1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Possible Virus or Malware problem

Discussion in 'Virus & Other Malware Removal' started by mkdsk, Apr 4, 2019.

Advertisement
  1. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    When I start up my computer it hesitates, the green activity light stays solid for a long time before it goes off. Not sure what is happening. I know I have been here before for help and no one has to help me again if they rather not but I am asking. I have windows 7.
     
  2. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Welcome to the Tech Support Guy malware removal forum.
    I'm iMacg3 and will be helping you.

    Please keep the following information in mind before we begin:
    • Do not run any fixes or tools on your system unless I request that you do so.
    • Please read all instructions carefully, and complete them in the order listed.
    • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
    • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • If you have questions about anything during the cleanup, please ask.

    --------------------

    Download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right-click FRST/FRST64 and select Run as administrator. (Windows XP users double-click on the file).
    • If you receive a SmartScreen alert, click More Info, then Run Anyway.
    • When the tool opens, click Yes to the disclaimer.
    • Press the Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Attach it to your reply.
    • The tool will also produce another log (Addition.txt ). Please attach this, along with FRST.txt, to your reply.

    Note - FRST.txt and Addition.txt are saved to the same location as FRST/FRST64.
     
  3. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
    Ran by MARK (administrator) on MARK-PC (07-04-2019 15:29:47)
    Running from C:\Users\MARK\Desktop\APPLE
    Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Dell Inc. -> ) C:\Windows\System32\dlbacoms.exe
    (Lexmark International, Inc. -> ) C:\Windows\System32\dleacoms.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
    (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe
    (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (MiTAC International Corporation -> MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
    (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
    (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
    (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
    (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
    HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] (Microsoft Windows Hardware Compatibility Publisher -> )
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [353056 2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
    HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC International Corporation -> MiTAC)
    HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
    HKLM\...\Drivers32: [VIDC.I420] => MSh263.drv
    HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
    HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
    HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Microsoft Windows -> Intel Corporation)
    HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-22] (Google LLC -> Google Inc.)
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
    HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
    Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
    Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealNetworks, Inc. -> RealDownloader)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
    BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealNetworks, Inc. -> RealDownloader)
    BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
    BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
    Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-11-04]
    FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
    FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-20]
    FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
    FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-03-11] [Legacy] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-01-07] (McAfee, Inc. -> )
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
    FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-01-07] (McAfee, Inc. -> )
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.) [File not signed]
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.) [File not signed]
    FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealNetworks, Inc. -> RealPlayer)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
    FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC International Corporation -> MiTAC Digital Corp.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.facebook.com/
    CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
    CHR DefaultSearchURL: Default -> hxxps://www.youtube.com/watch?v=UAZauyaaVvs
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2019-04-07]
    CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-27]
    CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
    CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
    CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
    CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-04]
    CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-04]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
    S2 0056921554655346mcinstcleanup; C:\ProgramData\McInstTemp0056921554655346\McInst.exe [939432 2018-12-16] (McAfee, Inc. -> McAfee, Inc.)
    S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] (Corel Corporation -> )
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc. -> Apple Inc.)
    S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] (Corel Corporation -> )
    R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
    S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
    S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
    R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] (Dell Inc. -> )
    R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] (Dell Inc. -> )
    R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] (Lexmark International, Inc. -> )
    S3 IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (Corel Corporation -> InterVideo)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
    R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-08] (McAfee, Inc. -> McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
    S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
    R3 mfevtp; C:\Windows\system32\mfevtps.exe [509728 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)
    S3 NOBU; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2823000 2010-08-25] (Symantec Corporation -> Dell, Inc.)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc. -> McAfee, Inc.)
    R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation -> Sony Corporation)
    R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
    S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc. -> RealNetworks, Inc.)
    S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
    S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation -> Corel Corporation)
    S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation -> Corel Corporation)
    S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer Networking Ltd. -> Safer-Networking Ltd.)
    S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer Networking Ltd. -> Safer-Networking Ltd.)
    S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer Networking Ltd. -> Safer-Networking Ltd.)
    S3 SftService; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [1692480 2011-09-22] (Dell Inc -> SoftThinks SAS)
    R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
    R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
    S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
    S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
    S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [3058168 2010-05-20] (Broadcom Corporation -> Broadcom Corporation)
    S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77144 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
    S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (Microsoft Windows Hardware Compatibility Publisher -> LeapFrog)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)
    R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
    R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [406056 2010-06-08] (Broadcom Corporation -> Broadcom Corporation)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-07] (Malwarebytes Corporation -> Malwarebytes)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [510808 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [373592 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516952 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [980824 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
    R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [117592 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [253784 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
    R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
    R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (iolo technologies, LLC -> EldoS Corporation)
    R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation -> Corel Corporation)
    R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation -> Corel Corporation)
    R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation -> Corel Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno -> Atola) [File not signed]
    S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
    S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31232 2015-03-18] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (AnchorFree Inc -> Anchorfree Inc.)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
    S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
    R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare Software Co., Ltd. -> Wondershare)
    U1 aswbdisk; no ImagePath
    U3 mfeaack01; \Device\mfeaack01.sys [X]
    S3 mfeavfk02; \Device\mfeavfk02.sys [X]
    S3 mfeavfk03; \Device\mfeavfk03.sys [X]
    S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
    S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-04-07 12:42 - 2019-04-07 12:42 - 000000000 ___DC C:\ProgramData\McInstTemp0056921554655346
    2019-04-07 10:55 - 2019-04-07 10:55 - 000274416 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2019-04-02 20:14 - 2019-04-02 20:14 - 000000773 ____C C:\Users\MARK\Desktop\Stephanie - Shortcut.lnk
    2019-03-26 20:19 - 2019-03-26 20:20 - 000004913 ____C C:\Users\MARK\Downloads\Verizion BBB.pdf

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-04-07 15:39 - 2018-10-15 21:28 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
    2019-04-07 15:29 - 2018-10-19 12:22 - 000000000 ___DC C:\FRST
    2019-04-07 15:27 - 2018-03-25 10:43 - 000000000 ___DC C:\Users\MARK\Desktop\APPLE
    2019-04-07 11:20 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2019-04-07 11:20 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2019-04-07 10:55 - 2018-04-18 21:36 - 000000000 ___DC C:\Windows\System32\Tasks\McAfee
    2019-04-07 10:55 - 2009-07-14 01:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
    2019-04-06 21:46 - 2012-01-23 20:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Audacity
    2019-04-05 23:09 - 2014-06-29 11:25 - 000000000 ___DC C:\Users\MARK\Desktop\GF
    2019-04-01 17:33 - 2009-07-14 01:08 - 000032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2019-03-29 18:02 - 2019-02-24 16:45 - 000153328 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2019-03-28 18:36 - 2009-07-14 01:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
    2019-03-28 18:36 - 2009-07-13 23:20 - 000000000 ___DC C:\Windows\inf
    2019-03-28 17:39 - 2015-06-22 20:15 - 000003330 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-03-28 17:39 - 2015-06-22 20:15 - 000003202 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-03-26 18:23 - 2014-07-25 15:36 - 000000000 ___DC C:\Program Files (x86)\Garmin
    2019-03-26 18:23 - 2012-11-21 13:09 - 000000000 ___DC C:\ProgramData\Package Cache
    2019-03-26 18:22 - 2018-10-26 11:43 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2019-03-26 18:22 - 2014-08-14 14:45 - 000003552 ____C C:\Windows\System32\Tasks\GarminUpdaterTask
    2019-03-26 18:22 - 2013-05-10 20:31 - 000000000 ___DC C:\ProgramData\Garmin
    2019-03-25 20:22 - 2018-09-09 12:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
    2019-03-22 18:51 - 2018-04-18 21:35 - 000000000 ___DC C:\Program Files (x86)\McAfee
    2019-03-22 17:57 - 2015-06-22 20:15 - 000002226 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-03-22 17:57 - 2015-06-22 20:15 - 000002185 ____C C:\Users\Public\Desktop\Google Chrome.lnk
    2019-03-16 20:26 - 2018-04-18 21:26 - 000000000 ___DC C:\Program Files\Common Files\McAfee
    2019-03-13 11:21 - 2016-10-20 12:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2019-03-13 11:21 - 2016-10-20 12:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2019-03-13 11:21 - 2016-10-20 12:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2019-03-13 11:21 - 2016-10-20 12:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2019-03-13 11:21 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
    2019-03-13 11:21 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\system32\Macromed
    2019-03-12 23:43 - 2018-03-13 11:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-03-11 14:08 - 2018-04-18 21:35 - 000003618 ____C C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
    2019-03-11 13:16 - 2018-04-18 21:37 - 000003258 ____C C:\Windows\System32\Tasks\McAfeeLogon
    2019-03-11 13:14 - 2018-04-18 21:25 - 000000000 ___DC C:\ProgramData\McAfee
    2019-03-11 13:07 - 2013-05-11 14:35 - 000000900 __SHC C:\ProgramData\KGyGaAvL.sys
    2019-03-10 20:09 - 2016-01-08 22:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps

    ==================== Files in the root of some directories =======

    2013-04-29 18:57 - 2013-04-29 18:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
    2017-08-04 20:04 - 2017-08-04 20:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
    2016-03-13 00:48 - 2016-03-13 00:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
    2013-11-21 13:22 - 2016-03-13 00:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
    2013-11-21 13:22 - 2016-03-13 00:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
    2013-11-21 13:22 - 2016-03-13 00:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
    2013-11-21 13:22 - 2016-03-13 00:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
    2015-03-21 20:25 - 2015-03-22 13:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
    2015-03-21 20:25 - 2015-03-21 20:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
    2015-03-21 20:25 - 2015-03-22 13:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
    2015-03-21 20:25 - 2015-03-22 13:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
    2015-07-16 23:21 - 2017-05-08 11:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-02-25 16:24 - 2016-08-03 02:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
    2013-05-16 15:25 - 2017-08-03 23:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
    2013-02-22 20:31 - 2017-08-03 23:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
    2015-03-15 11:04 - 2015-03-15 11:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

    Some files in TEMP:
    ====================
    2019-01-16 19:47 - 2019-01-16 19:47 - 040477384 ____C () C:\Users\MARK\AppData\Local\Temp\vlc-3.0.6-win32.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\dllhost.exe => File is digitally signed
    C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2019-04-04 18:59

    ==================== End of FRST.txt ============================
     
  4. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
    Ran by MARK (07-04-2019 15:40:34)
    Running from C:\Users\MARK\Desktop\APPLE
    Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
    Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
    MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
    FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
    Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
    ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
    BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
    BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
    Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
    Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
    Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
    Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
    Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
    Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
    Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
    BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
    Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
    ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
    ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
    Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
    Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
    Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
    Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
    Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
    DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
    DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
    Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
    Garmin Express (HKLM-x32\...\{A05A8CFE-F458-4731-BD47-01C675E8944C}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express (HKLM-x32\...\{b347cf7c-d07d-417b-b26a-8d6a851f696d}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries)
    Garmin MapInstall (HKLM-x32\...\{31C7D42D-A0ED-4D2A-A8E8-69E97058DBB9}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin MapInstall (HKLM-x32\...\{5229915a-6947-4503-9027-48a306d56a04}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
    Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
    HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
    HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
    iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
    Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Kodi (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Kodi) (Version: - XBMC Foundation)
    LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
    Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
    McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
    McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.29 - McAfee, Inc.)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
    Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
    Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
    NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
    Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
    Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
    PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
    PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
    PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
    RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
    RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
    Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
    Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
    Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
    ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
    Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
    SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
    SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
    SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
    Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
    SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
    StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
    Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
    UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
    USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
    USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
    UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
    vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
    Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
    VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
    VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
    vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
    Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
    WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
    WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
    Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
    Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation -> Corel Corporation)
    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC International Corporation -> MiTAC Digital Corp.)
    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
    ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
    ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)
    ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)
    ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe (RealNetworks, Inc. -> )
    Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
    Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
    Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
    Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
    Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {2E3336D9-3D8F-43A0-9EA1-5177B465CD91} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe (McAfee, Inc. -> McAfee, Inc.)
    Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
    Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
    Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
    Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
    Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
    Task: {50BF9D53-83BC-4D7E-BCB7-F008C9946199} - System32\Tasks\{479B464A-5FCF-410E-AFE0-ED5300A0DDD0} => C:\Program Files (x86)\Roxio Creator NXT\Roxio Central\RoxioCentralFx.exe (Corel Corporation -> )
    Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
    Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
    Task: {57E2CE92-4517-4777-BD34-47208D0716FA} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
    Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
    Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
    Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
    Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
    Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
    Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
    Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
    Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    Task: {A84DD5FE-E359-4A54-BC95-9EB95EF9F6DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
    Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
    Task: {B7BA3B97-3BEE-4160-AB67-7B3CE597B5E7} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.)
    Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
    Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
    Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
    Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Microsoft Corporation -> Microsoft)
    Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
    Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
    Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
    Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
    Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
    Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
    Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
    Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
    Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {F17576A4-12A6-4EA5-9184-E67519F1BF0A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> )
    Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
    WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
    WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

    ==================== Loaded Modules (Whitelisted) ==============

    2016-09-29 19:59 - 2014-03-04 15:06 - 000180224 ____C (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBM1E.DLL
    2009-12-09 11:24 - 2009-12-09 16:24 - 000892416 _____ ( ) [File not signed] C:\Windows\System32\dlealmpm.DLL
    2009-12-09 11:24 - 2009-12-09 16:24 - 001371648 _____ ( ) [File not signed] C:\Windows\System32\dleacomc.dll
    2011-12-31 15:54 - 2009-11-04 09:18 - 000189440 _____ () [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
    2018-10-04 18:01 - 2018-10-04 18:01 - 000012288 ____C (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
    2018-10-04 18:01 - 2018-10-04 18:01 - 000020480 ____C (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
    2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
    2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    2016-11-25 10:18 - 2016-11-25 10:18 - 000225280 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
    2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 ____C (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 003084800 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 005139968 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 005010944 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 002950144 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 002234880 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 004571648 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 000438272 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
    2019-02-24 16:45 - 2019-03-29 18:02 - 001181184 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
    2019-02-24 16:45 - 2019-03-29 18:02 - 000124928 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000026112 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000020992 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
    2018-11-18 19:36 - 2019-03-29 18:02 - 000259584 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000729088 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000073216 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000179712 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
    2019-03-29 18:02 - 2019-03-29 18:02 - 000101888 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
    2019-02-24 16:45 - 2019-03-29 18:02 - 000035328 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
    2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 ____C () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
    2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 ____C () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
    2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 ____C (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
    2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 ____C () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
    2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
    2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
    2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
    2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
    2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
    2017-03-13 15:53 - 2017-03-13 15:53 - 063977984 ____C (Aviata Inc.) [File not signed] C:\Program Files (x86)\PowerENGAGE\PowerENGAGE.exe
    2017-03-13 15:53 - 2017-03-13 15:53 - 013151744 ____C (Node.js) [File not signed] C:\Program Files (x86)\PowerENGAGE\node.dll
    2017-03-13 15:53 - 2017-03-13 15:53 - 001943040 ____C () [File not signed] C:\Program Files (x86)\PowerENGAGE\ffmpeg.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

    There are 7716 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2016-04-23 20:26 - 000000093 ____C C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost
    127.0.0.1 65.52.240.48
    127.0.0.1 activation.cloud.techsmith.eom

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 209.18.47.61 - 209.18.47.62
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
    MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
    MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
    MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
    MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
    MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
    MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
    MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
    MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
    MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
    MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
    MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
    MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
    MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
    MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
    MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
    MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
    FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
    FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe No File
    FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe No File
    FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe No File
    FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe No File
    FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe No File
    FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe No File
    FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe No File
    FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe No File
    FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
    FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
    FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
    FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
    FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
    FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
    FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
    FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
    FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe () [File not signed]
    FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
    FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe No File
    FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe No File
    FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe (Brother Industries, Ltd.) [File not signed]
    FirewallRules: [{39045324-700B-46DC-93D7-080FEC37AABD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

    ==================== Restore Points =========================

    03-01-2019 14:13:11 Scheduled Checkpoint
    10-01-2019 18:09:16 Scheduled Checkpoint
    11-01-2019 16:35:57 Installed 4K Video Downloader 4.4
    19-01-2019 14:34:37 Scheduled Checkpoint
    26-01-2019 22:10:38 Restore Operation
    03-02-2019 15:34:07 Scheduled Checkpoint
    15-02-2019 20:39:41 Scheduled Checkpoint
    17-02-2019 12:04:13 Restore Operation
    23-02-2019 12:44:21 Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012
    03-03-2019 13:20:35 Scheduled Checkpoint
    11-03-2019 14:19:21 Scheduled Checkpoint
    19-03-2019 13:41:43 Scheduled Checkpoint
    26-03-2019 18:20:45 Garmin Express
    02-04-2019 18:29:34 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============

    Name: DW1501 Wireless-N WLAN Half-Mini Card
    Description: DW1501 Wireless-N WLAN Half-Mini Card
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Broadcom
    Service: BCM43XX
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: zeonetfilter
    Description: zeonetfilter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: zeonetfilter
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/07/2019 03:43:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:43:20.578]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:43:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:43:13.528]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:42:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:42:31.224]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:42:24 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:42:24.174]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:42:17 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:42:17.123]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:41:34 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:41:34.821]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:41:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:41:27.771]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

    Error: (04/07/2019 03:41:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: MTDLL BrtMTDLL: [2019/04/07 15:41:20.720]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )


    System errors:
    =============
    Error: (04/07/2019 03:01:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (04/07/2019 03:01:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (04/07/2019 03:01:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

    Error: (04/07/2019 03:00:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (04/07/2019 03:00:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (04/07/2019 03:00:54 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

    Error: (04/07/2019 01:00:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (04/07/2019 01:00:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535


    Windows Defender:
    ===================================
    Date: 2012-12-06 12:38:35.266
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
    Scan Type:AntiSpyware
    Scan Parameters:Quick Scan

    Date: 2017-07-10 23:19:38.373
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    Date: 2016-09-29 11:39:42.279
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    Date: 2013-04-10 17:02:44.289
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    Date: 2013-04-07 15:20:31.801
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    Date: 2013-04-03 21:06:50.287
    Description:
    Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
    Signatures Attempted:Current
    Error Code:0x80070002
    Error description:The system cannot find the file specified.
    Signature version:0.0.0.0
    Engine version:0.0.0.0

    CodeIntegrity:
    ===================================

    Date: 2018-01-26 13:24:20.802
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-01-26 13:24:20.751
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-01-26 13:24:20.695
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-01-26 13:24:20.648
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-10-28 20:02:57.105
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-10-28 20:02:57.044
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-10-28 20:02:56.973
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-10-28 20:02:56.851
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
    Percentage of memory in use: 85%
    Total physical RAM: 8174.45 MB
    Available physical RAM: 1184.44 MB
    Total Virtual: 16347.07 MB
    Available Virtual: 6138.91 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:17.9 GB) NTFS

    \\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:2.57 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  5. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Hi,

    Thank you for the FRST.txt and Addition.txt logs.

    -------------------------------

    Can you describe the issue in more detail?

    Additionally, it seems there may be a potentially unwanted modification to your Chrome Startup URLs to open an adware-related website. Did you set this intentionally?

    -------------------------------

    Is this program on your computer properly activated?

    Camtasia Studio 8
     
  6. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    When I turn on my computer it boots up then through out the day it progressively gets very slow and the activity light just stays on which seems like forever when ever I do anything. I didn't intentionally set up Chrome to open up any adware-related websites. Camtasia is okay, why do you ask?
     
  7. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    Also, what adware-related website is it that you are mentioning?
     
  8. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Hi,

    Open Google Chrome. Click the Menu icon (three vertical dots, upper right corner of the Chrome window) and click Settings. Scroll down until you reach the "On Startup" category. If the URL "websearch.thesearchpage.info" is listed, please remove it from the "On Startup" section.

    -----------------------

    There is evidence that the program Camtasia Studio 8 may be activated illegitimately. If it is, please uninstall it before we continue. If it is activated properly, let me know.
     
  9. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    The only thing in On startup is 3 options that say:



    Open the New Tab page


    Continue where you left off


    Open a specific page or set of pages
    ----------------------------------------------------------------------------------------------------------------



    Also, as far as I know my Camtasia is activated and installed properly.
     
  10. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Hi,

    We'll reset the Chrome Startup URLs, clean up some empty registy entries, and scan some files at VirusTotal using a FRST "fixlist" script.

    ----------------

    We need to run a fix with FRST:

    • Please download the attached fixlist.txt file and save it to the same location as FRST
      Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
    • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
    • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
     

    Attached Files:

  11. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    I have my chrome set up to start where I left off. Will doing this reset that?
     
  12. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Hi,

    It shouldn't reset that. The fix will reset the Chrome Startup URLs.
     
  13. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    Aren't the Chrome Startup URLs where I left off??
     
  14. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    318
    Hi,

    If it does reset that, then you can change the setting to restore where you left off.
    Currently it is set to open an adware-related website.
     
  15. mkdsk

    mkdsk Thread Starter

    Joined:
    Dec 29, 2009
    Messages:
    320
    First Name:
    Mark
    But I don't want to lost all of the tabs that open when I sign on to Chrome. Any way to avoid that?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1225410

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice