Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

PC fixed now laptop can’t log onto internet

Started by Carlgrus , Feb 11 2020 02:04 PM

This topic is locked

9 replies to this topic

#1 Carlgrus

Advanced Member

Full Member
149 posts

Posted 11 February 2020 - 02:04 PM

Thank you for fixing my PC the other day, now my laptop at the office mysteriously can’t log onto the internet. Here are the logs requested. Thanks again, you are a magician. Carl

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 2/11/20

Scan Time: 2:45 PM

Log File: 07ff7304-4d07-11ea-af85-c8348e022bf6.json

-Software Information-

Version: 4.0.4.49

Components Version: 1.0.810

Update Package Version: 1.0.19056

License: Premium

-System Information-

OS: Windows 10 (Build 18362.628)

CPU: x64

File System: NTFS

User: DESKTOP-RA8BHB0\cruss

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 301912

Threats Detected: 0

Threats Quarantined: 0

Time Elapsed: 1 min, 13 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 0

(No malicious items detected)

Physical Sector: 0

(No malicious items detected)

WMI: 0

(No malicious items detected)

(end)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02

Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (11-02-2020 14:48:49)

Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities

Loaded Profiles: cruss (Available Profiles: cruss)

Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)

Default browser: FF

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe

(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe

(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe

(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe

(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe

(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe

(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe

(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe

(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxOutlook.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxTsr.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe

(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe

(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe

(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe

(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe

(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe

(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe

(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe

(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe

(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe

(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

Failed to access process -> chrome.exe

Failed to access process -> firefox.exe

Failed to access process -> MicrosoftEdge.exe

Failed to access process -> MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]

HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]

HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-06] (Google LLC -> Google LLC)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]

ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]

ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)

GroupPolicy: Restriction ? <==== ATTENTION

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)

Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)

Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)

Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)

Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)

Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)

Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)

Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)

Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)

Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]

Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)

Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)

Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)

Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)

Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)

BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]

Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

Edge:

======

DownloadDir: C:\Users\cruss\Downloads

FireFox:

========

FF DefaultProfile: g5xy1w6g.default

FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]

FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]

FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-11]

FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528

FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com

FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}

FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]

FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]

FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]

FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]

FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\sp@avast.com.xpi [2020-01-20]

FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]

FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]

FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. -> Sanford L.P.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:

=======

CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-11]

CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015

CHR StartupUrls: Default -> "hxxps://www.google.com/"

CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png

CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]

CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]

CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]

CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]

CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]

CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]

CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]

CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]

CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]

CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]

CHR Extension: (Avast Online Security) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-11]

CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]

CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]

CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]

CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]

CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]

CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]

R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]

R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)

S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)

R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)

R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)

R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)

R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)

R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)

R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)

S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)

R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)

R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)

R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)

R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)

R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)

R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)

R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)

R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)

R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)

R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)

R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)

S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)

R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)

R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)

R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)

R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)

S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)

R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)

R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)

R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)

R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)

S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [55232 2020-02-11] (SurfRight B.V. -> )

R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)

R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)

R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)

R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)

R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)

R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)

S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)

R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)

R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)

S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)

R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )

R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)

S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)

R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)

S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)

R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)

S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)

R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)

S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)

R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)

R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)

S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-11 14:45 - 2020-02-11 14:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump

2020-02-11 13:34 - 2020-02-11 13:34 - 000000000 ___HD C:\OneDriveTemp

2020-02-11 13:33 - 2020-02-11 13:33 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys

2020-02-11 13:33 - 2020-02-11 13:33 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys

2020-02-11 13:33 - 2020-02-11 13:33 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys

2020-02-11 13:33 - 2020-02-11 13:33 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys

2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk

2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET

2020-02-11 13:07 - 2020-02-11 14:49 - 000000000 ____D C:\FRST

2020-02-11 12:40 - 2020-02-11 12:40 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe

2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys

2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys

2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe

2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos

2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys

2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe

2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man

2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys

2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg

2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk

2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer

2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg

2020-02-10 14:44 - 2020-02-11 12:40 - 000055232 _____ C:\windows\system32\Drivers\hitmanpro37.sys

2020-02-10 14:35 - 2020-02-11 14:49 - 000000000 ____D C:\windows\CryptoGuard

2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys

2020-02-10 14:34 - 2020-02-11 14:33 - 000000000 ____D C:\ProgramData\HitmanPro.Alert

2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV

2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV

2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert

2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll

2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll

2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos

2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys

2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll

2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys

2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys

2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos

2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos

2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner

2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe

2020-02

Back to top

#2 Carlgrus

Advanced Member

Full Member
149 posts

Posted 11 February 2020 - 02:38 PM

I also wanted to tell you that the only way I was able to run the above utilities was: I have Avast Secure Browser, it’s the only way I could gain access to the Internet. Neither Firefox, Google Chrome, or Internet Explorer works…and even on the Avast Browser, I can’t type anything, If I type the letter F for example, it’s another letter, and it never repeats itself, and it’s all over the map, so the only way I can give you these messages is to type them in Word and cut and paste them into the Reply section.

Back to top

#3 nasdaq

Forum Deity

Global Moderator
49,381 posts

Posted 12 February 2020 - 07:35 AM

Hello, Welcome to SpywareInfo.

I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

===

Is this the same computer serviced under this topic?

https://www.spywarei...ncredibly-slow/

Please delete the current version of the Farbar program.

Download and run this latest version from the owner's site.

Download the Farbar Recovery Scan Tool (FRST).

Choose the 32 or 64 bit version for your system.

and save it to a folder on your computer's Desktop.

Double-click to run it. When the tool opens click Yes to disclaimer.

Press Scan button.

It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:

In the Reply section in the bottom of the topic Click the "more reply Options" button.

Attach the file.

Select the "Choose a File" navigate to the location of the File.

Click the file you wish to Attach.

Click Attach this file.

Click the Add reply button.

===

Please post the logs (FRST.txt and Addition.txt) for my review.

Let me know what problems persists.

Wait for further instructions

===

--RogueKiller--

Download & SAVE to your Desktop Download RogueKiller

Quit all programs that you may have started.

Please disconnect any USB or external drives from the computer before you run this scan!

For Vista or above, right-click the program file and select "Run as Administrator"

Accept the user agreements.

Execute the scan and wait until it has finished.

If a Windows opens to explain what [PUM's] are, read about it.

Click the RoguKiller icon on your taksbar to return to the report.

Click open the Report

Click Export TXT button

Save the file as ReportRogue.txt

Click the Remove button to delete the items in RED

Click Finish and close the program.

Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.

=======

Download Farbar's Service Scanner utility

http://www.bleepingc...-scanner/dl/62/

and Save to your Desktop.

If using Windows 7 or above, Right-Click on fss.exe and select Run As Administrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

Internet Services

Windows Firewall

System Restore

Security Center/Action Center

Windows Update

Windows Defender

Other Services

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

===

PLease post/attach all the logs.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

Back to top

#4 Carlgrus

Advanced Member

Full Member
149 posts

Posted 12 February 2020 - 08:29 AM

No, this is not the same computer serviced under this topic. This is my laptop at my office. And the problems are: None of my browser will open except for Avast Secure Browser. Firefox, Google, or Internet Explorer will not open. And in Avast Secure Brower, I cannot type this message. When I type on the keyboard, different letters come out, not the letters I’m typing, and they keep changing. So, the only way I can give you this message is to type it in Word, and cut and paste it in the Reply section. . I have attached the Farbar logs as instructed, the FRST.txt and the Addition.txt. I am now running Rogue Killer and will do the Farbar Service Scanner and get the logs posted as well.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020

Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (12-02-2020 09:11:56)