67E3F44F25}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9216821C-D9F9-45F6-84F5-34850A0E857B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9216821C-D9F9-45F6-84F5-34850A0E857B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94305511-925A-4DAB-B955-45AA039436E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94305511-925A-4DAB-B955-45AA039436E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A31E7CD1-89B0-45DE-B45F-B3B5D5D9E453}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3EC2A0E-316D-44C0-A521-2F8E07C5968B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3EC2A0E-316D-44C0-A521-2F8E07C5968B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9DBB3C6-6B05-421D-B0AE-315BEF684F6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9DBB3C6-6B05-421D-B0AE-315BEF684F6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDA500E9-304D-4B79-9F69-2122B6802DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDA500E9-304D-4B79-9F69-2122B6802DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 233461771 B
Java, Flash, Steam htmlcache => 1231 B
Windows/system/drivers => 1059657 B
Edge => 644 B
Chrome => 821482316 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 439461592 B
NetworkService => 0 B
linda => 7947164 B
DefaultAppPool => 33058 B
 
RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 14:28:42 ====


#19 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 24 March 2019 - 06:29 AM

Looking good.

Stay safe.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#20 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 137 posts

Posted 24 March 2019 - 07:11 AM

Thank you for all your help!!!!



#21 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,258 posts

Posted 25 March 2019 - 06:25 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button