1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved easydocmerge

Discussion in 'Virus & Other Malware Removal' started by Ken_RM, Jan 12, 2018.

Advertisement
  1. Ken_RM

    Ken_RM Thread Starter

    Joined:
    Jul 6, 2005
    Messages:
    136
    Hi
    I am not sure how I got it, but somehow Easydocmerge has become my browser. How do I get rid of it and return to normal life with Firefox?
    Thanks,
    Ken
     
  2. Sponsor

  3. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,338
    First Name:
    Kevin
    Hello Ken_RM and welcome.

    Continue with the following:

    Download AdwCleaner by Malwarebytes onto your Desktop.

    Or from this Mirror

    • Right-click on AdwCleaner.exe and select [​IMG]Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Accept the EULA (I accept), then click on Scan
    • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
    • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
    • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

    Next,

    Download Farbar Recovery Scan Tool and save it to your desktop.

    Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

    Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

    Be aware FRST must be run from an account with Administrator status...

    • Double-click to run it. When the tool opens click Yes to disclaimer.
      (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
    • Make sure Addition.txt is checkmarked under "Optional scans"
    • Press Scan button to run the tool....
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

    Let me see those logs in your reply...

    Thank you,

    Kevin...
     
  4. Ken_RM

    Ken_RM Thread Starter

    Joined:
    Jul 6, 2005
    Messages:
    136
    Hi Kevin
    Followed your instructions, but I still have easydocmerge. Need more help.
    Thks
    Ken

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13.01.2018 01
    Ran by Ken (14-01-2018 11:43:49)
    Running from C:\Users\Ken\Desktop
    Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-03-24 16:59:57)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3869300609-3146229085-1361341603-500 - Administrator - Disabled)
    Guest (S-1-5-21-3869300609-3146229085-1361341603-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3869300609-3146229085-1361341603-1004 - Limited - Enabled)
    Ken (S-1-5-21-3869300609-3146229085-1361341603-1000 - Administrator - Enabled) => C:\Users\Ken

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    . . . (HKLM\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden
    AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.17 - STMicroelectronics)
    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    AVG (HKLM\...\{90345008-9879-4B2D-A648-C4E71F6F5878}) (Version: 1.231.2 - AVG Technologies) Hidden
    AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
    AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
    CintaNotes 3.8.1 (HKLM\...\CintaNotes_is1) (Version: - Cinta Software)
    CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
    D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
    Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
    Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
    Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
    Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
    Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
    DirectX 9 Runtime (HKLM\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
    Duplicate Filter (HKLM\...\Duplicate Filter_is1) (Version: - )
    DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.18.34 - Dell Inc.)
    ErrorFix Kit 2017 (HKLM\...\ErrorFix Kit 2017) (Version: - )
    FMW 1 (HKLM\...\{B9B474D5-8B52-4A05-8DA0-CFECB057E523}) (Version: 1.226.3 - AVG Technologies) Hidden
    Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version: - Eusing Software)
    Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
    Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
    Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    InfoSlips ForMe Viewer (HKLM\...\{F24E7D25-ADD9-46BB-977B-6F0743EEB327}) (Version: 5.2.15 - InfoSlips)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
    Intel® Driver & Support Assistant (HKLM\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel)
    Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Legacy 7.5 (HKLM\...\Legacy 7.5) (Version: 7.5 - Millennia Corporation)
    Legacy Charting 7.5 (HKLM\...\LegacyChart7_is1) (Version: - )
    LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
    Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Firefox 57.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
    Mozilla Firefox 8.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 8.0.1 (x86 en-US)) (Version: 8.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MTN Online (HKLM\...\MTN [email protected]) (Version: 23.015.02.02.697 - Huawei Technologies Co.,Ltd)
    MTN [email protected] (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation)
    Nero 7 Essentials (HKLM\...\{7FBD6DC1-919F-45EB-A4FD-C032DD121033}) (Version: 7.02.4750 - Nero AG)
    Nokia Connectivity Cable Driver (HKLM\...\{47A0A80F-8DC0-43EB-B9B4-36FD86979DF7}) (Version: 7.1.28.1 - Nokia)
    Nokia PC Internet Access (HKLM\...\{9652B1F8-F795-46D5-A23F-9C3C41647E51}) (Version: 2.0.1.5 - Nokia) Hidden
    Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.5 - Nokia)
    Norton Ghost (HKLM\...\{B0255743-165B-4BD5-8DA8-37DFB9930012}) (Version: 12.0.0.20352 - Symantec Corporation)
    PC Connectivity Solution Lite (HKLM\...\{2997ABF5-E5F6-4E9C-9717-26F208D9ED5E}) (Version: 5.8.33.6 - Nokia)
    PhotoShowExpress (HKLM\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
    Pipe Flow Advisor v1.11 (HKLM\...\Pipe Flow Advisor_is1) (Version: - PipeFlow.co.uk)
    Pipe Flow Wizard v1.12 (HKLM\...\Pipe Flow Wizard_is1) (Version: - PipeFlow.co.uk)
    PIXresizer 1.0.9 (HKLM\...\PIXresizer_is1) (Version: - Bluefive software)
    QuickSet32 (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 1.3.3 - Dell Inc.)
    Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Search App by Ask (HKLM\...\{5245414C-392D-5350-00A7-A758B70C2D01}) (Version: 12.45.1.48 - APN, LLC) <==== ATTENTION
    Sonic CinePlayer Decoder Pack (HKLM\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
    Sony PC Companion 2.10.275 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
    Striata Reader (32-bit) (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.19-3 - Striata Communication Solutions)
    Switch Sound File Converter (HKLM\...\Switch) (Version: 5.20 - NCH Software)
    TEC-IT QR-Code Studio 1.0 (HKLM\...\{1C58A486-2B59-448F-9D8A-97844535087B}) (Version: 1.0.2.20600 - TEC-IT Datenverarbeitung GmbH)
    TomTom HOME (HKLM\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - TomTom)
    TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
    TomTom MyDrive Connect 4.1.5.3181 (HKLM\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
    Ulead Photo Express 2.0 SE (HKLM\...\Ulead Photo Express 2.0 SE) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
    VLC media player 1.1.6 (HKLM\...\VLC media player) (Version: 1.1.6 - VideoLAN)
    Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.302.33178 - Vodafone)
    WavePad Sound Editor (HKLM\...\WavePad) (Version: 7.02 - NCH Software)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom Corporation)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WinX DVD Copy Pro 3.4.7 (HKLM\...\WinX DVD Copy Pro_is1) (Version: - Digiarty Software,Inc.)
    WonderFox DVD Ripper (HKLM\...\WonderFoxDVDRipper) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
    Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
    Xperia Companion (HKLM\...\{27b15812-304d-4fc2-80b7-55a920f30a28}) (Version: 1.6.5.0 - Sony)
    Xperia Companion (HKLM\...\{9D56F227-FC8D-419D-ADEB-41E5734025BD}) (Version: 1.6.5.0 - Sony) Hidden
    Xperia Companion Service (HKLM\...\{941E0B86-5EC0-43BC-9DA9-9BC596150B4B}) (Version: 1.6.5.0 - Sony) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3869300609-3146229085-1361341603-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1: [ISOWINDOWMENU] -> {3A05F453-60CA-4311-9DA3-FE348CB76056} => C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu.dll [2011-10-10] (TODO: <Company name>)
    ContextMenuHandlers1: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers2: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-26] (Intel Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers6: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0397CF5D-E488-45C2-A1B9-3CFC4ACB36A7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {172CFE59-048E-47E5-A569-D6D37CE9C680} - System32\Tasks\{D7F06575-6536-4601-A0DB-45022E3EABAA} => C:\Windows\system32\pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
    Task: {24DA4B56-1779-4B2A-8D1D-240A614ED4B6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
    Task: {3E044BAD-6708-4F65-833D-CFE3B62EC8F9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {434481E6-FA5E-4FF3-AFFE-0219739A3466} - System32\Tasks\{5F175BA3-B06D-4D7B-B079-A0AD59EDC0D9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\CD to MP3 Freeware\cdextract.exe" -d C:\Users\Ken\Desktop
    Task: {4B452B34-9450-42BF-AE5B-73E2BE7BA1CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {531967FD-AD7F-4EEC-A713-3F911C475DB0} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-06] ()
    Task: {58121F2B-A411-4CD1-AA77-F423CE08241F} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\Update\realsched.exe
    Task: {6007780A-ADE1-4F6C-B070-15BE69E6A4CC} - System32\Tasks\ErrorFixKIT => C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe [2017-11-25] ()
    Task: {67D89567-1909-4076-8115-4B8F80D19A72} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-12] (AVG Technologies CZ, s.r.o.)
    Task: {7C1BD2C7-BB53-4431-825F-CBEBD0363EC2} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
    Task: {81B697C2-5F4B-44A9-9FBF-8FAF557D826C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {8513A3BA-C077-4279-880F-900C067047D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-11] (Adobe Systems Incorporated)
    Task: {8EC1E674-680E-49A3-8E38-2C4A8625CF49} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {925248D6-C893-427E-9BBD-190F25533ED9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {AAFFFFD9-DA96-46CC-A0C2-DAD4FAC0B955} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-12-23] (AVG Technologies CZ, s.r.o.)
    Task: {AB093CC3-A46B-454E-822F-D255D6052F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {D3F71446-45E0-42E4-BFA6-3F0431BE3BF9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {F6D51390-E985-436C-B58F-79F635970C62} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Ken\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

    ShortcutWithArgument: C:\Users\Public\Desktop\MTN [email protected] -> C:\Program Files\MTN ShareLink\MTN ShareLink\LaunchWebUI.exe () -> hxxp://192.168.1.1

    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-23 08:39 - 2017-12-23 08:39 - 000059136 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000058624 _____ () C:\Program Files\AVG\Antivirus\dll_loader.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000207272 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000290392 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197368 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
    2018-01-14 10:49 - 2018-01-14 10:49 - 005764408 _____ () C:\Program Files\AVG\Antivirus\defs\18011306\algo.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000746528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000295064 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
    2013-10-28 04:02 - 2013-10-28 04:02 - 000276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
    2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-03-24 21:17 - 2010-03-24 21:17 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2017-11-25 15:17 - 2017-11-25 15:17 - 003555824 _____ () C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe
    2011-02-18 20:35 - 2010-10-01 17:48 - 000727664 _____ () C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
    2010-11-17 18:35 - 2010-11-17 18:35 - 000514544 _____ () C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    2010-11-25 06:44 - 2010-11-25 06:44 - 000375280 _____ () c:\program files\common files\roxio shared\dllshared\SQLite352.dll
    2011-04-04 17:58 - 2011-04-04 17:58 - 000034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
    2011-07-14 15:43 - 2011-07-14 15:43 - 000381952 _____ () C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
    2017-08-28 02:32 - 2017-07-21 16:26 - 000518144 _____ () C:\Windows\system32\msjetoledb40.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000476368 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CheckNDISPort_df.exe
    2016-12-04 16:40 - 2016-12-04 16:40 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000448208 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CancelAutoPlay_df.exe
    2017-05-06 06:28 - 2016-08-15 11:18 - 000525008 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\ShowTip.exe
    2017-09-18 10:39 - 2017-09-18 10:39 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197936 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files\MyDrive Connect\Plugins\platforms\qwindows.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qdds.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qgif.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qicns.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qico.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjp2.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjpeg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qmng.dll
    2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qsvg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtga.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtiff.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwbmp.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwebp.dll
    2008-11-12 10:18 - 2008-11-12 10:18 - 000011776 _____ () C:\Program Files\Nokia\PC Internet Access\TextResources_eng-us.nlr
    2009-04-16 16:31 - 2009-04-16 16:31 - 004210688 _____ () C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
    2009-10-20 17:12 - 2009-10-20 17:12 - 000132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
    2011-03-26 10:04 - 1998-06-17 23:01 - 000075264 ____N () C:\Ken\Programs\Ulead\U32MISC.dll
    2011-03-26 10:05 - 1998-07-22 17:33 - 000013824 ____N () C:\Ken\Programs\Ulead\u32Spy.dll
    2008-09-23 08:19 - 2008-09-23 08:19 - 000130560 _____ () C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:04 - 2016-01-11 00:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{4B60D8CF-E3B0-4AF5-8B8E-69E31F0F41A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{E052D846-EB8F-402C-8191-AA2C001F74A9}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{53E6A8A2-E343-4D5D-8D05-FF05A44A5AD6}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{7F5469AB-7EB2-4B66-9316-8C1F2C014DE0}] => (Allow) LPort=2869
    FirewallRules: [{76E729EA-EF29-4B32-BC6B-DEF516FCB57B}] => (Allow) LPort=1900
    FirewallRules: [{C601934D-54B8-4F0A-AB8A-E885D8899B82}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
    FirewallRules: [TCP Query User{8F0D3F26-D1FA-4454-8EEC-8A986C9A5492}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [UDP Query User{4D231F79-4D6E-4A4E-848F-DF72D419A2AC}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [{F7BCA0FE-BA91-4CE2-9472-B67BE3A43E49}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{EE574C99-87EE-4058-AA53-6DF63A34FD8B}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{E1A0ADF3-6DD8-4394-AC81-CBA8FF6BFD78}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{1354061F-BF25-4425-9746-3E26CF745B03}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{794AA246-AC98-4DEB-AF95-B32F1B206BD6}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{6FBBD5FF-6176-4C46-AE0A-56FF1EE014F9}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{695116B1-A44E-4963-B212-BF0FA5BCEB9E}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{37BF6424-6B74-49E3-A045-D28298840AC5}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{A8B92175-9C62-4DCB-ACBC-E2FDC00113FD}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{ADC8ACD7-AF58-43A7-9CE0-659917D4DC35}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{0B89CF4F-3D05-4A4E-9C12-C56A61854AAB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{ED3CDCF3-178F-4EBC-8AF8-8956487BC6DF}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{C08AA750-8368-42C1-874C-DFE69A04F491}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{9A2F9345-751B-4C1A-8875-F16E9E90D5A0}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{09B09E27-B748-4512-95F1-DF52170D67FF}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{E9B97CA9-3A99-4536-945A-4743743A3882}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{B38A7F40-BCDB-4EC7-AE68-EEB6A81B5EE1}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{255C1209-15F8-4692-BB74-FB868D1FEA97}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{6D67F644-1B91-4EC6-B4C4-63F4241452ED}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{62014BD5-2A98-4ED6-8598-60A75240538D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{2BAFFA8E-0ADB-45E1-B1E9-472C3F8B9B58}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7B0432A9-177F-4386-BC74-1191A47119A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7EF94BCB-D2B7-4483-B1BB-89A7A94BFE29}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{22AE8A5B-F70D-4228-8B16-9742715880FA}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{A27CC088-5F95-4153-A471-85881091066E}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{1D20B262-9919-4AD4-B070-2D3ECE3F7F91}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{0D0AA497-5B6C-4D8A-9EB4-409F9AEBCABE}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{68290001-A813-42E9-A898-A4B9725D7AAB}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{E2EE077F-B64A-48BD-B4BD-5CDDD6476E20}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{B128D313-79B4-427F-A233-369AC15A1871}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{681296E3-7F62-48F5-9D6A-482A514E3EBB}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{4DD2BA56-DD82-4491-A916-62EADF9A53DD}] => (Allow) C:\Program Files\Sony\Xperia Companion\XperiaCompanion.exe
    FirewallRules: [{9EEDAC47-94E3-40C4-BEA8-B5E35CDE9C50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    05-01-2018 17:58:04 Windows Backup
    08-01-2018 17:34:54 Installed InfoSlips ForMe Viewer

    ==================== Faulty Device Manager Devices =============

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13.01.2018 01
    Ran by Ken (14-01-2018 11:43:49)
    Running from C:\Users\Ken\Desktop
    Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-03-24 16:59:57)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3869300609-3146229085-1361341603-500 - Administrator - Disabled)
    Guest (S-1-5-21-3869300609-3146229085-1361341603-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3869300609-3146229085-1361341603-1004 - Limited - Enabled)
    Ken (S-1-5-21-3869300609-3146229085-1361341603-1000 - Administrator - Enabled) => C:\Users\Ken

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    . . . (HKLM\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden
    AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.17 - STMicroelectronics)
    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    AVG (HKLM\...\{90345008-9879-4B2D-A648-C4E71F6F5878}) (Version: 1.231.2 - AVG Technologies) Hidden
    AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
    AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
    CintaNotes 3.8.1 (HKLM\...\CintaNotes_is1) (Version: - Cinta Software)
    CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
    D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
    Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
    Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
    Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
    Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
    Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
    DirectX 9 Runtime (HKLM\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
    Duplicate Filter (HKLM\...\Duplicate Filter_is1) (Version: - )
    DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.18.34 - Dell Inc.)
    ErrorFix Kit 2017 (HKLM\...\ErrorFix Kit 2017) (Version: - )
    FMW 1 (HKLM\...\{B9B474D5-8B52-4A05-8DA0-CFECB057E523}) (Version: 1.226.3 - AVG Technologies) Hidden
    Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version: - Eusing Software)
    Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
    Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
    Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    InfoSlips ForMe Viewer (HKLM\...\{F24E7D25-ADD9-46BB-977B-6F0743EEB327}) (Version: 5.2.15 - InfoSlips)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
    Intel® Driver & Support Assistant (HKLM\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel)
    Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Legacy 7.5 (HKLM\...\Legacy 7.5) (Version: 7.5 - Millennia Corporation)
    Legacy Charting 7.5 (HKLM\...\LegacyChart7_is1) (Version: - )
    LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
    Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Firefox 57.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
    Mozilla Firefox 8.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 8.0.1 (x86 en-US)) (Version: 8.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MTN Online (HKLM\...\MTN [email protected]) (Version: 23.015.02.02.697 - Huawei Technologies Co.,Ltd)
    MTN [email protected] (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation)
    Nero 7 Essentials (HKLM\...\{7FBD6DC1-919F-45EB-A4FD-C032DD121033}) (Version: 7.02.4750 - Nero AG)
    Nokia Connectivity Cable Driver (HKLM\...\{47A0A80F-8DC0-43EB-B9B4-36FD86979DF7}) (Version: 7.1.28.1 - Nokia)
    Nokia PC Internet Access (HKLM\...\{9652B1F8-F795-46D5-A23F-9C3C41647E51}) (Version: 2.0.1.5 - Nokia) Hidden
    Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.5 - Nokia)
    Norton Ghost (HKLM\...\{B0255743-165B-4BD5-8DA8-37DFB9930012}) (Version: 12.0.0.20352 - Symantec Corporation)
    PC Connectivity Solution Lite (HKLM\...\{2997ABF5-E5F6-4E9C-9717-26F208D9ED5E}) (Version: 5.8.33.6 - Nokia)
    PhotoShowExpress (HKLM\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
    Pipe Flow Advisor v1.11 (HKLM\...\Pipe Flow Advisor_is1) (Version: - PipeFlow.co.uk)
    Pipe Flow Wizard v1.12 (HKLM\...\Pipe Flow Wizard_is1) (Version: - PipeFlow.co.uk)
    PIXresizer 1.0.9 (HKLM\...\PIXresizer_is1) (Version: - Bluefive software)
    QuickSet32 (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 1.3.3 - Dell Inc.)
    Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Search App by Ask (HKLM\...\{5245414C-392D-5350-00A7-A758B70C2D01}) (Version: 12.45.1.48 - APN, LLC) <==== ATTENTION
    Sonic CinePlayer Decoder Pack (HKLM\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
    Sony PC Companion 2.10.275 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
    Striata Reader (32-bit) (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.19-3 - Striata Communication Solutions)
    Switch Sound File Converter (HKLM\...\Switch) (Version: 5.20 - NCH Software)
    TEC-IT QR-Code Studio 1.0 (HKLM\...\{1C58A486-2B59-448F-9D8A-97844535087B}) (Version: 1.0.2.20600 - TEC-IT Datenverarbeitung GmbH)
    TomTom HOME (HKLM\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - TomTom)
    TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
    TomTom MyDrive Connect 4.1.5.3181 (HKLM\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
    Ulead Photo Express 2.0 SE (HKLM\...\Ulead Photo Express 2.0 SE) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
    VLC media player 1.1.6 (HKLM\...\VLC media player) (Version: 1.1.6 - VideoLAN)
    Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.302.33178 - Vodafone)
    WavePad Sound Editor (HKLM\...\WavePad) (Version: 7.02 - NCH Software)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom Corporation)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WinX DVD Copy Pro 3.4.7 (HKLM\...\WinX DVD Copy Pro_is1) (Version: - Digiarty Software,Inc.)
    WonderFox DVD Ripper (HKLM\...\WonderFoxDVDRipper) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
    Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
    Xperia Companion (HKLM\...\{27b15812-304d-4fc2-80b7-55a920f30a28}) (Version: 1.6.5.0 - Sony)
    Xperia Companion (HKLM\...\{9D56F227-FC8D-419D-ADEB-41E5734025BD}) (Version: 1.6.5.0 - Sony) Hidden
    Xperia Companion Service (HKLM\...\{941E0B86-5EC0-43BC-9DA9-9BC596150B4B}) (Version: 1.6.5.0 - Sony) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3869300609-3146229085-1361341603-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1: [ISOWINDOWMENU] -> {3A05F453-60CA-4311-9DA3-FE348CB76056} => C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu.dll [2011-10-10] (TODO: <Company name>)
    ContextMenuHandlers1: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers2: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-26] (Intel Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers6: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0397CF5D-E488-45C2-A1B9-3CFC4ACB36A7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {172CFE59-048E-47E5-A569-D6D37CE9C680} - System32\Tasks\{D7F06575-6536-4601-A0DB-45022E3EABAA} => C:\Windows\system32\pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
    Task: {24DA4B56-1779-4B2A-8D1D-240A614ED4B6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
    Task: {3E044BAD-6708-4F65-833D-CFE3B62EC8F9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {434481E6-FA5E-4FF3-AFFE-0219739A3466} - System32\Tasks\{5F175BA3-B06D-4D7B-B079-A0AD59EDC0D9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\CD to MP3 Freeware\cdextract.exe" -d C:\Users\Ken\Desktop
    Task: {4B452B34-9450-42BF-AE5B-73E2BE7BA1CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {531967FD-AD7F-4EEC-A713-3F911C475DB0} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-06] ()
    Task: {58121F2B-A411-4CD1-AA77-F423CE08241F} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\Update\realsched.exe
    Task: {6007780A-ADE1-4F6C-B070-15BE69E6A4CC} - System32\Tasks\ErrorFixKIT => C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe [2017-11-25] ()
    Task: {67D89567-1909-4076-8115-4B8F80D19A72} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-12] (AVG Technologies CZ, s.r.o.)
    Task: {7C1BD2C7-BB53-4431-825F-CBEBD0363EC2} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
    Task: {81B697C2-5F4B-44A9-9FBF-8FAF557D826C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {8513A3BA-C077-4279-880F-900C067047D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-11] (Adobe Systems Incorporated)
    Task: {8EC1E674-680E-49A3-8E38-2C4A8625CF49} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {925248D6-C893-427E-9BBD-190F25533ED9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {AAFFFFD9-DA96-46CC-A0C2-DAD4FAC0B955} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-12-23] (AVG Technologies CZ, s.r.o.)
    Task: {AB093CC3-A46B-454E-822F-D255D6052F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {D3F71446-45E0-42E4-BFA6-3F0431BE3BF9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {F6D51390-E985-436C-B58F-79F635970C62} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Ken\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

    ShortcutWithArgument: C:\Users\Public\Desktop\MTN [email protected] -> C:\Program Files\MTN ShareLink\MTN ShareLink\LaunchWebUI.exe () -> hxxp://192.168.1.1

    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-23 08:39 - 2017-12-23 08:39 - 000059136 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000058624 _____ () C:\Program Files\AVG\Antivirus\dll_loader.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000207272 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000290392 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197368 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
    2018-01-14 10:49 - 2018-01-14 10:49 - 005764408 _____ () C:\Program Files\AVG\Antivirus\defs\18011306\algo.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000746528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000295064 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
    2013-10-28 04:02 - 2013-10-28 04:02 - 000276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
    2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-03-24 21:17 - 2010-03-24 21:17 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2017-11-25 15:17 - 2017-11-25 15:17 - 003555824 _____ () C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe
    2011-02-18 20:35 - 2010-10-01 17:48 - 000727664 _____ () C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
    2010-11-17 18:35 - 2010-11-17 18:35 - 000514544 _____ () C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    2010-11-25 06:44 - 2010-11-25 06:44 - 000375280 _____ () c:\program files\common files\roxio shared\dllshared\SQLite352.dll
    2011-04-04 17:58 - 2011-04-04 17:58 - 000034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
    2011-07-14 15:43 - 2011-07-14 15:43 - 000381952 _____ () C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
    2017-08-28 02:32 - 2017-07-21 16:26 - 000518144 _____ () C:\Windows\system32\msjetoledb40.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000476368 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CheckNDISPort_df.exe
    2016-12-04 16:40 - 2016-12-04 16:40 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000448208 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CancelAutoPlay_df.exe
    2017-05-06 06:28 - 2016-08-15 11:18 - 000525008 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\ShowTip.exe
    2017-09-18 10:39 - 2017-09-18 10:39 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197936 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files\MyDrive Connect\Plugins\platforms\qwindows.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qdds.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qgif.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qicns.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qico.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjp2.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjpeg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qmng.dll
    2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qsvg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtga.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtiff.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwbmp.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwebp.dll
    2008-11-12 10:18 - 2008-11-12 10:18 - 000011776 _____ () C:\Program Files\Nokia\PC Internet Access\TextResources_eng-us.nlr
    2009-04-16 16:31 - 2009-04-16 16:31 - 004210688 _____ () C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
    2009-10-20 17:12 - 2009-10-20 17:12 - 000132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
    2011-03-26 10:04 - 1998-06-17 23:01 - 000075264 ____N () C:\Ken\Programs\Ulead\U32MISC.dll
    2011-03-26 10:05 - 1998-07-22 17:33 - 000013824 ____N () C:\Ken\Programs\Ulead\u32Spy.dll
    2008-09-23 08:19 - 2008-09-23 08:19 - 000130560 _____ () C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:04 - 2016-01-11 00:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{4B60D8CF-E3B0-4AF5-8B8E-69E31F0F41A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{E052D846-EB8F-402C-8191-AA2C001F74A9}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{53E6A8A2-E343-4D5D-8D05-FF05A44A5AD6}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{7F5469AB-7EB2-4B66-9316-8C1F2C014DE0}] => (Allow) LPort=2869
    FirewallRules: [{76E729EA-EF29-4B32-BC6B-DEF516FCB57B}] => (Allow) LPort=1900
    FirewallRules: [{C601934D-54B8-4F0A-AB8A-E885D8899B82}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
    FirewallRules: [TCP Query User{8F0D3F26-D1FA-4454-8EEC-8A986C9A5492}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [UDP Query User{4D231F79-4D6E-4A4E-848F-DF72D419A2AC}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [{F7BCA0FE-BA91-4CE2-9472-B67BE3A43E49}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{EE574C99-87EE-4058-AA53-6DF63A34FD8B}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{E1A0ADF3-6DD8-4394-AC81-CBA8FF6BFD78}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{1354061F-BF25-4425-9746-3E26CF745B03}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{794AA246-AC98-4DEB-AF95-B32F1B206BD6}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{6FBBD5FF-6176-4C46-AE0A-56FF1EE014F9}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{695116B1-A44E-4963-B212-BF0FA5BCEB9E}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{37BF6424-6B74-49E3-A045-D28298840AC5}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{A8B92175-9C62-4DCB-ACBC-E2FDC00113FD}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{ADC8ACD7-AF58-43A7-9CE0-659917D4DC35}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{0B89CF4F-3D05-4A4E-9C12-C56A61854AAB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{ED3CDCF3-178F-4EBC-8AF8-8956487BC6DF}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{C08AA750-8368-42C1-874C-DFE69A04F491}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{9A2F9345-751B-4C1A-8875-F16E9E90D5A0}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{09B09E27-B748-4512-95F1-DF52170D67FF}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{E9B97CA9-3A99-4536-945A-4743743A3882}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{B38A7F40-BCDB-4EC7-AE68-EEB6A81B5EE1}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{255C1209-15F8-4692-BB74-FB868D1FEA97}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{6D67F644-1B91-4EC6-B4C4-63F4241452ED}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{62014BD5-2A98-4ED6-8598-60A75240538D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{2BAFFA8E-0ADB-45E1-B1E9-472C3F8B9B58}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7B0432A9-177F-4386-BC74-1191A47119A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7EF94BCB-D2B7-4483-B1BB-89A7A94BFE29}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{22AE8A5B-F70D-4228-8B16-9742715880FA}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{A27CC088-5F95-4153-A471-85881091066E}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{1D20B262-9919-4AD4-B070-2D3ECE3F7F91}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{0D0AA497-5B6C-4D8A-9EB4-409F9AEBCABE}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{68290001-A813-42E9-A898-A4B9725D7AAB}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{E2EE077F-B64A-48BD-B4BD-5CDDD6476E20}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{B128D313-79B4-427F-A233-369AC15A1871}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{681296E3-7F62-48F5-9D6A-482A514E3EBB}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{4DD2BA56-DD82-4491-A916-62EADF9A53DD}] => (Allow) C:\Program Files\Sony\Xperia Companion\XperiaCompanion.exe
    FirewallRules: [{9EEDAC47-94E3-40C4-BEA8-B5E35CDE9C50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    05-01-2018 17:58:04 Windows Backup
    08-01-2018 17:34:54 Installed InfoSlips ForMe Viewer

    ==================== Faulty Device Manager Devices =============

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13.01.2018 01
    Ran by Ken (14-01-2018 11:43:49)
    Running from C:\Users\Ken\Desktop
    Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-03-24 16:59:57)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3869300609-3146229085-1361341603-500 - Administrator - Disabled)
    Guest (S-1-5-21-3869300609-3146229085-1361341603-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3869300609-3146229085-1361341603-1004 - Limited - Enabled)
    Ken (S-1-5-21-3869300609-3146229085-1361341603-1000 - Administrator - Enabled) => C:\Users\Ken

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    . . . (HKLM\...\{870E5275-5457-4BBC-98C9-BFF4B70AA5D3}) (Version: 3.1.0.12 - Intel) Hidden
    AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.17 - STMicroelectronics)
    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
    AVG (HKLM\...\{90345008-9879-4B2D-A648-C4E71F6F5878}) (Version: 1.231.2 - AVG Technologies) Hidden
    AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
    AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
    CintaNotes 3.8.1 (HKLM\...\CintaNotes_is1) (Version: - Cinta Software)
    CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
    D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
    Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
    Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
    Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
    Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
    Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
    DirectX 9 Runtime (HKLM\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
    Duplicate Filter (HKLM\...\Duplicate Filter_is1) (Version: - )
    DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.18.34 - Dell Inc.)
    ErrorFix Kit 2017 (HKLM\...\ErrorFix Kit 2017) (Version: - )
    FMW 1 (HKLM\...\{B9B474D5-8B52-4A05-8DA0-CFECB057E523}) (Version: 1.226.3 - AVG Technologies) Hidden
    Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version: - Eusing Software)
    Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
    Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
    Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    InfoSlips ForMe Viewer (HKLM\...\{F24E7D25-ADD9-46BB-977B-6F0743EEB327}) (Version: 5.2.15 - InfoSlips)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
    Intel® Driver & Support Assistant (HKLM\...\{2550a40e-aac6-4d21-9361-744d33bec573}) (Version: 3.1.0.12 - Intel)
    Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Legacy 7.5 (HKLM\...\Legacy 7.5) (Version: 7.5 - Millennia Corporation)
    Legacy Charting 7.5 (HKLM\...\LegacyChart7_is1) (Version: - )
    LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
    Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Firefox 57.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
    Mozilla Firefox 8.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 8.0.1 (x86 en-US)) (Version: 8.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MTN Online (HKLM\...\MTN [email protected]) (Version: 23.015.02.02.697 - Huawei Technologies Co.,Ltd)
    MTN [email protected] (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation)
    Nero 7 Essentials (HKLM\...\{7FBD6DC1-919F-45EB-A4FD-C032DD121033}) (Version: 7.02.4750 - Nero AG)
    Nokia Connectivity Cable Driver (HKLM\...\{47A0A80F-8DC0-43EB-B9B4-36FD86979DF7}) (Version: 7.1.28.1 - Nokia)
    Nokia PC Internet Access (HKLM\...\{9652B1F8-F795-46D5-A23F-9C3C41647E51}) (Version: 2.0.1.5 - Nokia) Hidden
    Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.5 - Nokia)
    Norton Ghost (HKLM\...\{B0255743-165B-4BD5-8DA8-37DFB9930012}) (Version: 12.0.0.20352 - Symantec Corporation)
    PC Connectivity Solution Lite (HKLM\...\{2997ABF5-E5F6-4E9C-9717-26F208D9ED5E}) (Version: 5.8.33.6 - Nokia)
    PhotoShowExpress (HKLM\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
    Pipe Flow Advisor v1.11 (HKLM\...\Pipe Flow Advisor_is1) (Version: - PipeFlow.co.uk)
    Pipe Flow Wizard v1.12 (HKLM\...\Pipe Flow Wizard_is1) (Version: - PipeFlow.co.uk)
    PIXresizer 1.0.9 (HKLM\...\PIXresizer_is1) (Version: - Bluefive software)
    QuickSet32 (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 1.3.3 - Dell Inc.)
    Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Search App by Ask (HKLM\...\{5245414C-392D-5350-00A7-A758B70C2D01}) (Version: 12.45.1.48 - APN, LLC) <==== ATTENTION
    Sonic CinePlayer Decoder Pack (HKLM\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
    Sony PC Companion 2.10.275 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
    Striata Reader (32-bit) (HKLM\...\{13d868cf-47e9-4b3d-9366-a0c60f82e5aa}) (Version: 2.19-3 - Striata Communication Solutions)
    Switch Sound File Converter (HKLM\...\Switch) (Version: 5.20 - NCH Software)
    TEC-IT QR-Code Studio 1.0 (HKLM\...\{1C58A486-2B59-448F-9D8A-97844535087B}) (Version: 1.0.2.20600 - TEC-IT Datenverarbeitung GmbH)
    TomTom HOME (HKLM\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - TomTom)
    TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
    TomTom MyDrive Connect 4.1.5.3181 (HKLM\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
    Ulead Photo Express 2.0 SE (HKLM\...\Ulead Photo Express 2.0 SE) (Version: - )
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
    VLC media player 1.1.6 (HKLM\...\VLC media player) (Version: 1.1.6 - VideoLAN)
    Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.302.33178 - Vodafone)
    WavePad Sound Editor (HKLM\...\WavePad) (Version: 7.02 - NCH Software)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom Corporation)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WinX DVD Copy Pro 3.4.7 (HKLM\...\WinX DVD Copy Pro_is1) (Version: - Digiarty Software,Inc.)
    WonderFox DVD Ripper (HKLM\...\WonderFoxDVDRipper) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
    Xirrus Wi-Fi Inspector (HKLM\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
    Xperia Companion (HKLM\...\{27b15812-304d-4fc2-80b7-55a920f30a28}) (Version: 1.6.5.0 - Sony)
    Xperia Companion (HKLM\...\{9D56F227-FC8D-419D-ADEB-41E5734025BD}) (Version: 1.6.5.0 - Sony) Hidden
    Xperia Companion Service (HKLM\...\{941E0B86-5EC0-43BC-9DA9-9BC596150B4B}) (Version: 1.6.5.0 - Sony) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3869300609-3146229085-1361341603-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1: [ISOWINDOWMENU] -> {3A05F453-60CA-4311-9DA3-FE348CB76056} => C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu.dll [2011-10-10] (TODO: <Company name>)
    ContextMenuHandlers1: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers2: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-26] (Intel Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-12-23] (AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [2011-07-08] (Malwarebytes Corporation)
    ContextMenuHandlers6: [RXDCExtSvr12] -> {FC485060-84D6-4098-AA14-9C67783B4852} => C:\Program Files\Roxio\OEM\Virtual Drive 12\DC_ShellExt.dll [2010-11-22] (Sonic Solutions)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0397CF5D-E488-45C2-A1B9-3CFC4ACB36A7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {172CFE59-048E-47E5-A569-D6D37CE9C680} - System32\Tasks\{D7F06575-6536-4601-A0DB-45022E3EABAA} => C:\Windows\system32\pcalua.exe -a F:\setup_vmc_lite.exe -d F:\ -c /checkApplicationPresence
    Task: {24DA4B56-1779-4B2A-8D1D-240A614ED4B6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
    Task: {3E044BAD-6708-4F65-833D-CFE3B62EC8F9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {434481E6-FA5E-4FF3-AFFE-0219739A3466} - System32\Tasks\{5F175BA3-B06D-4D7B-B079-A0AD59EDC0D9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\CD to MP3 Freeware\cdextract.exe" -d C:\Users\Ken\Desktop
    Task: {4B452B34-9450-42BF-AE5B-73E2BE7BA1CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {531967FD-AD7F-4EEC-A713-3F911C475DB0} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-06] ()
    Task: {58121F2B-A411-4CD1-AA77-F423CE08241F} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\Update\realsched.exe
    Task: {6007780A-ADE1-4F6C-B070-15BE69E6A4CC} - System32\Tasks\ErrorFixKIT => C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe [2017-11-25] ()
    Task: {67D89567-1909-4076-8115-4B8F80D19A72} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-12] (AVG Technologies CZ, s.r.o.)
    Task: {7C1BD2C7-BB53-4431-825F-CBEBD0363EC2} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
    Task: {81B697C2-5F4B-44A9-9FBF-8FAF557D826C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {8513A3BA-C077-4279-880F-900C067047D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-11] (Adobe Systems Incorporated)
    Task: {8EC1E674-680E-49A3-8E38-2C4A8625CF49} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)
    Task: {925248D6-C893-427E-9BBD-190F25533ED9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {AAFFFFD9-DA96-46CC-A0C2-DAD4FAC0B955} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-12-23] (AVG Technologies CZ, s.r.o.)
    Task: {AB093CC3-A46B-454E-822F-D255D6052F10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {D3F71446-45E0-42E4-BFA6-3F0431BE3BF9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3869300609-3146229085-1361341603-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {F6D51390-E985-436C-B58F-79F635970C62} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-06] (PC-Doctor, Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
    Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Ken\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

    ShortcutWithArgument: C:\Users\Public\Desktop\MTN [email protected] -> C:\Program Files\MTN ShareLink\MTN ShareLink\LaunchWebUI.exe () -> hxxp://192.168.1.1

    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-23 08:39 - 2017-12-23 08:39 - 000059136 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000058624 _____ () C:\Program Files\AVG\Antivirus\dll_loader.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000207272 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000290392 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197368 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
    2018-01-14 10:49 - 2018-01-14 10:49 - 005764408 _____ () C:\Program Files\AVG\Antivirus\defs\18011306\algo.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000746528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000295064 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
    2013-10-28 04:02 - 2013-10-28 04:02 - 000276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
    2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-03-24 21:17 - 2010-03-24 21:17 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2017-11-25 15:17 - 2017-11-25 15:17 - 003555824 _____ () C:\Program Files\ErrorFixKIT\ErrorFixKIT.exe
    2011-02-18 20:35 - 2010-10-01 17:48 - 000727664 _____ () C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
    2010-11-17 18:35 - 2010-11-17 18:35 - 000514544 _____ () C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
    2010-11-25 06:44 - 2010-11-25 06:44 - 000375280 _____ () c:\program files\common files\roxio shared\dllshared\SQLite352.dll
    2011-04-04 17:58 - 2011-04-04 17:58 - 000034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
    2011-07-14 15:43 - 2011-07-14 15:43 - 000381952 _____ () C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll
    2017-08-28 02:32 - 2017-07-21 16:26 - 000518144 _____ () C:\Windows\system32\msjetoledb40.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000476368 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CheckNDISPort_df.exe
    2016-12-04 16:40 - 2016-12-04 16:40 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
    2017-05-06 06:28 - 2016-08-15 11:18 - 000448208 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\CancelAutoPlay_df.exe
    2017-05-06 06:28 - 2016-08-15 11:18 - 000525008 _____ () C:\Program Files\MTN ShareLink\MTN ShareLink\ShowTip.exe
    2017-09-18 10:39 - 2017-09-18 10:39 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
    2017-12-23 08:39 - 2017-12-23 08:39 - 000197936 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files\MyDrive Connect\Plugins\platforms\qwindows.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
    2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qdds.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qgif.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qicns.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qico.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjp2.dll
    2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qjpeg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qmng.dll
    2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qsvg.dll
    2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtga.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qtiff.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwbmp.dll
    2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files\MyDrive Connect\Plugins\imageformats\qwebp.dll
    2008-11-12 10:18 - 2008-11-12 10:18 - 000011776 _____ () C:\Program Files\Nokia\PC Internet Access\TextResources_eng-us.nlr
    2009-04-16 16:31 - 2009-04-16 16:31 - 004210688 _____ () C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
    2009-10-20 17:12 - 2009-10-20 17:12 - 000132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
    2011-03-26 10:04 - 1998-06-17 23:01 - 000075264 ____N () C:\Ken\Programs\Ulead\U32MISC.dll
    2011-03-26 10:05 - 1998-07-22 17:33 - 000013824 ____N () C:\Ken\Programs\Ulead\u32Spy.dll
    2008-09-23 08:19 - 2008-09-23 08:19 - 000130560 _____ () C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 04:04 - 2016-01-11 00:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3869300609-3146229085-1361341603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{4B60D8CF-E3B0-4AF5-8B8E-69E31F0F41A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{E052D846-EB8F-402C-8191-AA2C001F74A9}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{53E6A8A2-E343-4D5D-8D05-FF05A44A5AD6}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{7F5469AB-7EB2-4B66-9316-8C1F2C014DE0}] => (Allow) LPort=2869
    FirewallRules: [{76E729EA-EF29-4B32-BC6B-DEF516FCB57B}] => (Allow) LPort=1900
    FirewallRules: [{C601934D-54B8-4F0A-AB8A-E885D8899B82}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
    FirewallRules: [TCP Query User{8F0D3F26-D1FA-4454-8EEC-8A986C9A5492}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [UDP Query User{4D231F79-4D6E-4A4E-848F-DF72D419A2AC}C:\ken\programs\nero\nero 7\nero home\nerohome.exe] => (Allow) C:\ken\programs\nero\nero 7\nero home\nerohome.exe
    FirewallRules: [{F7BCA0FE-BA91-4CE2-9472-B67BE3A43E49}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{EE574C99-87EE-4058-AA53-6DF63A34FD8B}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{E1A0ADF3-6DD8-4394-AC81-CBA8FF6BFD78}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{1354061F-BF25-4425-9746-3E26CF745B03}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
    FirewallRules: [{794AA246-AC98-4DEB-AF95-B32F1B206BD6}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{6FBBD5FF-6176-4C46-AE0A-56FF1EE014F9}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{695116B1-A44E-4963-B212-BF0FA5BCEB9E}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{37BF6424-6B74-49E3-A045-D28298840AC5}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
    FirewallRules: [{A8B92175-9C62-4DCB-ACBC-E2FDC00113FD}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{ADC8ACD7-AF58-43A7-9CE0-659917D4DC35}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{0B89CF4F-3D05-4A4E-9C12-C56A61854AAB}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{ED3CDCF3-178F-4EBC-8AF8-8956487BC6DF}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{C08AA750-8368-42C1-874C-DFE69A04F491}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
    FirewallRules: [{9A2F9345-751B-4C1A-8875-F16E9E90D5A0}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{09B09E27-B748-4512-95F1-DF52170D67FF}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
    FirewallRules: [{E9B97CA9-3A99-4536-945A-4743743A3882}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{B38A7F40-BCDB-4EC7-AE68-EEB6A81B5EE1}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
    FirewallRules: [{255C1209-15F8-4692-BB74-FB868D1FEA97}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{6D67F644-1B91-4EC6-B4C4-63F4241452ED}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{62014BD5-2A98-4ED6-8598-60A75240538D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{2BAFFA8E-0ADB-45E1-B1E9-472C3F8B9B58}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7B0432A9-177F-4386-BC74-1191A47119A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{7EF94BCB-D2B7-4483-B1BB-89A7A94BFE29}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{22AE8A5B-F70D-4228-8B16-9742715880FA}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{A27CC088-5F95-4153-A471-85881091066E}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
    FirewallRules: [{1D20B262-9919-4AD4-B070-2D3ECE3F7F91}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{0D0AA497-5B6C-4D8A-9EB4-409F9AEBCABE}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
    FirewallRules: [{68290001-A813-42E9-A898-A4B9725D7AAB}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{E2EE077F-B64A-48BD-B4BD-5CDDD6476E20}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
    FirewallRules: [{B128D313-79B4-427F-A233-369AC15A1871}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{681296E3-7F62-48F5-9D6A-482A514E3EBB}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
    FirewallRules: [{4DD2BA56-DD82-4491-A916-62EADF9A53DD}] => (Allow) C:\Program Files\Sony\Xperia Companion\XperiaCompanion.exe
    FirewallRules: [{9EEDAC47-94E3-40C4-BEA8-B5E35CDE9C50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    05-01-2018 17:58:04 Windows Backup
    08-01-2018 17:34:54 Installed InfoSlips ForMe Viewer

    ==================== Faulty Device Manager Devices =============

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Bluetooth Peripheral Device
    Description: Bluetooth Peripheral Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/14/2018 11:21:05 AM) (Source: VmbService) (EventID: 0) (User: )
    Description: conflictManagerTypeValue

    Error: (01/14/2018 11:17:01 AM) (Source: VmbService) (EventID: 0) (User: )
    Description: conflictManagerTypeValue

    Error: (01/14/2018 10:48:38 AM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (11104) Asapi: (10:48:38:4160)(11104) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

    Error: (01/14/2018 10:48:37 AM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (11104) Asapi: (10:48:37:4800)(11104) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

    Error: (01/13/2018 09:00:14 AM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (10168) Asapi: (09:00:14:9040)(10168) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

    Error: (01/13/2018 09:00:14 AM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (10168) Asapi: (09:00:14:7170)(10168) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

    Error: (01/12/2018 02:18:40 PM) (Source: RasClient) (EventID: 20227) (User: )
    Description: CoId={E3C8608A-F877-473C-97CA-791DE5DA8D49}: The user Ken-PC\Ken dialed a connection named Virgin Mobile which has failed. The error code returned on failure is 0.

    Error: (01/12/2018 01:30:36 PM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (7296) Asapi: (13:30:36:4150)(7296) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

    Error: (01/12/2018 01:30:36 PM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (7296) Asapi: (13:30:36:1660)(7296) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

    Error: (01/11/2018 09:39:07 AM) (Source: PC-Doctor) (EventID: 1) (User: )
    Description: (3880) Asapi: (09:39:07:4410)(3880) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.


    System errors:
    =============
    Error: (01/14/2018 11:18:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv.dll

    Error: (01/14/2018 11:18:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv.dll

    Error: (01/14/2018 11:17:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
    Description: WLAN Extensibility Module has stopped unexpectedly.

    Module Path: C:\Windows\System32\bcmihvsrv.dll

    Error: (01/14/2018 11:17:08 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (01/14/2018 11:17:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (01/14/2018 11:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/14/2018 11:15:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/14/2018 11:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Norton Ghost service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/14/2018 11:15:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Vodafone Mobile Broadband Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (01/14/2018 11:15:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).


    CodeIntegrity:
    ===================================
    Date: 2016-06-15 11:46:10.824
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
    Percentage of memory in use: 91%
    Total physical RAM: 1910.68 MB
    Available physical RAM: 171.02 MB
    Total Virtual: 3821.37 MB
    Available Virtual: 1198.69 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:195.31 GB) (Free:59.13 GB) NTFS
    Drive e: (Images) (Fixed) (Total:90.49 GB) (Free:27.79 GB) NTFS
    Drive f: (MTN) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 77E3ED41)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=12.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=90.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

    ollid
     
  5. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,338
    First Name:
    Kevin
    I need to see the Primary logs from FRST "FRST.txt" and the log from AdwCleaner. "AdwCleaner[C?].txt" which is the result of the clean option being used....

    You have posted the secondary log from FRST "Addition.txt" three (3) times.

    Logs from FRST are saved in this folder: C:\FRST\Logs

    Logs from AdwCleaner are saved in this folder: C:\AdwCleaner

    Thank you,

    Kevin...
     
  6. Ken_RM

    Ken_RM Thread Starter

    Joined:
    Jul 6, 2005
    Messages:
    136
    Hi Kevin
    I believe you are giving me good help, but I am doing it wrong. That is what senior folk do !!
    I run your programs and then posted the wrong logs.:( After that I deleted all logs from my desktop, so what do I do now. EasyDocMerge is still ever present and I would really like to give it the boot.
    Looking forward to your reply.
    Cheers,
    Ken
     
  7. Ken_RM

    Ken_RM Thread Starter

    Joined:
    Jul 6, 2005
    Messages:
    136
    Hi again Kevin
    Now you are sure that I do not know what I am doing. After I read your post again, I had a brain moment and looked where you suggested. Sure enough there are more logs, so here they are. FRST_16 will not attach as one is only able to upload 10 files. Not sure what that means since I have only attached 5 files at present.....maybe my counting skills are gone :D
    Ken
     

    Attached Files:

  8. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,338
    First Name:
    Kevin
    Thanks for those logs Ken, I believe we have what we need... FireFox is your default browser, from the logs I can see that it is exploited. I want you to run a fix with FRST..

    Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
    NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

    Open FRST and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

    Next,

    Uninstall the following Program:

    Search App by Ask

    Let me see the log from FRST fix, also let me know if the issue with Easydocmerge is cleared...

    Thank you,

    Kevin...
     

    Attached Files:

  9. Ken_RM

    Ken_RM Thread Starter

    Joined:
    Jul 6, 2005
    Messages:
    136

    Hi Kevin
    Anyone ever tell you that you are beautiful ? Well, sorry I can't tell you that either, but I can tell you that you are SMART !
    The little bugger is a gone:D
    I did get a "Autoit error" on line 14242, but it does not seem to matter. The log is attached.
    Thanks again for your help.
     

    Attached Files:

  10. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,338
    First Name:
    Kevin
    Thanks for the update Ken_RM, good to hear your nuisance is gone.... Run the following to clean up:

    Download "Delfix by Xplode" and save it to your desktop.

    Or use the following if first link is down:

    "Delfix link mirror"

    If your security program alerts to Delfix either, accept the alert or turn your security off.

    Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

    Make Sure the following items are checked:


    • Remove disinfection tools <----- this will remove tools we may have used.
    • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
    • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection

    Now click on "Run" and wait patiently until the tool has completed.

    The tool will create a log when it has completed. We don't need you to post this.

    Any remnant files/logs from tools we have used can be deleted…

    Next,

    Read the following links to fully understand PC Security and Best Practices, you may find them useful....

    Answers to Common Security Questions and best Practices

    Do I need a Registry Cleaner?

    Take care and surf safe

    Kevin... [​IMG]
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Short URL to this thread: https://techguy.org/1202787