Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Tune Up help

Started by dbarie33 , Aug 29 2019 05:21 PM

Tune Up

Please log in to reply

12 replies to this topic

#1 dbarie33

Member

Full Member
20 posts

Posted 29 August 2019 - 05:21 PM

Please help when you get a chance. I have a Toshiba Satellite that might be on its last leg but I would like to give it another shot. The problems might be hardware related but hopefully it is software.

Computer restarts occasionally if bumped. The blue screen comes up saying that Windows needs to be restarted...

A few pop ups occur during startup that I would like to get red of.

One says SVPWUTIL.exe - Bad Image

C:\windows\WinSxS\x86....is either not designed to run on Windows or it contains an error.

Another says TosNcCore.ext - Bad Image

C:\Program Files\Toshiba\BulletonBoard\TosNcUi.dll. Same issue

Free editor tries to open an app and has trouble doing so. Can this be cleared?

I also believe that Mcaffee and Windows defender run occasionally too at the same time as Malwarebytes. Can they be removed?

Hopefully this gives you enough info. My logs follow.

Thank you very much in advance!!!!

------------------------------------------

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/28/19
Scan Time: 9:15 PM
Log File: d678180e-ca02-11e9-a33b-705ab6c5c6f8.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.12227
License: Premium

-System Information-
OS: Windows 10 (Build 10586.164)
CPU: x64
File System: NTFS
User: Toshiba-PC\Toshiba

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 352678
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 41 min, 1 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2019
Ran by Toshiba (administrator) on TOSHIBA-PC (TOSHIBA Satellite A665) (29-08-2019 18:00:04)
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba (Available Profiles: Toshiba & DefaultAppPool)
Platform: Windows 10 Home Version 1511 10586.164 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\rUpdater\rUpdater_srv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Some Company) [File not signed] C:\Program Files\rUpdater\rUpdater_agent.exe
(SuperAdBlocker.com -> SUPERAntiSpyware.com) [File not signed] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [IntelWireless] => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [rUpdater2] => C:\Program Files\rUpdater\rUpdater_agent.exe [2410496 2015-04-25] (Some Company) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION) [File not signed]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-08-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-29] (DivX, LLC) [File not signed]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] (DivX, LLC -> )
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-07-13] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-07-06] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-07-06] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [265656 2015-06-14] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc -> Google Inc.)
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\Run: [f.lux] => C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\RunOnce: [Uninstall C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-06-14] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk [2017-03-13]
ShortcutTarget: utilman.lnk -> C:\Users\Toshiba\AppData\Local\utilman.exe (No File)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0357A71F-7404-40A1-8966-B0EBA1EE3589} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {094155C3-CA9E-46D0-8863-CC4D1826F723} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0FF0C803-1597-42C0-A968-4D96CD8A0723} - no filepath
Task: {12799B7B-F499-4D4C-8C28-DBF0108AED55} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1387932E-F71F-43C1-B5F5-1E38CAB31CC7} - System32\Tasks\win4036e0 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win4036e0.dat <==== ATTENTION
Task: {14BE424B-8D7F-44B4-A43A-CCE7CE4D85A3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D735869-C7FA-4A08-9AFA-A9ED0ECB20BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1DA261FC-27F5-430C-A545-0B9749CC64EE} - System32\Tasks\Toshiba Local Autobackup 5 4 => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [39936 2015-10-30] (Microsoft Windows -> Microsoft Corporation)
Task: {330AFF8A-79BC-4DCB-9830-A374B07CA104} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {331318C0-2871-432D-A918-70E039C429B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {35C72346-FA34-4550-BA74-EECB08D1189D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {379B48F2-FEB5-4C6B-82C2-F9549E1BD42C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {37A6383F-F58E-4F07-A620-F7DF7002BA24} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A839EE0-7022-4182-881C-CEA8C8D0C1A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3B6B10C4-3084-45FE-933A-F62963AD6F18} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {440A8B69-FE0C-44CF-92A8-ACCCCB5813D2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4B54970B-2346-4AA2-B915-053D590FCC83} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [1662552 2018-05-22] (McAfee, Inc. -> McAfee, Inc.)
Task: {4DBF6269-C4A9-4AA2-9B1B-CF2D8488344A} - System32\Tasks\{59FFAE28-6469-4C3D-B026-04D6F6AE49E5} => C:\windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {515E6CD2-1442-4EAC-9408-D0F15878348D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {55721D81-46C3-4865-8C7B-CBA3EE3A36A8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5971908B-257B-4010-9021-32B8E254BE4E} - System32\Tasks\Toshiba => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812256 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {5A7C360C-C58E-4A16-A95D-1471F182F44E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5A988F08-04BA-47F7-83B4-D6FE29D6F805} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60AAA4E8-B8F7-4AFF-8414-44763E5E4EBA} - System32\Tasks\Toshiba DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {682B6728-0EFD-496A-8C06-90CAC07671BE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {691896F1-CFB1-4868-9F13-A972C9B54613} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {706E113C-E504-4777-98E7-8C48B12CFA0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [143659408 2016-03-10] (Microsoft Windows -> Microsoft Corporation)
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [39936 2015-10-30] (Microsoft Windows -> Microsoft Corporation)
Task: {73B57B1C-B8C2-441D-9E7F-4FC723DF7EB6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {75DC0802-50A5-4896-A091-CB2E79CC9614} - no filepath
Task: {7E8F15B4-32EC-4329-8E8B-7341BF6DDA4A} - no filepath
Task: {82B5DE0B-2C9C-4CC6-9365-6602C223BFA3} - System32\Tasks\Toshiba Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812256 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {83D1C178-979A-4BE5-8194-BD7333FF2BEC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {88C285A5-C34A-4578-9879-5D167A39E1B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8938434C-B1AE-4778-8738-F573F6504197} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [143659408 2016-03-10] (Microsoft Windows -> Microsoft Corporation)
Task: {8D9BBFBB-A29A-491A-A69A-0934C87438C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8F4608B4-B913-40A0-97CA-9779D71E1A4D} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {91C699FD-E979-4E67-9D0E-E99ADF0E68A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {942CCB8E-7EFF-41E7-953D-777051370BA8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {99834018-531B-448C-A1D5-452513CAD828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B55AE89-4514-4473-91BA-79DE47BDAC57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {9E3BCBB2-3130-40DB-9863-670A1DC2FCC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {A560D430-AF99-4369-B4D3-0D30C5145BEF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5A2B8C7-46A7-4B7D-BE48-BFC516810EC4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6D62008-06DA-4630-A728-5A84EEF8395C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ABED962C-BB15-436C-A11F-00A51A70A9EC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE6772F1-1B27-41AB-A8E0-9B955B2AEE67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B17F7F8A-AAFE-4F5A-9974-3ED7AB7550C6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B39B5B34-1D06-49F0-AA98-9B53957C7247} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B89617F4-D574-417F-8259-C8F72DFAF273} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CA9356D4-A0E0-4981-9E22-7B51E9DA205C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D2CF2DCD-B067-4247-AF98-D16061028282} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DC170B09-5A79-4FFA-B8C8-B30BC38F4502} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E30E2944-43F5-4DCE-AAD6-56077E9F5144} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E4CB7D47-A609-4CC8-9B17-014E8B1219CC} - System32\Tasks\win403700 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win403700.dat <==== ATTENTION
Task: {E6FC1A2F-B6AF-4830-ABF6-EFBA95D18E29} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E855F70D-C157-4CDB-AB4C-83D8EF030D59} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1912608 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {E9C74AC3-61B6-4189-A6CA-FAF3FADA037B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EB422714-A60C-4CC3-ACA2-5A86E4FCE48E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F14A439B-F2B8-4818-A935-7302DB866B42} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F1F11881-19C4-4039-8B14-818419E0C33E} - no filepath
Task: {F622B2AD-4483-416C-900E-BA71002A1CBB} - no filepath
Task: {F8F10416-C040-49CC-8D29-C9CD793AC985} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FBD5DE8E-A89E-4826-82CF-F8295E104F73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fdc844f0-aba4-4a39-a3db-4a202c94e71d}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {FB1DA9E1-F9BE-4092-AAE0-568CE0669C47} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {FB1DA9E1-F9BE-4092-AAE0-568CE0669C47} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {4FE5E16C-8F2D-496E-AEA3-DBDAADE18D63} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {4FE5E16C-8F2D-496E-AEA3-DBDAADE18D63} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {CC1B4EFE-3FD5-4245-88F4-A623CE00D3D3} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20120901&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {F988B9EE-CBF8-4322-9D91-7962670B14DB} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-04] (McAfee, LLC -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07] (DivX, LLC -> DivX, LLC)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-07-13] (Wondershare software CO., LIMITED -> Wondershare)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc -> Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-04] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (TOSHIBA CORPORATION -> <TOSHIBA>)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} hxxp://cashwise.lifepics.com/net/Uploader/LPUploader57.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF DefaultProfile: tc2tjp8k.default-1457150045371
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371 [2019-08-29]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371\searchplugins\McSiteAdvisor.xml [2016-03-20]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 <video>) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-08-13] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-13] (Adobe Systems Incorporated -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-07-29] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-02-07] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll [2012-05-22] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/?mkt=en-US&pc=__PARAM__
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default [2019-08-21]
CHR Extension: (Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Rescroller) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2016-08-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (AdBlock) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-25]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-21]
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-08]
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\System Profile [2016-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-11] (SuperAdBlocker.com -> SUPERAntiSpyware.com) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-07-27] (Macrovision Europe Ltd.) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2011-09-19] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [900288 2019-07-04] (McAfee, LLC -> McAfee, Inc.)
R2 rUpdater; C:\Program Files\rUpdater\rUpdater_srv.exe [98304 2015-04-25] () [File not signed]
S2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
S2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2015-10-30] (Microsoft Windows -> Windows ® Win 7 DDK provider)
S3 emAudio; C:\WINDOWS\system32\drivers\emAudio64.sys [79872 2008-04-03] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-29] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-29] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Microsoft Windows -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-08-07] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [654720 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [943872 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [36760 2009-12-17] (Wireless Display -> Intel Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Public\Desktop\ABPTS Orientation Materials "
Error(1) reading file: "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABPTS Orientation Materials "
2019-08-29 18:00 - 2019-08-29 18:02 - 000048076 _____ C:\Users\Toshiba\Downloads\FRST.txt
2019-08-29 17:59 - 2019-08-29 17:59 - 000000000 ____D C:\Users\Toshiba\Downloads\FRST-OlderVersion
2019-08-28 22:32 - 2019-08-28 22:32 - 000001230 _____ C:\Users\Toshiba\Desktop\Aug2019.txt
2019-08-28 21:00 - 2019-08-28 21:00 - 000262004 _____ C:\WINDOWS\Minidump\082819-189906-01.dmp
2019-08-28 20:46 - 2019-08-29 17:59 - 001613824 _____ (Farbar) C:\Users\Toshiba\Downloads\FRST64.exe
2019-08-25 20:51 - 2019-08-25 20:51 - 000312898 _____ C:\Users\Toshiba\Desktop\12,0,1,2,2,1,1,0,0,0,4,6,6,0.04,0.1,0.1,-2,0,0,0.pdf
2019-08-21 17:55 - 2019-08-21 17:55 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{0328F38D-80F5-467D-9419-8BB0E5CC63EC}
2019-08-20 19:33 - 2019-08-20 20:33 - 357660952 _____ C:\Users\Toshiba\Desktop\My 2019 vid.wmv
2019-08-20 19:22 - 2019-08-20 19:22 - 000159132 _____ C:\WINDOWS\Minidump\082019-26203-01.dmp
2019-08-20 19:07 - 2019-08-20 19:07 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{A3F5A3F4-15AC-4ACE-8D3C-8DC5156059AF}
2019-08-20 18:33 - 2019-08-20 18:34 - 000248956 _____ C:\WINDOWS\Minidump\082019-39140-01.dmp
2019-08-19 22:32 - 2019-08-19 22:32 - 000000000 _____ C:\WINDOWS\Minidump\081919-29562-01.dmp
2019-08-18 16:40 - 2019-08-18 16:40 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{F2129919-4AC0-426E-9EA0-238D6EC51EBF}
2019-08-18 14:50 - 2019-08-18 20:48 - 000000000 ____D C:\Users\Toshiba\Desktop\2019 songs
2019-08-18 14:40 - 2019-08-18 14:40 - 000261948 _____ C:\WINDOWS\Minidump\081819-28000-01.dmp
2019-08-16 16:49 - 2019-08-16 16:50 - 000262020 _____ C:\WINDOWS\Minidump\081619-27734-01.dmp
2019-08-14 21:55 - 2019-08-16 16:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-14 07:12 - 2019-08-14 07:12 - 000191956 _____ C:\WINDOWS\Minidump\081419-30171-01.dmp
2019-08-07 22:47 - 2019-08-07 22:48 - 000157876 _____ C:\WINDOWS\Minidump\080719-26765-01.dmp
2019-08-06 13:43 - 2019-08-06 13:43 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{69B4C442-8C79-43BA-88ED-70FB543682C7}
2019-08-05 13:59 - 2019-08-05 13:59 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{360559C8-437E-440A-BDE0-FE8BE644FFEE}
2019-08-04 22:21 - 2019-08-04 22:21 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{66847BC0-C835-43B7-8545-93B4AC0C0FFF}
2019-08-04 10:20 - 2019-08-04 10:20 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{34E6E439-2CA0-49E8-AE8C-A9623762DDD9}
2019-08-03 20:29 - 2019-08-03 20:29 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{D93E8714-73E2-403A-988D-610785723945}
2019-08-03 11:06 - 2019-08-20 19:32 - 000219113 _____ C:\Users\Toshiba\Desktop\My 2019.wlmp
2019-08-03 09:18 - 2019-08-03 10:36 - 423696988 _____ C:\Users\Toshiba\Desktop\2019.wmv
2019-08-02 16:42 - 2019-08-03 08:01 - 000000000 ____D C:\Users\Toshiba\AppData\Local\{8727C09E-C22C-4008-B8BE-9B01D20D4000}
2019-07-31 19:57 - 2019-07-31 19:58 - 000210060 _____ C:\WINDOWS\Minidump\073119-31203-01.dmp
2019-07-30 18:39 - 2019-07-30 18:40 - 000262004 _____ C:\WINDOWS\Minidump\073019-35687-01.dmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-29 18:01 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-29 18:00 - 2014-12-23 20:59 - 000000000 ____D C:\FRST
2019-08-29 17:56 - 2016-11-16 21:48 - 000000000 ____D C:\Users\Toshiba\AppData\LocalLow\Mozilla
2019-08-29 17:52 - 2019-07-20 09:15 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-29 17:52 - 2019-07-20 09:14 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-29 17:51 - 2015-11-26 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-29 17:11 - 2015-10-30 02:24 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-28 21:00 - 2016-01-20 20:46 - 000000000 ____D C:\WINDOWS\Minidump
2019-08-28 20:31 - 2015-11-26 10:49 - 001009692 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-28 20:31 - 2015-10-30 02:21 - 000000000 ____D C:\WINDOWS\INF
2019-08-27 10:52 - 2016-11-27 01:20 - 000000000 ____D C:\Users\Toshiba\AppData\Local\ClassicShell
2019-08-27 10:32 - 2015-11-26 10:50 - 000000000 ____D C:\Users\Toshiba
2019-08-21 18:08 - 2018-07-14 18:16 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Anvsoft
2019-08-20 14:12 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-17 20:44 - 2013-01-19 23:50 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-16 16:49 - 2012-05-03 09:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-16 16:36 - 2011-09-17 23:25 - 000001161 ___HT C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-13 20:07 - 2019-07-21 21:19 - 000000000 ____D C:\Users\Toshiba\Desktop\extra phone
2019-08-02 23:26 - 2018-07-15 14:14 - 000001975 _____ C:\Users\Toshiba\Desktop\AVStoDVD.lnk
2019-08-02 23:26 - 2010-07-28 22:30 - 000001890 _____ C:\Users\Toshiba\Desktop\Photoshop - Shortcut.lnk
2019-08-02 23:26 - 2010-07-22 17:58 - 000000910 _____ C:\Users\Toshiba\Desktop\Downloads.lnk
2019-08-02 21:23 - 2018-08-30 20:41 - 000000000 ____D C:\Users\Toshiba\Desktop\Aug2018
2019-08-02 21:17 - 2018-08-30 20:44 - 000000000 ____D C:\Users\Toshiba\Desktop\Oregon and Grace's 9th
2019-08-02 17:57 - 2018-09-03 09:16 - 000000000 ____D C:\Users\Toshiba\Desktop\New media
2019-08-02 17:13 - 2018-11-02 21:26 - 000000000 ____D C:\Users\Toshiba\Desktop\Sept Nov 2018
2019-08-02 17:09 - 2018-11-04 21:53 - 000000000 ____D C:\Users\Toshiba\Desktop\Sept Nov 2018 more

==================== Files in the root of some directories ================

2017-04-27 13:01 - 2017-04-27 13:01 - 007649280 _____ () C:\Program Files (x86)\GUTDB3A.tmp
2016-07-09 11:31 - 2016-07-09 11:31 - 000000132 _____ () C:\Users\Toshiba\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-05-04 21:29 - 2015-05-04 21:29 - 000000024 _____ () C:\Users\Toshiba\AppData\Roaming\splitterdirectorys.txt
2011-07-12 17:15 - 2013-07-08 11:21 - 000000650 _____ () C:\Users\Toshiba\AppData\Roaming\wklnhst.dat
2011-10-07 15:39 - 2011-10-07 15:39 - 000000291 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\25BF.tmp
2011-10-07 16:48 - 2011-10-07 17:03 - 000000291 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\83AF.tmp
2011-10-07 16:21 - 2011-10-07 16:21 - 000000291 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\8D8F.tmp
2011-10-07 15:37 - 2011-10-07 15:38 - 000000291 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\8F89.tmp
2011-10-07 17:21 - 2011-10-07 17:21 - 000000291 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\A89D.tmp
2013-01-19 23:20 - 2013-01-19 23:20 - 000003584 _____ () C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-11-25 08:09 - 2010-11-25 08:09 - 000000000 ____H () C:\Users\Toshiba\AppData\Local\Kfikaniqeribe.bin
2011-06-27 09:42 - 2011-06-27 13:34 - 000011710 ___SH () C:\Users\Toshiba\AppData\Local\q2vxq1410ue0yy561reex8730pt3874ljk4fk521f
2010-11-25 08:09 - 2010-11-25 19:01 - 000000120 ____H () C:\Users\Toshiba\AppData\Local\Slovusexuyo.dat
2011-07-15 15:10 - 2011-07-15 15:10 - 000001594 ___SH () C:\Users\Toshiba\AppData\Local\vvgo2823x2r50oejm
2016-09-09 16:28 - 2016-09-09 16:28 - 000000000 _____ () C:\Users\Toshiba\AppData\Local\{F864FB53-C70A-49C8-81B6-AA6FCF284C38}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2016-03-12 21:03
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2019
Ran by Toshiba (29-08-2019 18:03:49)
Running from C:\Users\Toshiba\Downloads
Windows 10 Home Version 1511 10586.164 (X64) (2015-11-26 16:28:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2844220627-2807872682-970000197-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2844220627-2807872682-970000197-503 - Limited - Disabled)
Guest (S-1-5-21-2844220627-2807872682-970000197-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2844220627-2807872682-970000197-1002 - Limited - Enabled)
Toshiba (S-1-5-21-2844220627-2807872682-970000197-1001 - Administrator - Enabled) => C:\Users\Toshiba

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_b741c3c52d3108664cedeb2b76f6d96) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Any DVD Converter Professional 6.2.4 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (HKLM-x32\...\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version: - ArcSoft)
AudioConverter (HKLM-x32\...\AudioConverter) (Version: - PerformerSoft LLC) <==== ATTENTION
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVStoDVD 2.8.7 (HKLM-x32\...\AVStoDVD) (Version: 2.8.7 - MrC)
Bonjour (HKLM\...\{CA0D2F09-F811-48D4-843E-C87696C6A9D9}) (Version: 3.0.0.2 - Apple Inc.)
Canon CanoScan LiDE 110 User Registration (HKLM-x32\...\Canon CanoScan LiDE 110 User Registration) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon PowerShot SX280 HS and SX270 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX280HSandSX270HS) (Version: 1.0.0.1 - Canon Inc.)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
CardRecoveryPro 2.6.5 (HKLM-x32\...\{D9E1CADA-D103-47AE-B3F8-0C0CD0E5856E}_is1) (Version: 2.6.5 - LionSea Software co., ltd)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Versi

#2 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 30 August 2019 - 07:07 AM

Hello, Welcome to SpywareInfoForum.

I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.

VideoConverter (HKLM-x32\...\VideoConverter) (Version: - PerformerSoft LLC) <==== ATTENTION

Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)

Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.

Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.

start::
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk [2017-03-13]
ShortcutTarget: utilman.lnk -> C:\Users\Toshiba\AppData\Local\utilman.exe (No File)
Task: {0FF0C803-1597-42C0-A968-4D96CD8A0723} - no filepath
Task: {1387932E-F71F-43C1-B5F5-1E38CAB31CC7} - System32\Tasks\win4036e0 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win4036e0.dat <==== ATTENTION
Task: {E4CB7D47-A609-4CC8-9B17-014E8B1219CC} - System32\Tasks\win403700 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win403700.dat <==== ATTENTION
Task: {1D735869-C7FA-4A08-9AFA-A9ED0ECB20BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {330AFF8A-79BC-4DCB-9830-A374B07CA104} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {331318C0-2871-432D-A918-70E039C429B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {515E6CD2-1442-4EAC-9408-D0F15878348D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {75DC0802-50A5-4896-A091-CB2E79CC9614} - no filepath
Task: {7E8F15B4-32EC-4329-8E8B-7341BF6DDA4A} - no filepath
Task: {83D1C178-979A-4BE5-8194-BD7333FF2BEC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {88C285A5-C34A-4578-9879-5D167A39E1B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8D9BBFBB-A29A-491A-A69A-0934C87438C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AE6772F1-1B27-41AB-A8E0-9B955B2AEE67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B39B5B34-1D06-49F0-AA98-9B53957C7247} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B89617F4-D574-417F-8259-C8F72DFAF273} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CA9356D4-A0E0-4981-9E22-7B51E9DA205C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F1F11881-19C4-4039-8B14-818419E0C33E} - no filepath
Task: {F622B2AD-4483-416C-900E-BA71002A1CBB} - no filepath
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {CC1B4EFE-3FD5-4245-88F4-A623CE00D3D3} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20120901&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {F988B9EE-CBF8-4322-9D91-7962670B14DB} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
 
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{F820A5CD-9FF5-4D46-B56C-108A52EDC908}] => (Allow) C:\Users\Toshiba\AppData\Local\Temp\nskD8D0.tmp\CnetInstaller-76115949.exe No File
FirewallRules: [{1B42C992-CC64-4184-8AFD-A9AD4A721A37}] => (Allow) C:\Users\Toshiba\AppData\Local\Temp\nskD8D0.tmp\CnetInstaller-76115949.exe No File
FirewallRules: [{50AD63C8-B7C6-4E50-9BE6-414A5C06D1F9}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{7AC3336A-B917-4C60-B370-363826DB0471}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{281661F8-0C56-4DA7-B2C3-CD058D16B50A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C15C1633-606F-4711-8CB9-DD69A92B7979}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C7737ADC-C79E-4718-BB24-85A6C01EFBC6}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe No File
FirewallRules: [{C98FAA3F-9295-4193-99FD-4B53421EFAC5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{4998A07A-4C85-44C5-B1EE-661A22A010D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{228ED914-B1A2-4403-8CD7-1FC2507A089A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{4C93807A-5791-477F-8B8F-49F3F6EF26FC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{27563D42-55E4-4B7B-B465-EB0E4E625D57}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{35151739-D7F5-4751-B759-BA9330CCEC41}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
 
C:\Program Files\TrueKey
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
Reboot:
 
End::

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.

The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Let me know of any remaining issues with this computer.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 dbarie33

Member

Full Member
20 posts

Posted 30 August 2019 - 11:34 AM

Thank you for the help. I believe that I was able to do everything that you asked.

Here is the fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-08-2019
Ran by Toshiba (30-08-2019 12:29:05) Run:1
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba & (Available Profiles: Toshiba & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk [2017-03-13]
ShortcutTarget: utilman.lnk -> C:\Users\Toshiba\AppData\Local\utilman.exe (No File)
Task: {0FF0C803-1597-42C0-A968-4D96CD8A0723} - no filepath
Task: {1387932E-F71F-43C1-B5F5-1E38CAB31CC7} - System32\Tasks\win4036e0 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win4036e0.dat <==== ATTENTION
Task: {E4CB7D47-A609-4CC8-9B17-014E8B1219CC} - System32\Tasks\win403700 => \.\globalroot\Device\HarddiskVolume2\Users\Toshiba\AppData\Local\Temp\win403700.dat <==== ATTENTION
Task: {1D735869-C7FA-4A08-9AFA-A9ED0ECB20BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {330AFF8A-79BC-4DCB-9830-A374B07CA104} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {331318C0-2871-432D-A918-70E039C429B7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {515E6CD2-1442-4EAC-9408-D0F15878348D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {75DC0802-50A5-4896-A091-CB2E79CC9614} - no filepath
Task: {7E8F15B4-32EC-4329-8E8B-7341BF6DDA4A} - no filepath
Task: {83D1C178-979A-4BE5-8194-BD7333FF2BEC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {88C285A5-C34A-4578-9879-5D167A39E1B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8D9BBFBB-A29A-491A-A69A-0934C87438C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AE6772F1-1B27-41AB-A8E0-9B955B2AEE67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B39B5B34-1D06-49F0-AA98-9B53957C7247} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B89617F4-D574-417F-8259-C8F72DFAF273} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CA9356D4-A0E0-4981-9E22-7B51E9DA205C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F1F11881-19C4-4039-8B14-818419E0C33E} - no filepath
Task: {F622B2AD-4483-416C-900E-BA71002A1CBB} - no filepath
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U303DF&PC=U303&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {CC1B4EFE-3FD5-4245-88F4-A623CE00D3D3} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20120901&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> {F988B9EE-CBF8-4322-9D91-7962670B14DB} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll No File
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, Inc. -> McAfee, LLC.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc. -> McAfee, Inc.)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{F820A5CD-9FF5-4D46-B56C-108A52EDC908}] => (Allow) C:\Users\Toshiba\AppData\Local\Temp\nskD8D0.tmp\CnetInstaller-76115949.exe No File
FirewallRules: [{1B42C992-CC64-4184-8AFD-A9AD4A721A37}] => (Allow) C:\Users\Toshiba\AppData\Local\Temp\nskD8D0.tmp\CnetInstaller-76115949.exe No File
FirewallRules: [{50AD63C8-B7C6-4E50-9BE6-414A5C06D1F9}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{7AC3336A-B917-4C60-B370-363826DB0471}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{281661F8-0C56-4DA7-B2C3-CD058D16B50A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C15C1633-606F-4711-8CB9-DD69A92B7979}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C7737ADC-C79E-4718-BB24-85A6C01EFBC6}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe No File
FirewallRules: [{C98FAA3F-9295-4193-99FD-4B53421EFAC5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{4998A07A-4C85-44C5-B1EE-661A22A010D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{228ED914-B1A2-4403-8CD7-1FC2507A089A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{4C93807A-5791-477F-8B8F-49F3F6EF26FC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{27563D42-55E4-4B7B-B465-EB0E4E625D57}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{35151739-D7F5-4751-B759-BA9330CCEC41}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File

C:\Program Files\TrueKey
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk

CMD: netsh int ip reset
CMD: ipconfig /flushDNS

Reboot:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED} => removed successfully
HKLM\Software\Classes\CLSID\{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED} => removed successfully
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk => moved successfully
"C:\Users\Toshiba\AppData\Local\utilman.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FF0C803-1597-42C0-A968-4D96CD8A0723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FF0C803-1597-42C0-A968-4D96CD8A0723}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1387932E-F71F-43C1-B5F5-1E38CAB31CC7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1387932E-F71F-43C1-B5F5-1E38CAB31CC7}" => removed successfully
C:\WINDOWS\System32\Tasks\win4036e0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\win4036e0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4CB7D47-A609-4CC8-9B17-014E8B1219CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CB7D47-A609-4CC8-9B17-014E8B1219CC}" => removed successfully
C:\WINDOWS\System32\Tasks\win403700 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\win403700" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D735869-C7FA-4A08-9AFA-A9ED0ECB20BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D735869-C7FA-4A08-9AFA-A9ED0ECB20BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{330AFF8A-79BC-4DCB-9830-A374B07CA104}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{330AFF8A-79BC-4DCB-9830-A374B07CA104}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{331318C0-2871-432D-A918-70E039C429B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{331318C0-2871-432D-A918-70E039C429B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{515E6CD2-1442-4EAC-9408-D0F15878348D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{515E6CD2-1442-4EAC-9408-D0F15878348D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75DC0802-50A5-4896-A091-CB2E79CC9614}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75DC0802-50A5-4896-A091-CB2E79CC9614}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E8F15B4-32EC-4329-8E8B-7341BF6DDA4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E8F15B4-32EC-4329-8E8B-7341BF6DDA4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83D1C178-979A-4BE5-8194-BD7333FF2BEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83D1C178-979A-4BE5-8194-BD7333FF2BEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88C285A5-C34A-4578-9879-5D167A39E1B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88C285A5-C34A-4578-9879-5D167A39E1B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D9BBFBB-A29A-491A-A69A-0934C87438C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D9BBFBB-A29A-491A-A69A-0934C87438C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE6772F1-1B27-41AB-A8E0-9B955B2AEE67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE6772F1-1B27-41AB-A8E0-9B955B2AEE67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B39B5B34-1D06-49F0-AA98-9B53957C7247}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B39B5B34-1D06-49F0-AA98-9B53957C7247}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B89617F4-D574-417F-8259-C8F72DFAF273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B89617F4-D574-417F-8259-C8F72DFAF273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA9356D4-A0E0-4981-9E22-7B51E9DA205C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA9356D4-A0E0-4981-9E22-7B51E9DA205C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1F11881-19C4-4039-8B14-818419E0C33E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F11881-19C4-4039-8B14-818419E0C33E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F622B2AD-4483-416C-900E-BA71002A1CBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F622B2AD-4483-416C-900E-BA71002A1CBB}" => removed successfully
"HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC1B4EFE-3FD5-4245-88F4-A623CE00D3D3} => removed successfully
HKLM\Software\Classes\CLSID\{CC1B4EFE-3FD5-4245-88F4-A623CE00D3D3} => not found
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F988B9EE-CBF8-4322-9D91-7962670B14DB} => removed successfully
HKLM\Software\Classes\CLSID\{F988B9EE-CBF8-4322-9D91-7962670B14DB} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => path removed successfully
C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => path removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\SOFTWARE\Google\Chrome\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\System\CurrentControlSet\Services\TrueKey => removed successfully
TrueKey => service removed successfully
HKLM\System\CurrentControlSet\Services\TrueKeyScheduler => removed successfully
TrueKeyScheduler => service removed successfully
HKLM\System\CurrentControlSet\Services\TrueKeyServiceHelper => removed successfully
TrueKeyServiceHelper => service removed successfully
HKLM\System\CurrentControlSet\Services\InstallerService => removed successfully
InstallerService => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\wpcsvc => removed successfully
wpcsvc => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Classes\exefile => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F820A5CD-9FF5-4D46-B56C-108A52EDC908}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B42C992-CC64-4184-8AFD-A9AD4A721A37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50AD63C8-B7C6-4E50-9BE6-414A5C06D1F9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AC3336A-B917-4C60-B370-363826DB0471}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{281661F8-0C56-4DA7-B2C3-CD058D16B50A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C15C1633-606F-4711-8CB9-DD69A92B7979}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7737ADC-C79E-4718-BB24-85A6C01EFBC6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C98FAA3F-9295-4193-99FD-4B53421EFAC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4998A07A-4C85-44C5-B1EE-661A22A010D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{228ED914-B1A2-4403-8CD7-1FC2507A089A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C93807A-5791-477F-8B8F-49F3F6EF26FC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27563D42-55E4-4B7B-B465-EB0E4E625D57}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35151739-D7F5-4751-B759-BA9330CCEC41}" => removed successfully
C:\Program Files\TrueKey => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\utilman.lnk" => not found

========= netsh int ip reset =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= ipconfig /flushDNS =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40456662 B
Java, Flash, Steam htmlcache => 34242 B
Windows/system/drivers => 227519071 B
Edge => 29510 B
Chrome => 241868766 B
Firefox => 1105434252 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1504888 B
systemprofile32 => 128 B
LocalService => 1765050 B
NetworkService => 218834 B
Toshiba => 56464374444 B
DefaultAppPool => 16674 B

RecycleBin => 11945792729 B
EmptyTemp: => 65.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 12:36:31 ====

Also, I still have 2 pop ups when starting up. Not sure if you just haven't gotten to that part yet but I want to make sure it didn't get missed.

C:\\windows\winSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.5

0727.6195_none_cbf5e994470a1a8f\NFC80U.DLL is either not designed

to run on Windows or it contains an error. Try installing the program

again using the original installation media or contact your system

administrator or the software vendor for support. Error status

0xc0000020.

and

C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll. is either not

designed to run on Windows or it contains an error. Try installing the

program again using the original installation media or contact your

system administrator or the software vendor for support. Error status

0XC000020.

#4 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 31 August 2019 - 06:27 AM

Hi,

Error 0Xc0000020 and other critical errors can occur when your Windows operating system becomes corrupted.

Check the integrity of the operating system files.

How to run sfc /Scannow

http://support.microsoft.com/kb/929833

Read the instructions carefully before starting the repair process.

If you can print the page for your ease reference.

When completed refer to the Microsoft article again and follow the instructions to view details of the System File Checker process

Post the contents of the sfcdetails.txt file for my review.

Let me know if the problem persists.

<<<>>>

p.s.

If the Windows Updates is corrupted run this.

I suggest you to perform the Windows Update troubleshooter and try to update Windows 10.

Follow these steps to run Windows Update troubleshooter.

1.Press Windows key + S key and type troubleshooting.

2.Select Troubleshooting.

3.Select View all on the top left corner.

4.Run Windows update troubleshooter.

Keep me posted as to what problem persists.

#5 dbarie33

Member

Full Member
20 posts

Posted 31 August 2019 - 07:55 AM

sfcdetails.txt

Is blank after running scannow. I'm assuming this is a good thing?

Also, troubleshooter fixed the Window's update issues.

Anything else you recommend to clean up my laptop?

Thanks again,

#6 dbarie33

Member

Full Member
20 posts

Posted 31 August 2019 - 07:59 AM

Maybe I spoke too soon. It looks like my error messages still pop up during start up. Did I run scannow incorrectly?

#7 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 01 September 2019 - 06:19 AM

Hi,

Lets see what we can find in the Registry.

Run the Farbar program .exe as an Administrator.

In the Search text area, copy and paste the following:

TosNcUi.dll

Once done, click on the Search Registry button and wait for FRST to finish the search

On completion, a log will open in Notepad. Copy and paste its content in your next reply

====

#8 dbarie33

Member

Full Member
20 posts

Posted 02 September 2019 - 03:16 PM

Here are the results...I wasn't sure if I was supposed to search files before registry so I did both...

Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by Toshiba (02-09-2019 15:56:35)
Running from C:\Users\Toshiba\Downloads
Boot Mode: Normal

================== Search Files: "TosNcUi.dll" =============

C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
[2010-03-19 16:28][2017-10-14 13:11] 000000000 _____ () D41D8CD98F00B204E9800998ECF8427E [File not signed]

====== End of Search ======

================== Search Registry: "TosNcUi.dll" ===========

====== End of Search ======

#9 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 03 September 2019 - 06:49 AM

Hi,

Your version of TosNcUi.dll is NOT compromised by malware. It's clean.

Do you use the TOSHIBA BulletinBoard?

Read about it.

https://support.dyna...ntentId=4009335

If you do not use it disable this task/process

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

via the MSCONFIG/TASK MANAGER

If you do and have issues with it check for the latest version of Toshiba BulletinBoard.

#10 dbarie33

Member

Full Member
20 posts

Posted 04 September 2019 - 07:04 PM

I removed the toshiba bulletin board. Now this pop up happens at start up...

SVPWUTIL.exe - Bad Image

C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b9a1e18e3b_8.0.5

0727.6195_none_cbf5e994470a1a8f\MFC80U.DLL is either not designed

to run on windows or it contains an error. Try installing the program

again using the original installation media or contact your system

administrator or the software vendor for support. Error status

0xc0000020.

I also had blue screen crash were the computer had to restart.

Blue screen said "If you'd like to know more, you can search online later for this error:

KERNEL SECURITY CHECK FAILURE

Any suggestions with these?

Thanks

#11 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 05 September 2019 - 05:59 AM

Hi,

Lets check further.

Repair these services.

Boot with Safe Mode with Networking. Execute the following.

Please Download Tweaking.com - Windows Repair from Here

Install and then run the program

Execute the instructions on Step 1 Important

Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.

On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next

Click Repairs - Open Repairs in the bottom right corner

Uncheck the All repair button then select just the item(s) listed below

01 - Repair Registry Permissions
03 - Reset Service permissions
04 - Register System Files
05 - Repair WMI
10 - Remove Policies Set By Infections
16 - Repair Windows Updates
20 - Repair MSI (Windows Installer)
25 - Restore Important Windows Services
26 - Set Windows Service to Default Startup

Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)

Please copy and paste the Contents of this file on your next reply.

===

Restart the computer normally.

===

Also, please run the Farbar program and post fresh FRST.TXT and Addition.txt logs for my review.

How is the computer running now?

#12 dbarie33

Member

Full Member
20 posts

Posted 06 September 2019 - 06:48 PM

Tweaking app ran and lots of updates followed. There wasn't an automatic report after the reboot. During the reboot a blue screen error message came up...

Your PC ran into a problem and needs to restart. If you'd like to know more search for:

DRIVER OVERRAN STACK BUFFER.

After that Error messages that came up after reboot were...

Error 2 opening

"/RestartByRestartManager:4B4CCB22-2659-4fbf-9DDC-E84CO

245250B"

and

Classic Shell needs to configure itself for the new operating system.

and

This app has been blocked for your protection...ClassicStartMenu.exe

I also have a Windows Defender notification. Can that be turned off again?

Here are my FRST logs...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-09-2019
Ran by Toshiba (administrator) on TOSHIBA-PC (TOSHIBA Satellite A665) (06-09-2019 19:25:28)
Running from C:\Users\Toshiba\Downloads
Loaded Profiles: Toshiba (Available Profiles: Toshiba & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.984 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\rUpdater\rUpdater_srv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Some Company) [File not signed] C:\Program Files\rUpdater\rUpdater_agent.exe
(SuperAdBlocker.com -> SUPERAntiSpyware.com) [File not signed] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [rUpdater2] => C:\Program Files\rUpdater\rUpdater_agent.exe [2410496 2015-04-25] (Some Company) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2016-11-23] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION) [File not signed]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-08-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-29] (DivX, LLC) [File not signed]
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] (DivX, LLC -> )
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-07-13] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-07-06] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499640 2015-07-06] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [265656 2015-06-14] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc -> Google Inc.)
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\...\Run: [f.lux] => C:\Users\Toshiba\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-06-14] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-10-19] (TOSHIBA Corporation) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0357A71F-7404-40A1-8966-B0EBA1EE3589} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-30] (Adobe Inc. -> Adobe)
Task: {094155C3-CA9E-46D0-8863-CC4D1826F723} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12799B7B-F499-4D4C-8C28-DBF0108AED55} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14BE424B-8D7F-44B4-A43A-CCE7CE4D85A3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1DA261FC-27F5-430C-A545-0B9749CC64EE} - System32\Tasks\Toshiba Local Autobackup 5 4 => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: {2D9C64C0-359E-44BD-AF1F-54884907A137} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [218336 2017-05-02] (Tweaking LLC -> Tweaking.com)
Task: {35C72346-FA34-4550-BA74-EECB08D1189D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {379B48F2-FEB5-4C6B-82C2-F9549E1BD42C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {37A6383F-F58E-4F07-A620-F7DF7002BA24} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3A839EE0-7022-4182-881C-CEA8C8D0C1A9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3B6B10C4-3084-45FE-933A-F62963AD6F18} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {440A8B69-FE0C-44CF-92A8-ACCCCB5813D2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4B54970B-2346-4AA2-B915-053D590FCC83} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [1662552 2018-05-22] (McAfee, Inc. -> McAfee, Inc.)
Task: {4DBF6269-C4A9-4AA2-9B1B-CF2D8488344A} - System32\Tasks\{59FFAE28-6469-4C3D-B026-04D6F6AE49E5} => C:\windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {55721D81-46C3-4865-8C7B-CBA3EE3A36A8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5971908B-257B-4010-9021-32B8E254BE4E} - System32\Tasks\Toshiba => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812256 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {5A7C360C-C58E-4A16-A95D-1471F182F44E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5A988F08-04BA-47F7-83B4-D6FE29D6F805} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60AAA4E8-B8F7-4AFF-8414-44763E5E4EBA} - System32\Tasks\Toshiba DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {682B6728-0EFD-496A-8C06-90CAC07671BE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {691896F1-CFB1-4868-9F13-A972C9B54613} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {706E113C-E504-4777-98E7-8C48B12CFA0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [134272480 2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {73B57B1C-B8C2-441D-9E7F-4FC723DF7EB6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {82B5DE0B-2C9C-4CC6-9365-6602C223BFA3} - System32\Tasks\Toshiba Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812256 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {8F4608B4-B913-40A0-97CA-9779D71E1A4D} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {91C699FD-E979-4E67-9D0E-E99ADF0E68A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {942CCB8E-7EFF-41E7-953D-777051370BA8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {95235917-CB56-43DA-A08E-1D0ACA9AA539} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [393728 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {99834018-531B-448C-A1D5-452513CAD828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B55AE89-4514-4473-91BA-79DE47BDAC57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {9E3BCBB2-3130-40DB-9863-670A1DC2FCC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {A560D430-AF99-4369-B4D3-0D30C5145BEF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5A2B8C7-46A7-4B7D-BE48-BFC516810EC4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6D62008-06DA-4630-A728-5A84EEF8395C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ABED962C-BB15-436C-A11F-00A51A70A9EC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B17F7F8A-AAFE-4F5A-9974-3ED7AB7550C6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D2CF2DCD-B067-4247-AF98-D16061028282} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DC170B09-5A79-4FFA-B8C8-B30BC38F4502} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E30E2944-43F5-4DCE-AAD6-56077E9F5144} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E6FC1A2F-B6AF-4830-ABF6-EFBA95D18E29} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E855F70D-C157-4CDB-AB4C-83D8EF030D59} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1912608 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {E9C74AC3-61B6-4189-A6CA-FAF3FADA037B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EB422714-A60C-4CC3-ACA2-5A86E4FCE48E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F14A439B-F2B8-4818-A935-7302DB866B42} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-30] (Adobe Inc. -> Adobe)
Task: {F8F10416-C040-49CC-8D29-C9CD793AC985} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FBD5DE8E-A89E-4826-82CF-F8295E104F73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FBD5DE8E-A89E-4826-82CF-F8295E104F73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1187864 2018-03-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fdc844f0-aba4-4a39-a3db-4a202c94e71d}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2844220627-2807872682-970000197-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {FB1DA9E1-F9BE-4092-AAE0-568CE0669C47} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM -> {FB1DA9E1-F9BE-4092-AAE0-568CE0669C47} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> DefaultScope {4FE5E16C-8F2D-496E-AEA3-DBDAADE18D63} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
SearchScopes: HKLM-x32 -> {4FE5E16C-8F2D-496E-AEA3-DBDAADE18D63} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-04] (McAfee, LLC -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07] (DivX, LLC -> DivX, LLC)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-07-13] (Wondershare software CO., LIMITED -> Wondershare)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc -> Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-04] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (TOSHIBA CORPORATION -> <TOSHIBA>)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2844220627-2807872682-970000197-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} hxxp://cashwise.lifepics.com/net/Uploader/LPUploader57.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF DefaultProfile: tc2tjp8k.default-1457150045371
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371 [2019-09-06]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF SearchPlugin: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\tc2tjp8k.default-1457150045371\searchplugins\McSiteAdvisor.xml [2016-03-20]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 <video>) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-08-13] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-30] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-30] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-07-29] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-02-07] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll [2012-05-22] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/?mkt=en-US&pc=__PARAM__
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default [2019-09-05]
CHR Extension: (Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Rescroller) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod [2016-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (AdBlock) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-09-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-03-25]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-05]
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-30]
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-30]
CHR HKLM-x32\...\Chrome\Extension: [gihfmmedoddijgnhkgfgnkeohkpbipol] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-11] (SuperAdBlocker.com -> SUPERAntiSpyware.com) [File not signed]
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-07-27] (Macrovision Europe Ltd.) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2011-09-19] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [900288 2019-07-04] (McAfee, LLC -> McAfee, Inc.)
R2 rUpdater; C:\Program Files\rUpdater\rUpdater_srv.exe [98304 2015-04-25] () [File not signed]
S2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
S2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-06-28] (Seagate Technology LLC -> Seagate Technology LLC)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2016-11-23] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.5-0\NisSrv.exe [3630832 2019-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.5-0\MsMpEng.exe [103168 2019-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S4 sedsvc; "C:\Program Files\rempl\sedsvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 emAudio; C:\WINDOWS\system32\drivers\emAudio64.sys [79872 2008-04-03] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-05] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-09-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-09-06] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated -> Synaptics Incorporated)
S3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-08-07] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [654720 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [943872 2010-08-20] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [346336 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
R3 wdkmd; C:\WINDOWS\System32\drivers\WDKMD.sys [36760 2009-12-17] (Wireless Display -> Intel Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Public\Desktop\ABPTS Orientation Materials "
Error(1) reading file: "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABPTS Orientation Materials "
2019-09-06 19:18 - 2019-09-06 19:19 - 000000000 ____D C:\Program Files\UNP
2019-09-06 19:16 - 2019-09-06 19:16 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-06 19:16 - 2019-09-06 19:16 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-06 19:16 - 2019-09-06 19:16 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-06 19:16 - 2019-09-06 19:16 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-06 17:19 - 2019-02-13 00:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-09-06 09:15 - 2019-09-06 06:53 - 000000000 ____D C:\Windows.old
2019-09-06 07:12 - 2019-09-06 17:35 - 000000000 ____D C:\ProgramData\Packages
2019-09-06 07:02 - 2019-09-06 07:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-09-06 06:57 - 2019-09-06 06:57 - 000000000 ___HD C:\Users\Toshiba\MicrosoftEdgeBackups
2019-09-06 06:55 - 2019-09-06 06:55 - 000000000 ___RD C:\Users\Toshiba\3D Objects
2019-09-06 06:54 - 2019-09-06 18:56 - 000000000 ____D C:\Users\Toshiba\AppData\Local\ConnectedDevicesPlatform
2019-09-06 06:54 - 2019-09-06 06:54 - 000000020 ___SH C:\Users\Toshiba\ntuser.ini
2019-09-06 06:52 - 2019-09-06 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-06 06:52 - 2019-09-06 19:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-06 06:52 - 2019-09-06 17:26 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2844220627-2807872682-970000197-1001
2019-09-06 06:52 - 2019-09-06 06:53 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-06 06:52 - 2019-09-06 06:53 - 000003322 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-09-06 06:52 - 2019-09-06 06:53 - 000003302 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9366F682-5DFE-4419-BCF1-43F60D8141C9}
2019-09-06 06:52 - 2019-09-06 06:53 - 000002800 _____ C:\WINDOWS\System32\Tasks\Seagate_Install_Launch
2019-09-06 06:52 - 2019-09-06 06:52 - 000003750 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-06 06:52 - 2019-09-06 06:52 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-09-06 06:52 - 2019-09-06 06:52 - 000003458 _____ C:\WINDOWS\System32\Tasks\Toshiba Local Autobackup 5 4
2019-09-06 06:52 - 2019-09-06 06:52 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-06 06:52 - 2019-09-06 06:52 - 000003006 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2019-09-06 06:52 - 2019-09-06 06:52 - 000003000 _____ C:\WINDOWS\System32\Tasks\Toshiba Merge
2019-09-06 06:52 - 2019-09-06 06:52 - 000002972 _____ C:\WINDOWS\System32\Tasks\Toshiba
2019-09-06 06:52 - 2019-09-06 06:52 - 000002848 _____ C:\WINDOWS\System32\Tasks\Ad-Aware Update (Weekly)
2019-09-06 06:52 - 2019-09-06 06:52 - 000002782 _____ C:\WINDOWS\System32\Tasks\Toshiba DBAgent 2 0
2019-09-06 06:52 - 2019-09-06 06:52 - 000002382 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-09-06 06:52 - 2019-09-06 06:52 - 000002240 _____ C:\WINDOWS\System32\Tasks\{59FFAE28-6469-4C3D-B026-04D6F6AE49E5}
2019-09-06 06:52 - 2019-09-06 06:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2019-09-06 06:52 - 2019-09-06 06:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-09-06 06:52 - 2019-09-06 06:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-09-06 06:52 - 2019-09-06 06:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Games
2019-09-06 06:52 - 2019-09-06 06:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-09-06 06:50 - 2019-09-06 06:52 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-09-06 06:50 - 2019-09-06 06:52 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-09-06 06:37 - 2019-09-06 06:37 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-09-06 06:35 - 2019-09-06 17:26 - 000002421 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-06 06:35 - 2019-09-06 06:57 - 000000000 ____D C:\Users\Toshiba
2019-09-06 06:35 - 2019-09-06 06:45 - 000000000 ____D C:\Users\DefaultAppPool
2019-09-06 06:35 - 2018-04-11 18:34 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-06 06:23 - 2019-09-06 06:23 - 000000000 ____D C:\ProgramData\USOShared
2019-09-06 06:22 - 2018-04-11 18:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-09-06 06:17 - 2019-09-06 07:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-06 06:17 - 2019-09-06 06:41 - 002400160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-06 05:06 - 2019-09-05 21:33 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-06 05:06 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-06 05:06 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-06 05:03 - 2019-09-06 09:15 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-09-06 05:03 - 2019-09-06 05:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-09-06 05:03 - 2019-09-06 05:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-09-06 04:14 - 2019-09-06 04:14 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-06 04:14 - 2019-09-06 04:14 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-06 04:14 - 2019-09-06 04:14 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2019-09-06 04:14 - 2019-09-06 04:14 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2019-09-06 04:14 - 2019-09-06 04:14 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2019-09-06 04:14 - 2019-09-06 04:14 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2019-09-06 04:14 - 2019-09-06 04:14 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-09-06 04:14 - 2019-09-06 04:14 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2019-09-06 04:14 - 2019-09-06 04:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-06 04:13 - 2019-09-06 04:13 - 000713488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-09-06 04:13 - 2019-09-06 04:13 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-09-06 04:13 - 2019-09-06 04:13 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2019-09-06 04:13 - 2019-09-06 04:13 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2019-09-06 04:13 - 2019-09-06 04:13 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-09-06 04:13 - 2019-09-06 04:13 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-06 04:13 - 2019-09-06 04:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-09-06 04:13 - 2019-09-06 04:13 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-09-06 04:13 - 2019-09-06 04:13 - 000091568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-09-06 04:12 - 2019-09-06 04:12 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 022734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 020392608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 019385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 012838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 012039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 007990272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 007572480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 003701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-06 04:12 - 2019-09-06 04:12 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-09-06 04:12 - 2019-09-06 04:12 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-09-06 04:12 - 2019-09-06 04:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-06 04:12 - 2019-09-06 04:12 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-06 04:12 - 2019-09-06 04:12 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-06 04:12 - 2019-09-06 04:12 - 000776192 _____ (Micro

#13 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 07 September 2019 - 06:13 AM

Hi,

Your PC ran into a problem and needs to restart. If you'd like to know more search for:

DRIVER OVERRAN STACK BUFFER.

This could be caused by a bad driver or some bad clusters on the Hard Disk.

Read the instructions on this page.

How to Fix Hard Drive Problems with Chkdsk in Windows 7, 8, and 10

https://www.howtogee...-windows-vista/

run this command at the DOS prompt chkdsk /f c:

p.s. note the spaces before both commands.

Restart the computer normally after the fix.

===

Lets check your Master Boot Record.

Read carefully and follow these steps.

TDSS

Download TDSSKiller and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application.

Then click on Start Scan.

If a suspicious file is detected, the default action will be Skip, click on Continue.

If an infected file is detected, the default action will be Cure, click on Continue.

Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

===

--RogueKiller--

Download & SAVE to your Desktop Download RogueKiller

Quit all programs that you may have started.

Please disconnect any USB or external drives from the computer before you run this scan!

For Vista or above, right-click the program file and select "Run as Administrator"

Accept the user agreements.

Execute the scan and wait until it has finished.

If a Windows opens to explain what [PUM's] are, read about it.

Click the RoguKiller icon on your taksbar to return to the report.

Click open the Report

Click Export TXT button

Save the file as ReportRogue.txt

Click the Remove button to delete the items in RED

Click Finish and close the program.

Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.

=======

Let me know of any remaining issues with this computer.

If at any time you get an error message make a note of it and post the exact message for my review.

Back to PC Checkup and Troubleshooting

Tune Up help

#1 dbarie33

#2 nasdaq

#3 dbarie33

#4 nasdaq

#5 dbarie33

#6 dbarie33

#7 nasdaq

#8 dbarie33

#9 nasdaq

#10 dbarie33

#11 nasdaq

#12 dbarie33

#13 nasdaq

Sign In