Jump to content


Photo

Blue Screen Of Death 3 Times Yesterday (6-8-20)


  • This topic is locked This topic is locked
30 replies to this topic

#1 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 08 June 2020 - 10:46 PM

I started getting the Blue Screen Of Death with a big 
 
Smiley with a Frown, statting that something was 
 
wrong with the computer and would have to be 
 
rebooted.  My usual way of dealing with this in the 
 
past was to pull the battery, power source, and 
 
disconnect.  Then after I powered back up, but still 
 
being disconnected from the Internet I would run 
 
TFC.exe, Internet Options to clear Temporary Internet 
 
Files and Cookies, CCleaner, Malwarebytes, and AVG.  
 
If everyhting seemed to be working good there, then 
 
I'd reconnect to the Internet and see what happened 
 
up there.
 
Yesterday it was really acting up.  I was trying to 
 
watch an interview on YouTube and the video froze, 
 
the volume turned into a buzz, and I lost control of 
 
my mouse, so I had to pull power and then a cold 
 
reboot.  Then when I was looking at Junk Mail in 
 
Hotmail, I was trying to have what I had Selected to 
 
put in the Inbox, but the Menu wouldn't open, 
 
couldn't close the Program, so I had to abort again.
 
I downloaded ESETonline Scanner first ran that.  It 
 
tokk over 3 hours to Scan the system, but it found a 
 
Trojan and another Program in my Downloads folder.  I 
 
don't really want to do a Refresh as 8.1 is not on a 
 
CD, but a Flashdrive.  I'm usuing a HP Pavilion 
 
Notebokk with Windows 8.1.  AVG does not like RGSA, 
 
so I temporarily shut it off.  Here's the logs.  
 
Thanks in advance, Krishna.
 
P.S.  I'm running Malwarebytes Premium.
 
Malwarebytes
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 6/8/20
Scan Time: 11:22 PM
Log File: 7c032286-aa00-11ea-ba23-a01d48ddcedf.json
 
-Software Information-
Version: 4.1.0.56
Components Version: 1.0.931
Update Package Version: 1.0.25248
License: Premium
 
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Harris-PC\Steve
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 259080
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 10 min, 40 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
FRST
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Steve (administrator) on HARRIS-PC (Hewlett-Packard HP Pavilion 15 Notebook PC) (08-06-2020 23:45:46)
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [528840 2019-03-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G12] => C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe [154296 2018-11-07] (CyberLink Corp. -> CyberLink)
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress12] => NA
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\Windows\system32\hpinkstsa011LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\Windows\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Copy 1).lnk [2020-03-08]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1898B8D9-9FA5-42BB-825C-208C3F91CC1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {1A924A01-1460-4185-B137-252DF3972D68} - System32\Tasks\Driver Booster SkipUAC (Steve) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
Task: {1F2C01F0-E05C-484C-8093-F80D1375929C} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {2CCCC7C4-A313-45E2-9499-5C483DF3A485} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Steve\Desktop\esetonlinescanner.exe [14665312 2020-06-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {35B673EB-EB8E-4726-88A5-EF65E17E6444} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {46064521-B4CF-4727-8A53-F798656E5A76} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Steve\Desktop\esetonlinescanner.exe [14665312 2020-06-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {57FFCCB0-B3CB-4F34-89A7-23E916A38A39} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {60F6C3D9-8AB9-4E72-8573-66DBB8ECFD90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E3ED1D6-B5E0-45C8-87C8-8DB0652151F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {76D5726F-A4A1-4C78-836B-6053CE2E1266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {7AABD26B-2A98-485F-993B-3880BEA6D265} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {7ABA0F7A-305C-469E-A049-C75237007AE3} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002 => C:\Users\Steve\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Task: {7E1F187B-44C8-401F-8579-18DD82F060A8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {867825CF-6A8F-41DF-97DD-5AE4323F0472} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {88610114-47BE-4F42-837E-BF65D2B73013} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> )
Task: {944D5D4F-0288-41FE-BF1A-2E0063C69C92} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {97CDB05C-9069-4BF5-BF47-9C358DB16D99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {A8A597F4-12DE-4344-8E10-B7E66E9EE41D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A9147A7E-2AA3-46F7-94F0-EA7831D8929D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {B321C1AB-8FA0-45FA-A494-6E66E753CAB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {B91A15B7-D445-4AF4-9CC6-416C653D3B34} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9193CF8-4731-406E-BD2E-28C143451FB1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6DBA4E2-EDDA-49C1-8F1D-5AF2946A8B10} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAC7A505-7F02-4B43-A3C5-1F3DBED24FFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {DB6CAAEC-4591-42C4-BEFF-0BE85B461552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {DC2ACC65-0384-4FA6-B39E-F59D2E84A1A8} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E40E477C-18CD-4C50-ADA9-791ACCD969E0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E55BDDC3-F45E-485A-A636-9BF31F5AFF56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {E92CA9E1-5AEC-4118-A2DE-7B8C36D9BEF0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3387520 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {F44746C6-10D5-4E82-A1AE-60D82FBEEF7E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\HPCeeScheduleForSteve.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{67F30BE7-F1D9-4075-B26E-43D3F3480D79}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{CF139D7E-D521-4337-A570-51EAAE9CEC88}: [DhcpNameServer] 209.18.47.62 209.18.47.61
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-752196998-378064213-1701927948-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Steve\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-02-16] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2020-06-08]
CHR Notifications: Default -> hxxps://articles.mercola.com; hxxps://awarenessact.com; hxxps://directorzone.cyberlink.com; hxxps://manualslibrary.org; hxxps://membership.cyberlink.com; hxxps://prayingmedic.com; hxxps://thechamomile.com; hxxps://upornia.com; hxxps://www.bradenton.com; hxxps://www.cyberlink.com; hxxps://www.facebook.com; hxxps://www.nascar.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://google.com/","hxxp://https//google.com"
CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-12-11] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [349552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-18] (Malwarebytes Inc -> Malwarebytes)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [54080 2018-05-26] (Hewlett-Packard Company -> HP)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21634560 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [665600 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [83656 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [23752 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37208 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205952 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [234632 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [178832 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61072 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42856 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109336 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84928 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851664 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461064 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319200 2020-05-30] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CLFCL5.18; C:\Windows\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2019-02-20] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [111840 2018-05-02] (CyberLink Corp. -> CyberLink)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [41280 2018-05-26] (Hewlett-Packard Company -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-26] (Martin Malik - REALiX -> REALiX™)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131736 2020-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [329664 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-08 23:45 - 2020-06-08 23:47 - 000031734 _____ C:\Users\Steve\Desktop\FRST.txt
2020-06-08 23:44 - 2020-06-08 23:44 - 000899584 _____ C:\Users\Steve\Desktop\RGSA.exe
2020-06-08 23:43 - 2020-06-08 23:43 - 002289152 _____ (Farbar) C:\Users\Steve\Desktop\FRST64.exe
2020-06-08 23:34 - 2020-06-08 23:34 - 000001209 _____ C:\Users\Steve\Desktop\MalwarebytesScan.txt
2020-06-08 23:30 - 2020-06-08 23:31 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\IGDump
2020-06-08 23:21 - 2020-06-08 23:21 - 000003706 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2020-06-08 23:21 - 2020-06-08 23:21 - 000003266 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2020-06-08 23:19 - 2020-06-08 23:19 - 000001244 _____ C:\Users\Steve\Desktop\ESETScan.txt
2020-06-08 20:10 - 2020-06-08 20:10 - 014665312 _____ (ESET spol. s r.o.) C:\Users\Steve\Desktop\esetonlinescanner.exe
2020-06-08 20:10 - 2020-06-08 20:10 - 000000526 _____ C:\Users\Steve\Desktop\ESET Online Scanner.lnk
2020-06-08 19:57 - 2020-06-08 19:57 - 000262144 _____ C:\Windows\Minidump\060820-29671-01.dmp
2020-06-08 19:45 - 2020-06-08 19:59 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-06-08 19:45 - 2020-06-08 19:45 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-06-08 19:45 - 2020-06-08 19:45 - 000131736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-06-08 02:32 - 2020-06-08 02:32 - 000001112 _____ C:\Users\Steve\Documents\cc_20200608_023223.reg
2020-06-07 21:51 - 2020-06-07 21:51 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-07 21:51 - 2020-06-07 21:51 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-05 02:23 - 2020-06-05 02:23 - 000000000 ____D C:\Windows\pss
2020-06-05 02:10 - 2020-06-05 02:13 - 000001420 _____ C:\Users\Steve\Documents\SafeMode2.txt
2020-06-04 18:42 - 2020-06-04 20:38 - 000002479 _____ C:\Users\Steve\Documents\UninstallingGoogleChrome.txt
2020-06-03 04:43 - 2020-06-03 04:43 - 000000071 _____ C:\Users\Steve\Documents\BlueJeans.txt
2020-06-01 14:04 - 2020-06-01 16:25 - 000005192 _____ C:\Users\Steve\Documents\SystemRestoreFixes.txt
2020-05-24 05:01 - 2020-05-24 05:01 - 000002422 _____ C:\Users\Steve\Documents\cc_20200524_050112.reg
2020-05-24 04:14 - 2020-05-21 04:12 - 000338104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-05-24 03:54 - 2020-05-24 03:54 - 000000099 _____ C:\Users\Steve\Documents\LukeCombs-WhenItRains.txt
2020-05-21 04:12 - 2020-05-21 04:12 - 000235552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-05-21 04:12 - 2020-05-21 04:12 - 000175776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-05-16 13:55 - 2020-05-16 13:55 - 001457029 _____ C:\Users\Steve\Downloads\to_a_few_of_my_friends.zip
2020-05-13 20:23 - 2020-04-29 23:49 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2020-05-13 20:23 - 2020-04-29 23:22 - 000881664 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-05-13 20:23 - 2020-04-29 22:55 - 001756672 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-05-13 20:23 - 2020-04-29 22:43 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-05-13 20:23 - 2020-04-29 22:33 - 001096704 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-05-13 20:23 - 2020-04-16 02:04 - 022365896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-05-13 20:23 - 2020-04-16 02:04 - 003118032 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-05-13 20:23 - 2020-04-16 02:04 - 001368592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-05-13 20:23 - 2020-04-16 02:04 - 000722496 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-05-13 20:23 - 2020-04-16 02:04 - 000642488 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-05-13 20:23 - 2020-04-16 01:15 - 025755136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-05-13 20:23 - 2020-04-16 00:30 - 019795840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-05-13 20:23 - 2020-04-16 00:29 - 000561400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-05-13 20:23 - 2020-04-16 00:29 - 000493736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-05-13 20:23 - 2020-04-15 23:40 - 002911744 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-05-13 20:23 - 2020-04-15 23:38 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-05-13 20:23 - 2020-04-15 23:31 - 020291072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-05-13 20:23 - 2020-04-15 23:31 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 20:23 - 2020-04-15 23:27 - 005498880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-05-13 20:23 - 2020-04-15 23:27 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-05-13 20:23 - 2020-04-15 23:25 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2020-05-13 20:23 - 2020-04-15 23:14 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-05-13 20:23 - 2020-04-15 23:11 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-05-13 20:23 - 2020-04-15 23:07 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 20:23 - 2020-04-15 23:04 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-05-13 20:23 - 2020-04-15 23:03 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-13 20:23 - 2020-04-15 22:59 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-05-13 20:23 - 2020-04-15 22:54 - 015478272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-05-13 20:23 - 2020-04-15 22:53 - 003258368 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-05-13 20:23 - 2020-04-15 22:50 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-05-13 20:23 - 2020-04-15 22:49 - 002942464 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2020-05-13 20:23 - 2020-04-15 22:49 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-05-13 20:23 - 2020-04-15 22:41 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-05-13 20:23 - 2020-04-15 22:41 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-05-13 20:23 - 2020-04-15 22:40 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-05-13 20:23 - 2020-04-15 22:39 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-05-13 20:23 - 2020-04-15 22:37 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-05-13 20:23 - 2020-04-15 22:35 - 013861376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-05-13 20:23 - 2020-04-15 22:32 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2020-05-13 20:23 - 2020-04-15 22:30 - 014533632 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-05-13 20:23 - 2020-04-15 22:28 - 000902656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2020-05-13 20:23 - 2020-04-15 22:26 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-05-13 20:23 - 2020-04-15 22:26 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-05-13 20:23 - 2020-04-15 22:26 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 20:23 - 2020-04-15 22:24 - 007799296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-05-13 20:23 - 2020-04-15 22:23 - 000626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-13 20:23 - 2020-04-15 22:19 - 001265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2020-05-13 20:23 - 2020-04-15 22:18 - 005271552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-05-13 20:23 - 2020-04-15 22:16 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-05-13 20:23 - 2020-04-15 22:14 - 001727488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-05-13 20:23 - 2020-04-15 22:11 - 001546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-05-13 20:23 - 2020-04-14 03:33 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2020-05-13 20:23 - 2020-04-14 03:03 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2020-05-13 20:23 - 2020-04-11 14:42 - 007362296 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-05-13 20:23 - 2020-04-11 14:39 - 001542696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-05-13 20:23 - 2020-04-11 14:29 - 001737720 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-05-13 20:23 - 2020-04-11 13:31 - 001501096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-05-13 20:23 - 2020-04-11 13:04 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-05-13 20:23 - 2020-04-11 11:48 - 001377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-05-13 20:23 - 2020-04-11 11:47 - 000260608 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2020-05-13 20:23 - 2020-04-11 11:23 - 001317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-05-13 20:23 - 2020-04-11 11:22 - 001103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-05-13 20:23 - 2020-04-10 20:12 - 002446576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-05-13 20:23 - 2020-04-09 09:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-05-13 20:23 - 2020-04-07 15:30 - 000988472 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-05-13 20:23 - 2020-04-07 15:28 - 000857320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-05-13 20:23 - 2020-04-07 09:55 - 003330048 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-05-13 20:23 - 2020-04-07 09:51 - 003636224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-05-13 20:23 - 2020-04-04 12:06 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-05-13 20:23 - 2020-04-04 12:01 - 001572864 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-05-13 20:22 - 2020-04-29 22:40 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2020-05-13 20:22 - 2020-04-29 22:37 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2020-05-13 20:22 - 2020-04-16 02:00 - 000374024 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-05-13 20:22 - 2020-04-16 00:25 - 000316368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-05-13 20:22 - 2020-04-15 23:28 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2020-05-13 20:22 - 2020-04-15 23:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2020-05-13 20:22 - 2020-04-15 23:05 - 000147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2020-05-13 20:22 - 2020-04-15 22:59 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-05-13 20:22 - 2020-04-15 22:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-05-13 20:22 - 2020-04-15 22:51 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-05-13 20:22 - 2020-04-15 22:48 - 000310784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2020-05-13 20:22 - 2020-04-15 22:43 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-05-13 20:22 - 2020-04-15 22:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-05-13 20:22 - 2020-04-15 22:38 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-05-13 20:22 - 2020-04-15 22:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-05-13 20:22 - 2020-04-15 22:35 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 20:22 - 2020-04-15 22:27 - 000173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 20:22 - 2020-04-15 22:22 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2020-05-13 20:22 - 2020-04-15 22:20 - 004387328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-05-13 20:22 - 2020-04-15 22:20 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2020-05-13 20:22 - 2020-04-15 22:15 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-05-13 20:22 - 2020-04-15 22:15 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-05-13 20:22 - 2020-04-15 22:11 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2020-05-13 20:22 - 2020-04-15 22:11 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2020-05-13 20:22 - 2020-04-15 22:07 - 000156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2020-05-13 20:22 - 2020-04-15 22:05 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2020-05-13 20:22 - 2020-04-11 14:41 - 000376568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-05-13 20:22 - 2020-04-11 11:55 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-05-13 20:22 - 2020-04-11 11:53 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2020-05-13 20:22 - 2020-04-10 20:12 - 000428784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-05-13 20:22 - 2020-04-04 11:50 - 000795136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-08 23:46 - 2018-05-26 00:49 - 000000000 ____D C:\FRST
2020-06-08 23:03 - 2017-11-23 00:47 - 000000352 _____ C:\Windows\Tasks\HPCeeScheduleForSteve.job
2020-06-08 20:45 - 2014-04-07 18:01 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5F3C0AA3-2C2D-4A09-B42C-56EA43D744A8}
2020-06-08 19:58 - 2014-04-07 23:36 - 000000000 ____D C:\Users\Steve
2020-06-08 19:57 - 2017-06-10 08:37 - 000000000 ____D C:\Windows\Minidump
2020-06-08 19:57 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-08 19:49 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2020-06-08 19:44 - 2015-10-26 21:35 - 000000000 ____D C:\ProgramData\Avg
2020-06-08 19:44 - 2013-11-27 14:25 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-06-08 18:59 - 2020-03-08 04:21 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-08 18:59 - 2020-03-08 04:21 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-08 18:59 - 2019-03-18 19:19 - 000003626 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2020-06-08 18:59 - 2018-09-04 21:17 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-08 18:59 - 2018-05-26 02:20 - 000002888 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Steve)
2020-06-08 18:59 - 2017-11-23 00:47 - 000003166 _____ C:\Windows\system32\Tasks\HPCeeScheduleForSteve
2020-06-08 18:59 - 2017-10-08 22:07 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-08 18:59 - 2017-10-08 22:07 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-08 18:59 - 2017-09-07 10:07 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-06-08 18:59 - 2017-06-01 20:08 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-06-08 18:59 - 2015-11-25 18:40 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{64199833-6EB1-444D-98FB-CC40285436D5}
2020-06-08 18:59 - 2015-11-25 18:17 - 000003098 _____ C:\Windows\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002
2020-06-08 18:59 - 2014-12-23 20:37 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-08 18:59 - 2014-04-10 10:51 - 000003118 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-06-08 18:59 - 2014-04-10 10:51 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-06-08 18:59 - 2014-04-10 10:51 - 000003090 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-06-08 18:59 - 2014-04-10 10:51 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-06-08 18:59 - 2014-04-10 10:51 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-06-08 18:59 - 2013-11-27 14:26 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-08 02:31 - 2018-08-12 22:03 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2020-06-05 02:32 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-06-04 01:29 - 2014-04-07 15:42 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-752196998-378064213-1701927948-1002
2020-06-03 20:33 - 2017-10-08 22:08 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-03 20:33 - 2017-10-08 22:08 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-03 20:33 - 2017-10-08 22:08 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-03 09:50 - 2017-01-12 04:53 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-03 02:43 - 2020-02-19 00:57 - 000001173 _____ C:\Users\Steve\Documents\80sGlamRock.txt
2020-05-31 05:04 - 2016-12-01 02:36 - 000007341 _____ C:\Users\Steve\Documents\SpywareInfo.txt
2020-05-30 12:15 - 2017-06-01 20:08 - 000319200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-05-24 04:54 - 2017-11-27 14:34 - 000001991 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-05-24 04:54 - 2017-11-27 14:34 - 000001991 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-05-24 02:38 - 2019-07-28 23:50 - 000000201 _____ C:\Users\Steve\Documents\R & B 2020.txt
2020-05-24 01:39 - 2020-02-19 02:03 - 000000207 _____ C:\Users\Steve\Documents\NewIndieMusic.txt
2020-05-22 04:09 - 2020-02-14 00:00 - 000000509 _____ C:\Users\Steve\Documents\Throwback Hits Of The 1990s.txt
2020-05-22 03:08 - 2020-02-13 23:00 - 000000337 _____ C:\Users\Steve\Documents\TopHitsOf2000.txt
2020-05-22 02:05 - 2020-02-13 21:57 - 000001082 _____ C:\Users\Steve\Documents\Top100SongsOf2010.txt
2020-05-21 04:16 - 2019-10-21 17:38 - 000002042 _____ C:\Users\Steve\Documents\60s&70sClassicRock.txt
2020-05-21 04:12 - 2018-10-22 14:59 - 000042856 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000461064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2020-05-21 04:11 - 2019-01-17 14:04 - 000234632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000178832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000061072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2020-05-21 04:11 - 2017-11-27 14:34 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-05-21 04:11 - 2017-06-01 20:08 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-05-18 18:05 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2020-05-18 00:25 - 2019-04-22 02:35 - 000006841 _____ C:\Users\Steve\Documents\4Concerts.txt
2020-05-15 01:08 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2020-05-14 01:33 - 2013-08-22 10:44 - 000384352 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-14 01:26 - 2013-08-22 11:36 - 000000000 ___RD C:\Windows\ToastData
2020-05-14 01:26 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\inetsrv
2020-05-13 20:43 - 2014-04-09 16:10 - 000000000 ____D C:\Windows\system32\MRT
2020-05-13 20:37 - 2015-07-15 23:31 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-06 19:04
==================== End of FRST.txt ========================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Steve (08-06-2020 23:52:28)
Running from C:\Users\Steve\Desktop
Windows 8.1 (Update) (X64) (2014-04-08 03:35:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-752196998-378064213-1701927948-500 - Administrator - Disabled)
Guest (S-1-5-21-752196998-378064213-1701927948-501 - Limited - Disabled)
Steve (S-1-5-21-752196998-378064213-1701927948-1002 - Administrator - Enabled) => C:\Users\Steve
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}

#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 10 June 2020 - 05:41 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
No malware was found in your logs.
 
Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
 
start::
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
CMD: ECHO Y|CHKDSK C: /F
 
EmptyTemp:
 
End::
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
If the problem persists check for new drivers - version.
 
Manually update driver in Windows 8 and Windows 8.1
 
Post the Fixlog and let me know if the problem persists.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 12 June 2020 - 01:24 AM

Nasdaq,
 
Sorry I'm Responding so late.  I wasn't expecting to 
 
get help this fast.  I'm not awake, it seems.  Wasn't 
 
thinking right.  Could've saved fixlist.txt to the 
 
Desktop, but the Save tab in Notepad wasn 't working 
 
with my Mouse, so I had to open the Save Field box 
 
and type in C:\Users\Steve\Desktop\ to get it to 
 
Save.  I didn't remember and was trying to stick the 
 
textfile in like in and older program called Combofix 
 
when you ran the Fix part.  How long is Fix suppose 
 
to run to fix this Laptop?  It's been over an hour 
 
and it's still running.  Maybe I should Download a 
 
newer version of Farbar and then run fixlist.txt.
 
I looked at the program that manually updates 
 
drivers.  I don't know what Drivers need updated?  
 
Nothing will ever be as good as PSI was.  I suppose 
 
I'll have to purchase Pro.
 
You said I didn't have any Malware kin my Log, but 
 
the Log I posted for ESET Scanner said I had:
 
C:\Users\Steve\Downloads\499245ee-7422-4a56-a18e-
 
956562afe100.tmp  HTML/FakeAlert.PT trojan and
 
C:\Users\Steve\Downloads\driver_booster_setup.exe
 
When I got the Blue Screen with the Frowning Smiley 
 
Face, I thought I got them back again.  I couldn't 
 
find driver_booster_setup.exe in my Downloads Folder, 
 
but in Safe Mode I found C:\Users\Steve\Downloads
 
\driver_booster_setup.exe in the Registry and Deleted 
 
it there.  I was not able to find .tmp file.  I used 
 
the Administrator's Command Prompt Changed Directory 
 
to just C:>_ typed in the Command Find and the long 
 
file name for the above .tmp file, but got a syntax 
 
error so I gave up.  Next time I got The Blue Screen 
 
it was just Blank with no Smiley or Message, but 
 
still had to pull Power.
 
When I looked at Windows Defender in Control Panel, 
 
it said "This app has been turned off and isn't 
 
monitoring your Computer."It said some other program 
 
was doing this function.  Mawarebytes and AVG Free 
 
couldn't be doing this.  If I knew what key in the 
 
Registry was set to 0 for Windows Defender maybe I 
 
could reset it's value to 1, but I don't know which 
 
one it is?
 
I got a lot of popups ads on YouTube for programs 
 
that would update my drivers, but read those programs 
 
wor worthless.
 
Have you heard anything about Virtual Shield?  It's a 
 
VPN.  See adverts all the time for it.  Changes my IP 
 
address from trackers.
 
On a previous laptop (XP Home) I would periodically 
 
delete the files in Prefetch, is that advisable for 
 
this 8.1 laptop?
 
Also how can I fix going back to a previous Restore 
 
Point if I had to.  Should I turn off System Restore 
 
after you've totally fixed me and then turn it back 
 
on so it willmsave good Restore Poin ts moving 
 
forward?
 
Sorry I'm babbling here.  Just more questions, that I 
 
don't know the answers to.
 
Here's Fixlog.
 
Fix result of Farbar Recovery Scan Tool (x64) 
 
Version: 06-06-2020
Ran by Steve (12-06-2020 02:34:49) Run:3
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: 
 
Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== 
 
ATTENTION
SearchScopes: HKU\S-1-5-21-752196998-378064213-
 
1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-
 
B163-73684A933233} URL = 
 
hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-
 
4A7F-B5B5-38155F893335}
 
&mid=faf257a8cbe747d2a1d471540e39272c-
 
92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=A
 
VG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 
 
17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q=
 
{searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-
 
1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-
 
73684A933233} URL = hxxps://mysearch.avg.com/search?
 
cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}
 
&mid=faf257a8cbe747d2a1d471540e39272c-
 
92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=A
 
VG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 
 
17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q=
 
{searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-
 
73684A933233} -> No File
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
CMD: ECHO Y|CHKDSK C: /F
 
EmptyTemp:
 
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => not found
HKLM\SOFTWARE\Policies\Google => not found
"HKU\S-1-5-21-752196998-378064213-1701927948-
 
1002\SOFTWARE\Microsoft\Internet Explorer
 
\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-752196998-378064213-1701927948-
 
1002\SOFTWARE\Microsoft\Internet Explorer
 
\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} 
 
=> not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion
 
\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1
 
-B163-73684A933233} => not found
clwvd => service not found.
McMPFSvc => service not found.
McNaiAnn => service not found.
mcpltsvc => service not found.
McProxy => service not found.
mfecore => service not found.
MSK80Service => service not found.
 
========= netsh int ip reset =========
 
Resetting Interface, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushDNS =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter 
 
setting from system backup store
========= End of CMD: =========
 
 
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter 
 
setting from system backup store
========= End of CMD: =========
 
 
========= "C:\Windows\SYSTEM32\lodctr.exe" /R 
 
=========
 
 
Info: Successfully rebuilt performance counter 
 
setting from system backup store
========= End of CMD: =========
 
 
========= "C:\Windows\SysWOW64\lodctr.exe" /R 
 
=========
 
 
Info: Successfully rebuilt performance counter 
 
setting from system backup store
========= End of CMD: =========
 
 
========= sfc /scannow =========


#4 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 12 June 2020 - 04:55 AM

I ran fixlist.txt 4 times with the Farbor Recovery Tool.  This last time I ran the program, disconnected from the Internet, AVG and Malwarebytes shutoff.  I didn't want any interference while the program was running.  If I am in error you can always give me a new fixlist.txt and I'll run it normally with everything turned on.

 

Here's the current log of Fixlog.txt.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Steve (12-06-2020 04:35:01) Run:4
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
CMD: ECHO Y|CHKDSK C: /F
 
EmptyTemp:
 
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKU\S-1-5-21-752196998-378064213-1701927948-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-752196998-378064213-1701927948-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
clwvd => service not found.
McMPFSvc => service not found.
McNaiAnn => service not found.
mcpltsvc => service not found.
McProxy => service not found.
mfecore => service not found.
MSK80Service => service not found.
 
========= netsh int ip reset =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= ipconfig /flushDNS =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
 
 
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
 
 
========= "C:\Windows\SYSTEM32\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
 
 
========= "C:\Windows\SysWOW64\lodctr.exe" /R =========
 
 
Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========
 
 
========= sfc /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
Verification 0% complete.Verification 0% complete.Verification 0% complete.Verification 1% complete.Verification 1% complete.Verification 1% complete.Verification 2% complete.Verification 2% complete.Verification 2% complete.Verification 3% complete.Verification 3% complete.Verification 3% complete.Verification 4% complete.Verification 4% complete.Verification 4% complete.Verification 5% complete.Verification 5% complete.Verification 5% complete.Verification 6% complete.Verification 6% complete.Verification 6% complete.Verification 7% complete.Verification 7% complete.Verification 7% complete.Verification 8% complete.Verification 8% complete.Verification 8% complete.Verification 8% complete.Verification 9% complete.Verification 9% complete.Verification 9% complete.Verification 10% complete.Verification 10% complete.Verification 10% complete.Verification 11% complete.Verification 11% complete.Verification 11% complete.Verification 12% complete.Verification 12% complete.Verification 12% complete.Verification 13% complete.Verification 13% complete.Verification 13% complete.Verification 14% complete.Verification 14% complete.Verification 14% complete.Verification 15% complete.Verification 15% complete.Verification 15% complete.Verification 16% complete.Verification 16% complete.Verification 16% complete.Verification 17% complete.Verification 17% complete.Verification 17% complete.Verification 17% complete.Verification 18% complete.Verification 18% complete.Verification 18% complete.Verification 19% complete.Verification 19% complete.Verification 19% complete.Verification 20% complete.Verification 20% complete.Verification 20% complete.Verification 21% complete.Verification 21% complete.Verification 21% complete.Verification 22% complete.Verification 22% complete.Verification 22% complete.Verification 23% complete.Verification 23% complete.Verification 23% complete.Verification 24% complete.Verification 24% complete.Verification 24% complete.Verification 25% complete.Verification 25% complete.Verification 25% complete.Verification 25% complete.Verification 26% complete.Verification 26% complete.Verification 26% complete.Verification 27% complete.Verification 27% complete.Verification 27% complete.Verification 28% complete.Verification 28% complete.Verification 28% complete.Verification 29% complete.Verification 29% complete.Verification 29% complete.Verification 30% complete.Verification 30% complete.Verification 30% complete.Verification 31% complete.Verification 31% complete.Verification 31% complete.Verification 32% complete.Verification 32% complete.Verification 32% complete.Verification 33% complete.Verification 33% complete.Verification 33% complete.Verification 34% complete.Verification 34% complete.Verification 34% complete.Verification 34% complete.Verification 35% complete.Verification 35% complete.Verification 35% complete.Verification 36% complete.Verification 36% complete.Verification 36% complete.Verification 37% complete.Verification 37% complete.Verification 37% complete.Verification 38% complete.Verification 38% complete.Verification 38% complete.Verification 39% complete.Verification 39% complete.Verification 39% complete.Verification 40% complete.Verification 40% complete.Verification 40% complete.Verification 41% complete.Verification 41% complete.Verification 41% complete.Verification 42% complete.Verification 42% complete.Verification 42% complete.Verification 42% complete.Verification 43% complete.Verification 43% complete.Verification 43% complete.Verification 44% complete.Verification 44% complete.Verification 44% complete.Verification 45% complete.Verification 45% complete.Verification 45% complete.Verification 46% complete.Verification 46% complete.Verification 46% complete.Verification 47% complete.Verification 47% complete.Verification 47% complete.Verification 48% complete.Verification 48% complete.Verification 48% complete.Verification 49% complete.Verification 49% complete.Verification 49% complete.Verification 50% complete.Verification 50% complete.Verification 50% complete.Verification 51% complete.Verification 51% complete.Verification 51% complete.Verification 51% complete.Verification 52% complete.Verification 52% complete.Verification 52% complete.Verification 53% complete.Verification 53% complete.Verification 53% complete.Verification 54% complete.Verification 54% complete.Verification 54% complete.Verification 55% complete.Verification 55% complete.Verification 55% complete.Verification 56% complete.Verification 56% complete.Verification 56% complete.Verification 57% complete.Verification 57% complete.Verification 57% complete.Verification 58% complete.Verification 58% complete.Verification 58% complete.Verification 59% complete.Verification 59% complete.Verification 59% complete.Verification 59% complete.Verification 60% complete.Verification 60% complete.Verification 60% complete.Verification 61% complete.Verification 61% complete.Verification 61% complete.Verification 62% complete.Verification 62% complete.Verification 62% complete.Verification 63% complete.Verification 63% complete.Verification 63% complete.Verification 64% complete.Verification 64% complete.Verification 64% complete.Verification 65% complete.Verification 65% complete.Verification 65% complete.Verification 66% complete.Verification 66% complete.Verification 66% complete.Verification 67% complete.Verification 67% complete.Verification 67% complete.Verification 68% complete.Verification 68% complete.Verification 68% complete.Verification 68% complete.Verification 69% complete.Verification 69% complete.Verification 69% complete.Verification 70% complete.Verification 70% complete.Verification 70% complete.Verification 71% complete.Verification 71% complete.Verification 71% complete.Verification 72% complete.Verification 72% complete.Verification 72% complete.Verification 73% complete.Verification 73% complete.Verification 73% complete.Verification 74% complete.Verification 74% complete.Verification 74% complete.Verification 75% complete.Verification 75% complete.Verification 75% complete.Verification 76% complete.Verification 76% complete.Verification 76% complete.Verification 76% complete.Verification 77% complete.Verification 77% complete.Verification 77% complete.Verification 78% complete.Verification 78% complete.Verification 78% complete.Verification 79% complete.Verification 79% complete.Verification 79% complete.Verification 80% complete.Verification 80% complete.Verification 80% complete.Verification 81% complete.Verification 81% complete.Verification 81% complete.Verification 82% complete.Verification 82% complete.Verification 82% complete.Verification 83% complete.Verification 83% complete.Verification 83% complete.Verification 84% complete.Verification 84% complete.Verification 84% complete.Verification 85% complete.Verification 85% complete.Verification 85% complete.Verification 85% complete.Verification 86% complete.Verification 86% complete.Verification 86% complete.Verification 87% complete.Verification 87% complete.Verification 87% complete.Verification 88% complete.Verification 88% complete.Verification 88% complete.Verification 89% complete.Verification 89% complete.Verification 89% complete.Verification 90% complete.Verification 90% complete.Verification 90% complete.Verification 91% complete.Verification 91% complete.Verification 91% complete.Verification 92% complete.Verification 92% complete.Verification 92% complete.Verification 93% complete.Verification 93% complete.Verification 93% complete.Verification 93% complete.Verification 94% complete.Verification 94% complete.Verification 94% complete.Verification 95% complete.Verification 95% complete.Verification 95% complete.Verification 96% complete.Verification 96% complete.Verification 96% complete.Verification 97% complete.Verification 97% complete.Verification 97% complete.Verification 98% complete.Verification 98% complete.Verification 98% complete.Verification 99% complete.Verification 99% complete.Verification 99% complete.Verification 100% complete.
 
 
Windows Resource Protection found corrupt files but was unable to fix some 
 
of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For 
 
example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not 
 
supported in offline servicing scenarios.
 
 
========= End of CMD: =========
 
 
========= DISM.exe /Online /Cleanup-image /Restorehealth =========
 
 
Deployment Image Servicing and Management tool
Version: 6.3.9600.19408
 
Image Version: 6.3.9600.19397
 
 
Error: 0x800f0906
 
The source files could not be downloaded. 
Use the "source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source location, see http://go.microsoft..../?LinkId=243077.
 
The DISM log file can be found at C:\Windows\Logs\DISM\dism.log
 
========= End of CMD: =========
 
 
========= ECHO Y|CHKDSK C: /F =========
 
The type of the file system is NTFS.
Cannot lock current drive.
 
Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N) Y
 
This volume will be checked the next time the system restarts.
 
========= End of CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 97932108 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 233437 B
Edge => 0 B
Chrome => 1819491 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 21872 B
systemprofile32 => 22000 B
LocalService => 22000 B
NetworkService => 22000 B
Steve => 614266 B
 
RecycleBin => 0 B
EmptyTemp: => 104 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 05:50:54 ====


#5 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 12 June 2020 - 05:04 AM

Sorry I'm such a pain.  When I went to Sign Out, the Sign Out was unsuccessful, I got the Blue Screen of Death with the Smiley Face, Frown, and Message.



#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 12 June 2020 - 05:34 AM

Hi,
 
Your problem is caused by Hardware or driver issues.
 
Please attach the file in bolt in your next reply.
 
C:\Windows\Minidump\060820-29671-01.dmp
 
 
Reply to this topic and do the following.
 
How to:
Attach the file(s). A 2 Steps process.
Select the "Choose the file in bold" navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 12 June 2020 - 08:11 PM

At C:\Windows\Minidump\
 
I only have:
 
061220-27468-01.dmp & 061220-30265-01.dmp


#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 13 June 2020 - 05:17 AM

Plesse attach it.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 13 June 2020 - 10:32 AM

Windows says I can't attach the files, because I don't have permission.

 

Now what?



#10 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 13 June 2020 - 05:17 PM

I'm writing this on my sister's computer as I'm not sure how far I would get on the one you are fixing.  I went to that website you had posted up above to replace Windows 8.1 drivers, that were outdated.  They had a Pro version of the Software that you could purchase that would do it for you, because their manual version looked complicated.  So I purchased the Pro version and ran it on my laptop.  It only needed to update 7 items and then restart.  It took 3 tries to get Google Chrome to run.  After I was on chrome and tried to look at something the screen froze and I got the Blue Screen Of Death.  I ran TFC.exe to clean out temp files.  When the program is done running it's suppose to show me the Windows key and then you can select Restart to reboot.  It didn't.  I pushed the Windows key, but that didn't work.  So I had to pull the power to reboot.  I tried some other operations and when I did get to Start, I tried Shutdown and Restart, but they didn't work.  Their advert said if I wasn't satisfied with the program during the 30 day period, they would refund my money no questions asked.  There program wouldn't run from the Desktop.  I had to right mouse click on their program and run Check For Compatibility Issues.  When that Windows program was running then their program would run.  I sent them a 5 Stars Down rating for their program, said I wanted my money back.  Fort all I know they scanned everything on my laptop and now I'm in deep crap.  I contacted Tech Support, listed my Grievances, told them I was uninstalling their program and Deleting what I could find in the Registry.  It will be Tuesday EST in the USA before Support get's back to m,e.  All that good work to fix my laptop and it is all gone in the toilet.



#11 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,991 posts

Posted 13 June 2020 - 09:19 PM

Hello Krishna

 

I have edited the forum permissions. Will you please try to upload the two files now.

 

Thank you

 

Rocket Grannie


a9.gif


My help is free however if you wish to make a donation please see Here

#12 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 14 June 2020 - 01:27 AM

Sorry Rocket Grannie, my laptop says I don't have permission to attach the file.  I don't know how to get permission from the Administrator even though some of programs you run to get the text files for you to read to diagnose the problem for this laptop, say I'm Administrator, but probably the Tech at Staples that put Windows 8.1 on this laptop is probably the "true" Administrator.

 

You and this Forum are not at fault.



#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 14 June 2020 - 05:24 AM

Hi,

 

Before you attach the log, rename one of the files.

 

To.

 

061220-27468-01.dmp.txt

 

or

 

061220-30265-01.dmp.txt

 

You will be asked if you want to change it, accept  the change.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 14 June 2020 - 09:17 AM

That didn't work either.



#15 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 14 June 2020 - 10:01 AM

Maybe I got it this time?  No matter what I do, made myself Administrator, changed the attributes from an Archive to a Neutral File, changed the name of the file, Windows either says it can't find the file, or I don't have permission and I have to contact the owner of the file for permission.  How do I do that?  I don't have Internet Access in Safe Mode.  I'm stumped.  I need more instructions on how to access that file, or is there something else you can look at, that'll give you what you want?

 

What app or program do I need that will allow me to read that file, so I can post it here as text instead of as a File Attachment?



#16 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 15 June 2020 - 06:24 AM

Hi,
 
The fix I suggested created a restore point.
 
Look if you have other restore points available and restore your system to a date prior to the beginning of your difficulties with this computer.
 
Restore from a Restore Point in Windows 8
 
p.s.
 
I see these restore points in your Addition.txt logs
 
21-05-2020 19:43:35 Scheduled Checkpoint
30-05-2020 11:57:04 Scheduled Checkpoint
08-06-2020 16:04:46 Scheduled Checkpoint
 
TI suggest you restore the one dated:
21-05-2020 19:43:35 Scheduled Checkpoint
 
If successful please run the Farbar Program and post fresh Logs for my review.
 
Let me know of any issues.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#17 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 15 June 2020 - 05:25 PM

When I went to the link you provided "Restore For Dummies," my screen froze up, my mouse quit working, and I got the Blue Screen Of Death.  Which I then had to pull the Power and pull the Battery.

 

When I got back to the Desktop, I had pulled the RS232 ? Plug so I wasn't connected to the Internet.  I turned off AVG and turned off Malwarebytes.  Since I was working my way to Safe Mode, I noticed with the options listed I could Restore a Point from Safe Mode.  When I did what I did in Safe Mode, changed 06132-37578-01.dmp from C:\Windows\Minidump to 06132-37578-01.txt and pulled that file into my Documents folder.  When I got back to the Desktop to see if I could attach this Text File, I couldn't find it.  It totally disappeared.

 

To get back to where I could Restore a Restore Point in Safe Mode at the Run box I typed in my favorite command which this Forum won't let me post (maybe that's a good idea?) and I was able to Restore a Point, but I think my only choice in May was 5/30/20.  I'm not able to get Google running so I'm here via Internet Explorer.  I'll have to uninstall Chrome and go to their website and get the latest version to reinstall.

 

Something is not letting me post FRST and ADDITION, so I'll be back.  Can't say it's Internet Explorer?



#18 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 15 June 2020 - 07:46 PM

My 4th. Attempt

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Steve (administrator) on HARRIS-PC (Hewlett-Packard HP Pavilion 15 Notebook PC) (15-06-2020 18:40:36)
Running from C:\Users\Steve\Downloads
Loaded Profiles: Steve
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19651_none_fa3af1939b2c2558\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Third Party Application Component -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [528840 2019-03-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G12] => C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe [154296 2018-11-07] (CyberLink Corp. -> CyberLink)
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress12] => NA
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\Windows\system32\hpinkstsa011LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\Windows\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Copy 1).lnk [2020-03-08]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1898B8D9-9FA5-42BB-825C-208C3F91CC1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {1A924A01-1460-4185-B137-252DF3972D68} - System32\Tasks\Driver Booster SkipUAC (Steve) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
Task: {1F2C01F0-E05C-484C-8093-F80D1375929C} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {35B673EB-EB8E-4726-88A5-EF65E17E6444} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {57FFCCB0-B3CB-4F34-89A7-23E916A38A39} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {60F6C3D9-8AB9-4E72-8573-66DBB8ECFD90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E3ED1D6-B5E0-45C8-87C8-8DB0652151F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {76D5726F-A4A1-4C78-836B-6053CE2E1266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {7AABD26B-2A98-485F-993B-3880BEA6D265} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {7ABA0F7A-305C-469E-A049-C75237007AE3} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002 => C:\Users\Steve\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Task: {7E1F187B-44C8-401F-8579-18DD82F060A8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {867825CF-6A8F-41DF-97DD-5AE4323F0472} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {88610114-47BE-4F42-837E-BF65D2B73013} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> )
Task: {944D5D4F-0288-41FE-BF1A-2E0063C69C92} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {97CDB05C-9069-4BF5-BF47-9C358DB16D99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-08] (Google Inc -> Google Inc.)
Task: {A8A597F4-12DE-4344-8E10-B7E66E9EE41D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A9147A7E-2AA3-46F7-94F0-EA7831D8929D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {B321C1AB-8FA0-45FA-A494-6E66E753CAB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {B7D67F0F-AABE-46FD-A967-851E5F59AFE9} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3387520 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {B91A15B7-D445-4AF4-9CC6-416C653D3B34} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9193CF8-4731-406E-BD2E-28C143451FB1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6DBA4E2-EDDA-49C1-8F1D-5AF2946A8B10} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAC7A505-7F02-4B43-A3C5-1F3DBED24FFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {DB6CAAEC-4591-42C4-BEFF-0BE85B461552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {DC2ACC65-0384-4FA6-B39E-F59D2E84A1A8} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E40E477C-18CD-4C50-ADA9-791ACCD969E0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E55BDDC3-F45E-485A-A636-9BF31F5AFF56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {F44746C6-10D5-4E82-A1AE-60D82FBEEF7E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\HPCeeScheduleForSteve.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{67F30BE7-F1D9-4075-B26E-43D3F3480D79}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{CF139D7E-D521-4337-A570-51EAAE9CEC88}: [DhcpNameServer] 209.18.47.62 209.18.47.61
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
URLSearchHook: [S-1-5-21-752196998-378064213-1701927948-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06152020184016404] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-752196998-378064213-1701927948-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Steve\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-02-16] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2020-06-15]
CHR StartupUrls: Default -> "hxxps://google.com/","hxxp://https//google.com"
CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-12-11] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [349552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-18] (Malwarebytes Inc -> Malwarebytes)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [54080 2018-05-26] (Hewlett-Packard Company -> HP)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21634560 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [665600 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [83656 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [23752 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37208 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205952 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [234632 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [178832 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61072 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42856 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109336 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84928 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851664 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461064 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319184 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CLFCL5.18; C:\Windows\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2019-02-20] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [111840 2018-05-02] (CyberLink Corp. -> CyberLink)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [41280 2018-05-26] (Hewlett-Packard Company -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-26] (Martin Malik - REALiX -> REALiX™)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-05-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [125088 2020-05-24] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [329664 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-15 18:40 - 2020-06-15 18:44 - 000031526 _____ C:\Users\Steve\Downloads\FRST.txt
2020-06-15 18:38 - 2020-06-15 18:38 - 002289152 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
2020-06-15 17:38 - 2020-05-21 04:12 - 000338104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-06-15 17:25 - 2020-06-15 17:25 - 000000000 ____D C:\ProgramData\Synaptics
2020-06-13 13:49 - 2020-06-13 13:49 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo5.txt
2020-06-13 13:49 - 2020-06-13 13:49 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo4.txt
2020-06-13 13:48 - 2020-06-13 13:48 - 000002696 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo3.txt
2020-06-13 13:48 - 2020-06-13 13:48 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo2.txt
2020-06-13 13:46 - 2020-06-13 13:46 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo.txt
2020-06-13 12:58 - 2020-06-13 16:17 - 000002226 _____ C:\Users\Steve\Documents\DriverEasyPro.txt
2020-06-09 00:20 - 2020-06-09 00:20 - 000001371 _____ C:\Users\Steve\Documents\Steve'sScan.txt
2020-06-05 02:23 - 2020-06-15 21:13 - 000000000 ____D C:\Windows\pss
2020-06-05 02:10 - 2020-06-05 02:13 - 000001420 _____ C:\Users\Steve\Documents\SafeMode2.txt
2020-06-04 18:42 - 2020-06-04 20:38 - 000002479 _____ C:\Users\Steve\Documents\UninstallingGoogleChrome.txt
2020-06-03 04:43 - 2020-06-03 04:43 - 000000071 _____ C:\Users\Steve\Documents\BlueJeans.txt
2020-06-01 14:04 - 2020-06-01 16:25 - 000005192 _____ C:\Users\Steve\Documents\SystemRestoreFixes.txt
2020-05-24 05:01 - 2020-05-24 05:01 - 000002422 _____ C:\Users\Steve\Documents\cc_20200524_050112.reg
2020-05-24 04:55 - 2020-06-15 17:40 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-05-24 04:55 - 2020-05-24 04:55 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-24 04:55 - 2020-05-24 04:55 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-05-24 04:55 - 2020-05-24 04:55 - 000125088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-05-24 03:54 - 2020-05-24 03:54 - 000000099 _____ C:\Users\Steve\Documents\LukeCombs-WhenItRains.txt
2020-05-22 19:19 - 2020-05-22 19:19 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-05-21 04:12 - 2020-05-21 04:12 - 000235552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-05-21 04:12 - 2020-05-21 04:12 - 000175776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-05-16 13:55 - 2020-05-16 13:55 - 001457029 _____ C:\Users\Steve\Downloads\to_a_few_of_my_friends.zip
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-15 21:14 - 2017-12-23 02:34 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-06-15 21:14 - 2014-04-09 21:03 - 000000000 ____D C:\Trend Micro
2020-06-15 21:14 - 2013-11-27 14:27 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-06-15 21:14 - 2013-08-22 11:36 - 000000000 __RSD C:\Windows\Media
2020-06-15 21:14 - 2013-08-22 11:36 - 000000000 ___RD C:\Windows\ToastData
2020-06-15 21:14 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2020-06-15 21:14 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-06-15 21:14 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2020-06-15 21:05 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-15 20:59 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\registration
2020-06-15 20:58 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\system32\Sysprep
2020-06-15 20:54 - 2015-10-26 21:35 - 000000000 ____D C:\ProgramData\Avg
2020-06-15 20:54 - 2013-11-27 14:26 - 000000000 ____D C:\Program Files\Synaptics
2020-06-15 18:42 - 2018-05-26 00:49 - 000000000 ____D C:\FRST
2020-06-15 18:35 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2020-06-15 18:33 - 2014-04-07 18:01 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5F3C0AA3-2C2D-4A09-B42C-56EA43D744A8}
2020-06-15 18:32 - 2014-04-07 15:42 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-752196998-378064213-1701927948-1002
2020-06-15 18:07 - 2018-08-12 22:03 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2020-06-15 18:06 - 2014-10-05 23:36 - 000000000 ____D C:\Program Files (x86)\FileHippo.com
2020-06-15 17:41 - 2020-03-08 04:21 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-15 17:41 - 2017-11-27 14:34 - 000001991 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-06-15 17:41 - 2017-11-27 14:34 - 000001991 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-06-15 17:40 - 2017-06-01 20:08 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-06-15 17:25 - 2014-04-07 23:36 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Synaptics
2020-06-15 17:25 - 2014-04-07 23:36 - 000000000 ____D C:\Users\Steve
2020-06-15 17:24 - 2017-11-23 00:47 - 000000352 _____ C:\Windows\Tasks\HPCeeScheduleForSteve.job
2020-06-15 17:24 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-15 15:55 - 2017-06-10 08:37 - 000000000 ____D C:\Windows\Minidump
2020-06-15 15:55 - 2014-04-07 23:36 - 000000000 ___HD C:\Users\Steve\Documents\hp.system.package.metadata
2020-06-15 05:08 - 2018-09-04 21:17 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-13 03:43 - 2019-10-18 00:54 - 000000465 _____ C:\Users\Steve\Documents\JazzFromWarecolors.txt
2020-06-13 02:45 - 2020-02-19 02:03 - 000000111 _____ C:\Users\Steve\Documents\NewIndieMusic.txt
2020-06-12 05:50 - 2018-09-27 09:56 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\Temp
2020-06-03 02:43 - 2020-02-19 00:57 - 000001173 _____ C:\Users\Steve\Documents\80sGlamRock.txt
2020-05-31 05:04 - 2016-12-01 02:36 - 000007341 _____ C:\Users\Steve\Documents\SpywareInfo.txt
2020-05-30 03:28 - 2020-03-08 04:21 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-05-30 03:28 - 2019-03-18 19:19 - 000003626 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2020-05-30 03:28 - 2018-05-26 02:20 - 000002888 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Steve)
2020-05-30 03:28 - 2017-11-23 00:47 - 000003166 _____ C:\Windows\system32\Tasks\HPCeeScheduleForSteve
2020-05-30 03:28 - 2017-10-08 22:07 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-30 03:28 - 2017-10-08 22:07 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-30 03:28 - 2017-09-07 10:07 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-05-30 03:28 - 2015-11-25 18:40 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{64199833-6EB1-444D-98FB-CC40285436D5}
2020-05-30 03:28 - 2015-11-25 18:17 - 000003098 _____ C:\Windows\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002
2020-05-30 03:28 - 2014-12-23 20:37 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-05-30 03:28 - 2014-04-10 10:51 - 000003118 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-05-30 03:28 - 2014-04-10 10:51 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-05-30 03:28 - 2014-04-10 10:51 - 000003090 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-05-30 03:28 - 2014-04-10 10:51 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-05-30 03:28 - 2014-04-10 10:51 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-05-30 03:28 - 2013-11-27 14:26 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-05-24 04:53 - 2013-11-27 14:25 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-05-24 02:38 - 2019-07-28 23:50 - 000000201 _____ C:\Users\Steve\Documents\R & B 2020.txt
2020-05-24 00:02 - 2017-01-12 04:53 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-22 04:09 - 2020-02-14 00:00 - 000000509 _____ C:\Users\Steve\Documents\Throwback Hits Of The 1990s.txt
2020-05-22 03:08 - 2020-02-13 23:00 - 000000337 _____ C:\Users\Steve\Documents\TopHitsOf2000.txt
2020-05-22 02:05 - 2020-02-13 21:57 - 000001082 _____ C:\Users\Steve\Documents\Top100SongsOf2010.txt
2020-05-21 19:41 - 2017-10-08 22:08 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-21 19:41 - 2017-10-08 22:08 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-21 19:41 - 2017-10-08 22:08 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-21 04:16 - 2019-10-21 17:38 - 000002042 _____ C:\Users\Steve\Documents\60s&70sClassicRock.txt
2020-05-21 04:12 - 2018-10-22 14:59 - 000042856 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000461064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000319184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-05-21 04:12 - 2017-06-01 20:08 - 000084928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2020-05-21 04:11 - 2019-01-17 14:04 - 000234632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000178832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000061072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-05-21 04:11 - 2019-01-17 01:07 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2020-05-21 04:11 - 2017-11-27 14:34 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-05-21 04:11 - 2017-06-01 20:08 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-05-18 00:25 - 2019-04-22 02:35 - 000006841 _____ C:\Users\Steve\Documents\4Concerts.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-13 11:48
==================== End of FRST.txt ========================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Steve (15-06-2020 18:48:52)
Running from C:\Users\Steve\Downloads
Windows 8.1 (Update) (X64) (2014-04-08 03:35:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-752196998-378064213-1701927948-500 - Administrator - Disabled)
Guest (S-1-5-21-752196998-378064213-1701927948-501 - Limited - Disabled)
Steve (S-1-5-21-752196998-378064213-1701927948-1002 - Administrator - Enabled) => C:\Users\Steve
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (HKLM-x32\...\WTA-a3fcf0b0-3d44-4d2b-aed3-ee1f587cdf19) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{80CA011C-2CED-4BF5-A02A-CA0DD09117EC}) (Version: 12.3.3.203 - Adobe Systems, Inc)
Airport Mania (HKLM-x32\...\WTA-9a76ab38-a5d8-43ab-a3af-5fefbeb4449e) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2583B4C-2FBE-E2CC-EDBA-BF10E61C6BAB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{EC76EA2C-ABFA-4DCA-9944-EE2CBD33FAEF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.3.3120 - AVG Technologies)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-393aa941-1358-4641-b8a2-f637da8d1fef) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-cd7cb784-7c07-4baa-acd3-ced4570fa9c0) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WTA-66a32e31-a102-4a5b-ba0d-a82481da578b) (Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-12994157-f75f-4bf3-95a6-9f80e5625e3e) (Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-8ab9fd4d-19d4-4c1b-a932-d212b740d9d6) (Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-76c1430a-b631-4ddc-a7c6-d880a7524bee) (Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (HKLM-x32\...\WTA-57bb1524-df97-4fb3-a58d-b6c5c1cd1267) (Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.12508 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.)
CyberLink Power2Go 12 (HKLM-x32\...\{A59F6DC9-8562-49d6-8C03-3F3AF0C5C0D3}) (Version: 12.0.1024b - CyberLink Corp.)
CyberLink Power2Go 12 Content Pack (HKLM-x32\...\{661FB630-A0FA-4c39-80B6-0BD2591CAFA2}) (Version: 12.0.0319.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.2705.62 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.1.9529.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (HKLM-x32\...\WTA-4a00ccad-206d-4289-a832-4d76c74eea03) (Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes en-US (HKLM-x32\...\{C438C1D0-A46C-4BFA-AFCD-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Elevated Installer (HKLM-x32\...\{7C1FBBDC-44BC-4BAA-A29D-8BB620E23431}) (Version: 5.7.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WTA-a19ed313-c752-48d1-97ba-d9759df135c9) (Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-dbb5e02a-d88a-412f-b7e7-41604a495a9b) (Version: 3.0.2.38 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-1b591a9c-031b-453a-b336-f8d04cfa5a2f) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (HKLM-x32\...\WTA-6fba1754-5c31-41d7-8357-3390b8c9ca4b) (Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.24.33 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.15.14.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Jewel Match 3 (HKLM-x32\...\WTA-92da0979-76da-4598-aa58-16e4d93e7a56) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-b0fe64d1-80e2-4928-8a86-914979a109c9) (Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-1687b6a3-2f77-4bbc-bae2-98c6973c2fe5) (Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-14380d67-6f50-4280-af08-a7d0dfd787a2) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (HKLM-x32\...\WTA-2f8b3fd3-454a-41b5-910f-065d632d411f) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4517.1509 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-99e7820b-1887-48d1-ac6a-4489d16e86a4) (Version: 2.2.0.98 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-4b039ff6-b07a-406f-b2ef-42607c274be7) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-94747bd2-9db8-4783-bf53-7fc572f01c6c) (Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\{9B56B031-A6C0-4BB7-8F61-938548C1B759}) (Version: 1.4.0.1 - Pinger Inc.) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44fc4272-dc82-4594-af0a-ecc03e31347f) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-d2fe7e80-f59c-46ce-bbad-855ae94e288e) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8199 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-8b00b443-3ed1-4f98-9e5c-fd4bd623925b) (Version: 2.2.0.98 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Tales of Lagoona (HKLM-x32\...\WTA-17e4838e-c690-4af5-bd30-15bdda345941) (Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-4dcb586b-23e4-4014-97c0-e773c6256a8f) (Version: 3.0.2.32 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.15 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (HKLM-x32\...\WTA-02731f74-eef9-49f0-9e49-b6e8c5890582) (Version: 3.0.2.32 - WildTangent) Hidden
Zoom (HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
Zuma's Revenge (HKLM-x32\...\WTA-f71766fb-ae3d-4ff2-b67a-b7147e0c87bd) (Version: 2.2.0.98 - WildTangent) Hidden
 
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2018-08-12] (WildTangent Games)
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2018-08-12] (Box, Inc.)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2018-08-12] (eBay, Inc)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2018-08-12] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2018-08-12] (Hewlett-Packard Company)
HP Connected Drive -> C:\Program Files\WindowsApps\AD2F1837.HPFileViewer_4.4.32.190_x64__v10z8vjag6ke6 [2018-08-12] (HP Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2018-08-12] (Hewlett-Packard Company)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2018-08-12] (AMZN Mobile LLC)
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-08-12] (Microsoft Corporation)

#19 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 16 June 2020 - 05:41 AM

Hi,
 
The latest logs are the same as your first submission.
 
Try to restore your System via the Recovery Environment.
 
Follow the directives on this page under this section.
 

System Restore puts your system back to a chosen restore point. It won’t work, though, unless you’ve turned on restore points for one or more drives on your computer.
 
 
Let it finish.
 
Let me know if you have issues in the restore point you reset.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#20 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 16 June 2020 - 06:36 AM

In America we have this saying, "why fix it, if it ain't broke?"  My laptop is running better than ever and you want me to screw it up even further.  Restore a Point on this laptop hasn't worked in years.  I always got the message that it couldn't Restore to the Point I wanted and it was returning me to the current status.  I ran Restore a Point from Safe Mode yesterday, just to see if it would work.  I was so amazed, that it actually did work as it wouldn't work in "Normal" Mode.  I'll be back.



#21 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 16 June 2020 - 08:34 AM

I got the Blue Screen Of Death trying to get to this post a couple of minutes ago.  The Instructions in your Dummies for Restore Points for Windows 8.1, was incomplete.  It was missing a couple of Instructions, but because my sister's 8.1 PC was having problems a couple of weeks ago, she showed me how to do it.  Yesterday I used Restore Point 5-30-20.  Today I used Restore Point 6-8-20.  If you don't see anything different this time, I suppose the next try could be one by FRST.  You'll be happy to know that Driveeasy is giving me a Refund.  I believe when I see it.  I should probably update Internet Explorer even though it's not my Default Browser.  Here's the logs.

 

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Steve (administrator) on HARRIS-PC (Hewlett-Packard HP Pavilion 15 Notebook PC) (16-06-2020 09:52:33)
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19651_none_fa3af1939b2c2558\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Failed to access process -> ig.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230312 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [528840 2019-03-05] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G12] => C:\Program Files (x86)\CyberLink\Power2Go12\CLMLSvc_P2G12.exe [154296 2018-11-07] (CyberLink Corp. -> CyberLink)
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\Run: [Power2GoExpress12] => NA
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\Windows\system32\hpinkstsa011LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\Windows\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series (Copy 1).lnk [2020-03-08]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1898B8D9-9FA5-42BB-825C-208C3F91CC1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {1A924A01-1460-4185-B137-252DF3972D68} - System32\Tasks\Driver Booster SkipUAC (Steve) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
Task: {1F2C01F0-E05C-484C-8093-F80D1375929C} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {352690C0-2E47-494D-87F1-F2C186AD36E0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3361928 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {452426C5-D049-4BB2-A76F-1DE49C68F63B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-16] (Google LLC -> Google LLC)
Task: {57FFCCB0-B3CB-4F34-89A7-23E916A38A39} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {60F6C3D9-8AB9-4E72-8573-66DBB8ECFD90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E3ED1D6-B5E0-45C8-87C8-8DB0652151F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {76D5726F-A4A1-4C78-836B-6053CE2E1266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {7AABD26B-2A98-485F-993B-3880BEA6D265} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {7ABA0F7A-305C-469E-A049-C75237007AE3} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002 => C:\Users\Steve\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Task: {7E1F187B-44C8-401F-8579-18DD82F060A8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {867825CF-6A8F-41DF-97DD-5AE4323F0472} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {88610114-47BE-4F42-837E-BF65D2B73013} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-23] (HP Inc. -> )
Task: {944D5D4F-0288-41FE-BF1A-2E0063C69C92} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {A8A597F4-12DE-4344-8E10-B7E66E9EE41D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {A9147A7E-2AA3-46F7-94F0-EA7831D8929D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {AB10EBF6-8840-4F3F-B9AA-63AB850E90F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-16] (Google LLC -> Google LLC)
Task: {B321C1AB-8FA0-45FA-A494-6E66E753CAB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {B91A15B7-D445-4AF4-9CC6-416C653D3B34} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9193CF8-4731-406E-BD2E-28C143451FB1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6DBA4E2-EDDA-49C1-8F1D-5AF2946A8B10} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAC7A505-7F02-4B43-A3C5-1F3DBED24FFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {DB6CAAEC-4591-42C4-BEFF-0BE85B461552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {DC2ACC65-0384-4FA6-B39E-F59D2E84A1A8} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E40E477C-18CD-4C50-ADA9-791ACCD969E0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E55BDDC3-F45E-485A-A636-9BF31F5AFF56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {F44746C6-10D5-4E82-A1AE-60D82FBEEF7E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\HPCeeScheduleForSteve.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{67F30BE7-F1D9-4075-B26E-43D3F3480D79}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{CF139D7E-D521-4337-A570-51EAAE9CEC88}: [DhcpNameServer] 209.18.47.62 209.18.47.61
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-752196998-378064213-1701927948-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {844A2F6A-2C69-485E-9750-4DB1795F5D0D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CD2F4B07-66A3-4A7F-B5B5-38155F893335}&mid=faf257a8cbe747d2a1d471540e39272c-92930892bd410719a60f79d0b62c8f3b7d07b248&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-08 17:52:23&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-752196998-378064213-1701927948-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-752196998-378064213-1701927948-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Steve\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-02-16] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2020-06-16]
CHR Notifications: Default -> hxxps://articles.mercola.com; hxxps://awarenessact.com; hxxps://directorzone.cyberlink.com; hxxps://manualslibrary.org; hxxps://membership.cyberlink.com; hxxps://prayingmedic.com; hxxps://thechamomile.com; hxxps://upornia.com; hxxps://www.bradenton.com; hxxps://www.cyberlink.com; hxxps://www.facebook.com; hxxps://www.nascar.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://google.com/","hxxp://https//google.com"
CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-12-11] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [349552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-18] (Malwarebytes Inc -> Malwarebytes)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation -> Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2018-05-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [54080 2018-05-26] (Hewlett-Packard Company -> HP)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21634560 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [665600 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [83656 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [23752 2018-05-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2018-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37208 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205952 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [235144 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [178824 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61064 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42840 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175776 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [506208 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109336 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84912 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851664 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [462656 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235552 2020-05-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [322328 2020-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CLFCL5.18; C:\Windows\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2019-02-20] (CyberLink Corp. -> CyberLink Corp.)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [111840 2018-05-02] (CyberLink Corp. -> CyberLink)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [41280 2018-05-26] (Hewlett-Packard Company -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-26] (Martin Malik - REALiX -> REALiX™)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-06-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131736 2020-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [329664 2018-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\SysWOW64\DRIVERS\rtwlane.sys [2945240 2013-09-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2018-05-26] (Hewlett-Packard Company -> HP)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 McProxy; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-16 09:52 - 2020-06-16 09:54 - 000032196 _____ C:\Users\Steve\Desktop\FRST.txt
2020-06-16 09:50 - 2020-06-16 09:50 - 002289152 _____ (Farbar) C:\Users\Steve\Desktop\FRST64.exe
2020-06-16 09:36 - 2020-06-16 09:36 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 09:36 - 2020-06-16 09:36 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-16 09:36 - 2020-06-16 09:36 - 000002282 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-16 09:35 - 2020-06-16 09:35 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-16 09:35 - 2020-06-16 09:35 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-16 09:34 - 2020-06-16 09:34 - 000506208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-06-16 09:34 - 2020-06-16 09:34 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-06-16 09:34 - 2020-06-16 09:34 - 000216880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw01fcea9c8b84f18c.tmp
2020-06-16 09:34 - 2020-06-16 09:34 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw66733dab038cf276.tmp
2020-06-16 09:33 - 2020-06-16 09:33 - 001295576 _____ (Google LLC) C:\Users\Steve\Downloads\ChromeSetup.exe
2020-06-15 17:25 - 2020-06-15 17:25 - 000000000 ____D C:\ProgramData\Synaptics
2020-06-13 13:49 - 2020-06-13 13:49 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo5.txt
2020-06-13 13:49 - 2020-06-13 13:49 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo4.txt
2020-06-13 13:48 - 2020-06-13 13:48 - 000002696 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo3.txt
2020-06-13 13:48 - 2020-06-13 13:48 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo2.txt
2020-06-13 13:46 - 2020-06-13 13:46 - 000002694 _____ C:\Users\Steve\Documents\DriverEasy-PCInfo.txt
2020-06-13 12:58 - 2020-06-13 16:17 - 000002226 _____ C:\Users\Steve\Documents\DriverEasyPro.txt
2020-06-09 00:20 - 2020-06-09 00:20 - 000001371 _____ C:\Users\Steve\Documents\Steve'sScan.txt
2020-06-08 14:58 - 2020-06-08 14:59 - 000281528 _____ C:\Windows\Minidump\060820-28593-01.dmp
2020-06-08 02:32 - 2020-06-08 02:32 - 000001112 _____ C:\Users\Steve\Documents\cc_20200608_023223.reg
2020-06-08 02:06 - 2020-06-16 09:21 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-06-08 02:06 - 2020-06-08 02:06 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-06-08 02:05 - 2020-06-08 02:05 - 000131736 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-06-07 21:51 - 2020-06-07 21:51 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-06-07 21:51 - 2020-06-07 21:51 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-05 02:23 - 2020-06-16 13:10 - 000000000 ____D C:\Windows\pss
2020-06-05 02:10 - 2020-06-05 02:13 - 000001420 _____ C:\Users\Steve\Documents\SafeMode2.txt
2020-06-04 18:42 - 2020-06-04 20:38 - 000002479 _____ C:\Users\Steve\Documents\UninstallingGoogleChrome.txt
2020-06-03 04:43 - 2020-06-03 04:43 - 000000071 _____ C:\Users\Steve\Documents\BlueJeans.txt
2020-06-01 14:04 - 2020-06-01 16:25 - 000005192 _____ C:\Users\Steve\Documents\SystemRestoreFixes.txt
2020-05-24 05:01 - 2020-05-24 05:01 - 000002422 _____ C:\Users\Steve\Documents\cc_20200524_050112.reg
2020-05-24 03:54 - 2020-05-24 03:54 - 000000099 _____ C:\Users\Steve\Documents\LukeCombs-WhenItRains.txt
2020-05-21 04:12 - 2020-05-21 04:12 - 000235552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-05-21 04:12 - 2020-05-21 04:12 - 000175776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-16 13:10 - 2017-12-23 02:34 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-06-16 13:10 - 2017-06-10 08:37 - 000000000 ____D C:\Windows\Minidump
2020-06-16 13:10 - 2017-06-01 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2020-06-16 13:10 - 2014-10-05 23:36 - 000000000 ____D C:\Program Files (x86)\FileHippo.com
2020-06-16 13:10 - 2013-11-27 14:27 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-06-16 13:10 - 2013-08-22 11:36 - 000000000 __RSD C:\Windows\Media
2020-06-16 13:10 - 2013-08-22 11:36 - 000000000 ___RD C:\Windows\ToastData
2020-06-16 13:10 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2020-06-16 13:10 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-06-16 13:10 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2020-06-16 13:04 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-16 12:58 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\registration
2020-06-16 12:56 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\system32\Sysprep
2020-06-16 12:51 - 2013-11-27 14:26 - 000000000 ____D C:\Program Files\Synaptics
2020-06-16 09:53 - 2018-05-26 00:49 - 000000000 ____D C:\FRST
2020-06-16 09:41 - 2014-04-07 15:42 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-752196998-378064213-1701927948-1002
2020-06-16 09:36 - 2017-10-08 22:07 - 000000000 ____D C:\Program Files (x86)\Google
2020-06-16 09:35 - 2017-06-01 20:08 - 000462656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-06-16 09:35 - 2017-06-01 20:08 - 000322328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-06-16 09:35 - 2017-06-01 20:08 - 000003916 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-06-16 09:34 - 2018-10-22 14:59 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-06-16 09:34 - 2017-06-01 20:08 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-06-16 09:34 - 2017-06-01 20:08 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2020-06-16 09:33 - 2019-01-17 14:04 - 000235144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-06-16 09:33 - 2019-01-17 01:07 - 000178824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-06-16 09:33 - 2019-01-17 01:07 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-06-16 09:33 - 2019-01-17 01:07 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2020-06-16 09:33 - 2017-11-27 14:34 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-06-16 09:33 - 2017-06-01 20:08 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-06-16 09:29 - 2015-10-26 21:35 - 000000000 ____D C:\ProgramData\Avg
2020-06-16 09:22 - 2017-11-27 14:34 - 000001991 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-06-16 09:22 - 2017-11-27 14:34 - 000001991 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-06-16 09:22 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2020-06-16 09:20 - 2018-08-12 22:03 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2020-06-16 09:20 - 2014-04-07 18:01 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5F3C0AA3-2C2D-4A09-B42C-56EA43D744A8}
2020-06-16 09:16 - 2014-04-07 23:36 - 000000000 ____D C:\Users\Steve
2020-06-16 09:15 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-16 02:43 - 2019-10-21 17:38 - 000002139 _____ C:\Users\Steve\Documents\60s&70sClassicRock.txt
2020-06-16 02:37 - 2018-09-04 21:17 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-16 01:43 - 2020-02-19 00:57 - 000001270 _____ C:\Users\Steve\Documents\80sGlamRock.txt
2020-06-15 17:25 - 2014-04-07 23:36 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Synaptics
2020-06-15 15:55 - 2014-04-07 23:36 - 000000000 ___HD C:\Users\Steve\Documents\hp.system.package.metadata
2020-06-13 03:43 - 2019-10-18 00:54 - 000000465 _____ C:\Users\Steve\Documents\JazzFromWarecolors.txt
2020-06-13 02:45 - 2020-02-19 02:03 - 000000111 _____ C:\Users\Steve\Documents\NewIndieMusic.txt
2020-06-12 05:50 - 2018-09-27 09:56 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\Temp
2020-06-08 14:59 - 2017-11-23 00:47 - 000000352 _____ C:\Windows\Tasks\HPCeeScheduleForSteve.job
2020-06-08 04:44 - 2020-03-08 04:21 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-08 04:44 - 2020-03-08 04:21 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-08 04:44 - 2019-03-18 19:19 - 000003626 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2020-06-08 04:44 - 2018-05-26 02:20 - 000002888 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Steve)
2020-06-08 04:44 - 2017-11-23 00:47 - 000003166 _____ C:\Windows\system32\Tasks\HPCeeScheduleForSteve
2020-06-08 04:44 - 2017-09-07 10:07 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2020-06-08 04:44 - 2015-11-25 18:40 - 000003930 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{64199833-6EB1-444D-98FB-CC40285436D5}
2020-06-08 04:44 - 2015-11-25 18:17 - 000003098 _____ C:\Windows\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-752196998-378064213-1701927948-1002
2020-06-08 04:44 - 2014-12-23 20:37 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-08 04:44 - 2014-04-10 10:51 - 000003118 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-06-08 04:44 - 2014-04-10 10:51 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-06-08 04:44 - 2014-04-10 10:51 - 000003090 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-06-08 04:44 - 2014-04-10 10:51 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-06-08 04:44 - 2014-04-10 10:51 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-06-08 04:44 - 2013-11-27 14:26 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-08 02:04 - 2013-11-27 14:25 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-06-05 02:32 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-06-03 09:50 - 2017-01-12 04:53 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-31 05:04 - 2016-12-01 02:36 - 000007341 _____ C:\Users\Steve\Documents\SpywareInfo.txt
2020-05-30 12:15 - 2017-06-01 20:08 - 000319200 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw17bff3a35f1bec72.tmp
2020-05-24 02:38 - 2019-07-28 23:50 - 000000201 _____ C:\Users\Steve\Documents\R & B 2020.txt
2020-05-22 04:09 - 2020-02-14 00:00 - 000000509 _____ C:\Users\Steve\Documents\Throwback Hits Of The 1990s.txt
2020-05-22 03:08 - 2020-02-13 23:00 - 000000337 _____ C:\Users\Steve\Documents\TopHitsOf2000.txt
2020-05-22 02:05 - 2020-02-13 21:57 - 000001082 _____ C:\Users\Steve\Documents\Top100SongsOf2010.txt
2020-05-21 04:12 - 2018-10-22 14:59 - 000042856 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw6778cc4ab5a05ae9.tmp
2020-05-21 04:12 - 2017-06-01 20:08 - 000461064 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw13bcf286f738ceab.tmp
2020-05-21 04:12 - 2017-06-01 20:08 - 000109336 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswcdc7e456d024c6a1.tmp
2020-05-21 04:12 - 2017-06-01 20:08 - 000084928 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswd228fe3e5572ce21.tmp
2020-05-21 04:11 - 2019-01-17 14:04 - 000234632 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw70a7f7024053e0a3.tmp
2020-05-21 04:11 - 2019-01-17 01:07 - 000178832 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw2110a385df0cb379.tmp
2020-05-21 04:11 - 2019-01-17 01:07 - 000061072 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswa54e32295cb04765.tmp
2020-05-21 04:11 - 2019-01-17 01:07 - 000037208 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswd0fc53af1cdbd439.tmp
2020-05-21 04:11 - 2017-11-27 14:34 - 000205952 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw34c1cf2b9c9fe9db.tmp
2020-05-21 04:11 - 2017-06-01 20:08 - 000851664 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw194b34a704a20720.tmp
2020-05-18 00:25 - 2019-04-22 02:35 - 000006841 _____ C:\Users\Steve\Documents\4Concerts.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2020-06-13 11:48
==================== End of FRST.txt ========================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Steve (16-06-2020 09:58:12)
Running from C:\Users\Steve\Desktop
Windows 8.1 (Update) (X64) (2014-04-08 03:35:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-752196998-378064213-1701927948-500 - Administrator - Disabled)
Guest (S-1-5-21-752196998-378064213-1701927948-501 - Limited - Disabled)
Steve (S-1-5-21-752196998-378064213-1701927948-1002 - Administrator - Enabled) => C:\Users\Steve
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (HKLM-x32\...\WTA-a3fcf0b0-3d44-4d2b-aed3-ee1f587cdf19) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{80CA011C-2CED-4BF5-A02A-CA0DD09117EC}) (Version: 12.3.3.203 - Adobe Systems, Inc)
Airport Mania (HKLM-x32\...\WTA-9a76ab38-a5d8-43ab-a3af-5fefbeb4449e) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2583B4C-2FBE-E2CC-EDBA-BF10E61C6BAB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{EC76EA2C-ABFA-4DCA-9944-EE2CBD33FAEF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.4.3125 - AVG Technologies)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-393aa941-1358-4641-b8a2-f637da8d1fef) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-cd7cb784-7c07-4baa-acd3-ced4570fa9c0) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WTA-66a32e31-a102-4a5b-ba0d-a82481da578b) (Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-12994157-f75f-4bf3-95a6-9f80e5625e3e) (Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-8ab9fd4d-19d4-4c1b-a932-d212b740d9d6) (Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-76c1430a-b631-4ddc-a7c6-d880a7524bee) (Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (HKLM-x32\...\WTA-57bb1524-df97-4fb3-a58d-b6c5c1cd1267) (Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.12508 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.)
CyberLink Power2Go 12 (HKLM-x32\...\{A59F6DC9-8562-49d6-8C03-3F3AF0C5C0D3}) (Version: 12.0.1024b - CyberLink Corp.)
CyberLink Power2Go 12 Content Pack (HKLM-x32\...\{661FB630-A0FA-4c39-80B6-0BD2591CAFA2}) (Version: 12.0.0319.0 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 18 (HKLM-x32\...\{0F4F617F-E8D5-46A3-A0F9-43855182A3B1}) (Version: 18.0.2705.62 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.1.9529.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (HKLM-x32\...\WTA-4a00ccad-206d-4289-a832-4d76c74eea03) (Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes en-US (HKLM-x32\...\{C438C1D0-A46C-4BFA-AFCD-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Elevated Installer (HKLM-x32\...\{7C1FBBDC-44BC-4BAA-A29D-8BB620E23431}) (Version: 5.7.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WTA-a19ed313-c752-48d1-97ba-d9759df135c9) (Version: 2.2.0.98 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-dbb5e02a-d88a-412f-b7e7-41604a495a9b) (Version: 3.0.2.38 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-1b591a9c-031b-453a-b336-f8d04cfa5a2f) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (HKLM-x32\...\WTA-6fba1754-5c31-41d7-8357-3390b8c9ca4b) (Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.26.13 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.16.22.11 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Jewel Match 3 (HKLM-x32\...\WTA-92da0979-76da-4598-aa58-16e4d93e7a56) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-b0fe64d1-80e2-4928-8a86-914979a109c9) (Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-1687b6a3-2f77-4bbc-bae2-98c6973c2fe5) (Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-14380d67-6f50-4280-af08-a7d0dfd787a2) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (HKLM-x32\...\WTA-2f8b3fd3-454a-41b5-910f-065d632d411f) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4517.1509 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-752196998-378064213-1701927948-1002\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-99e7820b-1887-48d1-ac6a-4489d16e86a4) (Version: 2.2.0.98 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4517.1509 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-4b039ff6-b07a-406f-b2ef-42607c274be7) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-94747bd2-9db8-4783-bf53-7fc572f01c6c) (Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\{9B56B031-A6C0-4BB7-8F61-938548C1B759}) (Version: 1.4.0.1 - Pinger Inc.) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-44fc4272-dc82-4594-af0a-ecc03e31347f) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-d2fe7e80-f59c-46ce-bbad-855ae94e288e) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED

#22 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 17 June 2020 - 06:44 AM

Hi,
 
I see a small change in your FRST.TXT log.
 
This is new.
Failed to access process -> ig.exe
 
The file is usually located in the 'c:\Program Files\Malwarebytes\Anti-Malware\' folder.
 
Questions
 
You were able to restore you system dated 08 June 2020
 
Did you start having problems the day after as your first FRST.TXT log is dated June 9 or were these BSOD prior to that date..
 

Posted 09 June 2020 - 12:46 AM
 
I started getting the Blue Screen Of Death with a big
 
You have restore the system and still getting a BSOD.
What I suspect right now is that you have RAM or hardware problems.
 
Follow the directives on this page.
 
Let me know the outcome.
 
p.s.
 
The links to do some test on this 8.1 operating system may be dated.
I do not have that system to test of these Options..
 
You may have to get help from someone who has a Windows 8 and the expertise to help you.
 
The forum is this one:
 
You may even want to start a new topic now in that forum it may help to solve your problem earlier.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#23 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 17 June 2020 - 07:33 AM

When I went to Restore Point 6-8-20, I've had nothing but trouble.  Restore Point 5-30-20 is like a total fix.  I talked to Support yesterday at Malwarebytes because my Pro version was acting like it was corrupted.  Are you saying you are the only Tech working here at Spywareinfoforumn?  Geez, and here I thought my Monthly contributions here were helping?  If Restore Point 5-30-20 is still available, I'm going to go back to that one.  I'll try what you recommend up above.  I'll get back to you.



#24 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 17 June 2020 - 07:49 AM

There is No place at The Start Screen where you can type in Memory, but I'll try another way.  I only have 6 Gigs of RAM Memory.  Not sure if there are slots on the Motherboard to put in more Memory Cards, like in the old days. I'll get back to you.



#25 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 18 June 2020 - 03:42 AM

Your FixList must have fixed my System Restore as I 
 
can now Restore Restore Points.  Thanks for that.
 
Since Restore Point 5-30-20 was still available and I 
 
wasn't getting BSOD when I was there 2 days ago, I 
 
Restored back to that point.  I uninstalled programs 
 
from Programs And Features in Control Panel, that 
 
I've never used, like Wild Tangent (a Games Program), 
 
Nuance, ebay, Hijack This, Secunia PSI, and their 
 
remains, that I could get out of the Registry.
 
I deleted files from My Documents Folder and 
 
Downloads.  I Deleted History Files at Google, ran 
 
TFC.exe, Deleted Temporary Internet Files & Folders 
 
(IE), and ran CCleaner.  I disconnected from the 
 
Internet.
 
Then in the Run Box I typed mdsched.exe and then 
 
Clicked Ok.
 
Windows did not find anything wrong with the Memory.
 
Maybe I will turn off System Restore, Shutdown, Then 
 
after a count to 10, reboot and turn on System 
 
Restore, that would get rid of all the crap.
 
Is there anything else you'd like me to do?  


#26 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 18 June 2020 - 05:32 AM

Hi,
 

Are you saying you are the only Tech working here at Spywareinfoforumn?  Geez, and here I thought my Monthly contributions here were helping?
 
No I'm not. But who best to know what caused the access of  ig.exe  but Malwarebytes tech.
You call them that is fine.
 
If you system is stable now I cannot see what else we can do.
 
I will keep this topic open for 6 days. If you need to return please do.
 
Thanks for your support.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#27 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 18 June 2020 - 03:41 PM

This is a worthy cause.  I'll check with Malwarebytes Tech again.  It was that Restore Point 6-8-20 was so unstable, but 5-30-20 is like a "new" computer, so I'll stay here for a while.

 

If anything else props up, I'll be reposting in this thread.  I'll let you know what Malwarebytes Tech said.  Thanks.



#28 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 19 June 2020 - 05:09 AM

Good Call.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#29 Krishna

Krishna

    Member

  • Full Member
  • Pip
  • 77 posts

Posted 20 June 2020 - 03:12 AM

Nasdaq, keep this page open a bit longer.  Malwarebytes must not work on Fridays (6-19-20) as they haven't got back to me about your question.  Maybe I'll have better luck on Monday 6-22-20.  Thanks.



#30 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 20 June 2020 - 08:35 AM

No problems.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#31 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,380 posts

Posted 04 July 2020 - 04:30 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button