Jump to content


Photo

PC fixed now laptop canít log onto internet


  • This topic is locked This topic is locked
9 replies to this topic

#1 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 11 February 2020 - 02:04 PM

Thank you for fixing my PC the other day, now my laptop at the office mysteriously can’t log onto the internet.  Here are the logs requested.  Thanks again, you are a magician.   Carl

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/11/20
Scan Time: 2:45 PM
Log File: 07ff7304-4d07-11ea-af85-c8348e022bf6.json
 
-Software Information-
Version: 4.0.4.49
Components Version: 1.0.810
Update Package Version: 1.0.19056
License: Premium
 
-System Information-
OS: Windows 10 (Build 18362.628)
CPU: x64
File System: NTFS
User: DESKTOP-RA8BHB0\cruss
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301912
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 13 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (11-02-2020 14:48:49)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> chrome.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> MicrosoftEdge.exe
Failed to access process -> MicrosoftEdgeCP.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
DownloadDir: C:\Users\cruss\Downloads
 
FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]
FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-11]
FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com
FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\sp@avast.com.xpi [2020-01-20]
FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. ->  Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-11]
CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Avast Online Security) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)
R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [55232 2020-02-11] (SurfRight B.V. -> )
R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)
R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)
R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)
S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)
R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)
S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-11 14:45 - 2020-02-11 14:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump
2020-02-11 13:34 - 2020-02-11 13:34 - 000000000 ___HD C:\OneDriveTemp
2020-02-11 13:33 - 2020-02-11 13:33 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET
2020-02-11 13:07 - 2020-02-11 14:49 - 000000000 ____D C:\FRST
2020-02-11 12:40 - 2020-02-11 12:40 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe
2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos
2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys
2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe
2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man
2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys
2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg
2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk
2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer
2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg
2020-02-10 14:44 - 2020-02-11 12:40 - 000055232 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2020-02-10 14:35 - 2020-02-11 14:49 - 000000000 ____D C:\windows\CryptoGuard
2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys
2020-02-10 14:34 - 2020-02-11 14:33 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV
2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll
2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll
2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos
2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll
2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys
2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos
2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner
2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe
2020-02

#2 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 11 February 2020 - 02:38 PM

I also wanted to tell you that the only way I was able to run the above utilities was:  I have Avast Secure Browser, it’s the only way I could gain access to the Internet.  Neither Firefox, Google Chrome, or Internet Explorer works…and even on the Avast Browser, I can’t type anything, If I type the letter F for example, it’s another letter, and it never repeats itself, and it’s all over the map, so the only way I can give you these messages is to type them in Word and cut and paste them into the Reply section. 

 



#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 12 February 2020 - 07:35 AM

Hello, Welcome to SpywareInfo.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Is this the same computer serviced under this topic?
 
Please delete the current version of the Farbar program.
Download and run this latest version from the owner's site.
 
Download the Farbar Recovery Scan Tool (FRST).
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png
 
Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===
 
Please post the logs (FRST.txt and Addition.txt)  for my review.
 
Let me know what problems persists.
 
Wait for further instructions
===
 
--RogueKiller--


  •  






  • Quit all programs that you may have started.




  • Please disconnect any USB or external drives from the computer before you run this scan!




  • For Vista or above, right-click the program file and select "Run as Administrator"




  • Accept the user agreements.




  • Execute the scan and wait until it has finished.




  • If a Windows opens to explain what [PUM's] are, read about it.




  • Click the RoguKiller icon on your taksbar to return to the report.




  • Click open the Report




  • Click Export TXT button




  • Save the file as ReportRogue.txt




  • Click the Remove button to delete the items in RED  




  • Click Finish and close the program.




  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.


 
=======
 
Download   Farbar's Service Scanner utility
and Save to your Desktop.
If using Windows 7 or above, Right-Click on fss.exe and select Run As Administrator.
If using XP, double-click to start.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services
  
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.
===
 
PLease post/attach all the logs.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 12 February 2020 - 08:29 AM

No, this is not the same computer serviced under this topic.  This is my laptop at my office.  And the problems are:  None of my browser will open except for Avast Secure Browser.  Firefox, Google, or Internet Explorer will not open.  And in Avast Secure Brower, I cannot type this message.  When I type on the keyboard, different letters come out, not the letters I’m typing, and they keep changing.  So, the only way I can give you this message is to type it in Word, and cut and paste it in the Reply section.  .   I have attached the Farbar logs as instructed, the FRST.txt and the Addition.txt.  I am now running Rogue Killer and will do the Farbar Service Scanner and get the logs posted as well. 


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (12-02-2020 09:11:56)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.651_none_5f2896f458eff373\TiWorker.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\chrmstp.exe [2020-02-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
DownloadDir: C:\Users\cruss\Downloads
 
FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]
FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com
FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. ->  Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)
R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)
R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)
R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)
R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)
S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)
R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)
S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-12 09:10 - 2020-01-16 00:07 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-02-12 09:10 - 2020-01-15 23:23 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-02-12 09:09 - 2020-02-12 09:09 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump
2020-02-12 09:06 - 2020-02-12 09:06 - 000000000 ___HD C:\OneDriveTemp
2020-02-11 15:20 - 2020-02-11 15:20 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000000000 ____D C:\Program Files\HitmanPro
2020-02-11 15:12 - 2020-02-11 15:18 - 000000000 ____D C:\ProgramData\HitmanPro
2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET
2020-02-11 13:07 - 2020-02-12 09:12 - 000000000 ____D C:\FRST
2020-02-11 12:40 - 2020-02-11 15:17 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe
2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos
2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys
2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe
2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man
2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys
2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg
2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk
2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer
2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg
2020-02-10 14:44 - 2020-02-11 15:14 - 000057728 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2020-02-10 14:35 - 2020-02-12 09:12 - 000000000 ____D C:\windows\CryptoGuard
2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys
2020-02-10 14:34 - 2020-02-12 09:12 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV
2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll
2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll
2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos
2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll
2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys
2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos
2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner
2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe
2020-02-07 15:27 - 2020-02-07 15:27 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-02-05 15:48 - 2020-02-05 15:48 - 004139319 _____ C:\Users\cruss\Downloads\Walgreens-Family-Dollar-Sublease-280-Broad-St-New-London-CT-06320-1.pdf
2020-02-05 15:23 - 2020-02-05 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 12:22 - 2020-02-04 12:22 - 002003694 _____ C:\Users\cruss\Downloads\Planned-Parenthood-617-Watertown-Ave-Waterbury-CT.pdf
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-02-03 17:10 - 2020-01-02 10:05 - 000454656 ____R C:\windows\system32\Drivers\etc\hosts.20200203-171022.backup
2020-02-03 17:05 - 2020-02-03 17:05 - 000008866 _____ C:\Users\cruss\OneDrive\Documents\cc_20200203_170501.reg
2020-01-31 14:32 - 2020-01-31 14:32 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Intel
2020-01-31 14:31 - 2019-12-23 18:38 - 025076232 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 011919368 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 003013640 _____ (Intel Corporation) C:\windows\system32\mfx_mft_mjpgvd_64.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 002439176 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000146952 _____ C:\windows\SysWOW64\libGLESv2.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000137736 _____ C:\windows\SysWOW64\libEGL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000126472 _____ (Khronos Group) C:\windows\sys

#5 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 12 February 2020 - 08:49 AM

And here are the Rogue Killer text file and the FSS.txt file…thanks again

 

RogueKiller Anti-Malware V14.1.1.0 (x64) [Jan 28 2020] (Free) by Adlice Software
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : cruss [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200212_135530, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/02/12 09:33:02 (Duration : 00:07:56)
Switches : -minimize
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Description -- N/A -> Found
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Hosts file is too big
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
 
Farbar Service Scanner Version: 14-12-2019
Ran by cruss (administrator) on 12-02-2020 at 09:45:57
Running from "C:\Users\cruss\OneDrive\Desktop\Spyware Utilities"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 13 February 2020 - 07:50 AM

Hi,
 
Sophos and Avast should not be running together in real life.
This only slow down browsing the net.
I suggest you disable Sophos.
 

AV: Sophos Home (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
<<<>>>
 
Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
AlternateDataStreams: C:\Program Files (x86)\EXP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\cruss\Downloads\2019.qex:com.dropbox.attrs [54]
FirewallRules: [{90F824B0-A44C-49CF-AD26-F21138686F6B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}] => (Allow) %systemroot%\system32\alg.exe No File
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
VirusTotal: C:\windows\system32\kernel32.dll
 
Reboot:
 
End
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
You FRST.TXt log shows that Firefox is not accessable.
If the problem persists please execute this.
 
Remove and re-install Firefox it may be compromised.
 
Before proceeding save your Bookmarks. (Export)
 
Firefox Password manager - Import your passwords.
Password Manager - Remember, delete, change and import saved passwords in Firefox
 
If the problem persists in Firefox and you are Syncing with other Devices reset it.
 
When all is well you can re-sync your devices.
 
Clean the Firefox Cache.
 
Remove Firefox using the instructions one this page.
 
Restart the computer normally.
 
Install the latest version of the application.
 
Import your Bookmarks. Same link as the Export function above.
 
Restart the computer normally.
<<<>>>
 
Please let me know if you also have issues with the other browsers.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 13 February 2020 - 09:41 AM

Magic! all is working, Thank you again.  Can I buy you dinner?  You're fantastic! I appreciate all that you do.  You got both my computer back up an operating in short order, I can't thank you enough....Carl



#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 14 February 2020 - 07:36 AM

Glad we could help.

 

Can you post the Fixlog.txt for my review.

 

I want to see what submitting the Kernell.dll file was reported.

 

Stay safe.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 141 posts

Posted 14 February 2020 - 03:50 PM

Here you go, and thanks again:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by cruss (13-02-2020 10:23:40) Run:1
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
AlternateDataStreams: C:\Program Files (x86)\EXP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\cruss\Downloads\2019.qex:com.dropbox.attrs [54]
FirewallRules: [{90F824B0-A44C-49CF-AD26-F21138686F6B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}] => (Allow) %systemroot%\system32\alg.exe No File
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
VirusTotal: C:\windows\system32\kernel32.dll
 
Reboot:
 
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\Software\Mozilla\Firefox\Extensions\\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" => removed successfully
C:\Program Files (x86)\EXP => ":com.dropbox.attrs" ADS removed successfully
C:\Users\cruss\Downloads\2019.qex => ":com.dropbox.attrs" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F824B0-A44C-49CF-AD26-F21138686F6B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}" => removed successfully

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

VirusTotal: C:\windows\system32\kernel32.dll => https://www.virustot...sis/1581587750/


The system needed a reboot.

==== End of Fixlog 10:23:55 ====



#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,318 posts

Posted 21 February 2020 - 07:24 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button