Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Possible Virus or Malware problem

In Progress 
9K views 43 replies 3 participants last post by  Cookiegal 
#1 ·
When I start up my computer it hesitates, the green activity light stays solid for a long time before it goes off. Not sure what is happening. I know I have been here before for help and no one has to help me again if they rather not but I am asking. I have windows 7.
 
#2 ·
Welcome to the Tech Support Guy malware removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
  • Please read all instructions carefully, and complete them in the order listed.
  • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
  • If you have questions about anything during the cleanup, please ask.

--------------------

Download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST/FRST64 and select Run as administrator. (Windows XP users double-click on the file).
  • If you receive a SmartScreen alert, click More Info, then Run Anyway.
  • When the tool opens, click Yes to the disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Attach it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this, along with FRST.txt, to your reply.

Note - FRST.txt and Addition.txt are saved to the same location as FRST/FRST64.
 
#3 ·
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by MARK (administrator) on MARK-PC (07-04-2019 15:29:47)
Running from C:\Users\MARK\Desktop\APPLE
Loaded Profiles: MARK (Available Profiles: MARK & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dell Inc. -> ) C:\Windows\System32\dlbacoms.exe
(Lexmark International, Inc. -> ) C:\Windows\System32\dleacoms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MiTAC International Corporation -> MiTAC) C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [353056 2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Run: [Magellan Update Manager] => C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentManager.exe [2705672 2016-01-20] (MiTAC International Corporation -> MiTAC)
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [VIDC.I420] => MSh263.drv
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-13] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsu****a Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{3631C8E6-D178-4917-9B0D-BFB51262D9F1}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BFB6B096-4145-4ED2-A8E0-19EDCA9E0ED4}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {7708B639-F242-494D-BCA2-EED7DC46E157} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D20151019&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2130412082-872510349-2259372935-1000 -> {C56AFD0B-5A78-4E7F-9993-19B1BC996C4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-02-28] (RealNetworks, Inc. -> RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-02-28] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL => No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll => No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 [2018-11-04]
FF Session Restore: Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495 -> is enabled.
FF Extension: (All Aboard) - C:\Users\MARK\AppData\Roaming\Mozilla\Firefox\Profiles\d9fysvrv.default-1496939632495\Extensions\@all-aboard-v1-5.xpi [2017-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-20]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-03-11] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-01-07] (McAfee, Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-01-07] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-05] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-05] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpplugin;version=18.1.11.204 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-05-06] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-2130412082-872510349-2259372935-1000: magellangps.com/mgnContentManager -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager.dll [2016-01-20] (MiTAC International Corporation -> MiTAC Digital Corp.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/16&hid=16875487775573251436&lg=EN&cc=US&unqvl=74"
CHR DefaultSearchURL: Default -> hxxps://www.youtube.com/watch?v=UAZauyaaVvs
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default [2019-04-07]
CHR Extension: (Google Drive) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-27]
CHR Extension: (YouTube) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Who Dumped Me?) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgeaeoklapomofpcppeiahpnjadbkim [2015-09-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-04]
CHR Profile: C:\Users\MARK\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 0056921554655346mcinstcleanup; C:\ProgramData\McInstTemp0056921554655346\McInst.exe [939432 2018-12-16] (McAfee, Inc. -> McAfee, Inc.)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] (Corel Corporation -> )
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc. -> Apple Inc.)
S3 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] (Corel Corporation -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-09-25] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [567280 2007-03-05] (Dell Inc. -> )
R2 dlba_device; C:\Windows\SysWOW64\dlbacoms.exe [538096 2007-03-05] (Dell Inc. -> )
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-01-07] (Lexmark International, Inc. -> )
S3 IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [110736 2010-05-20] (Corel Corporation -> InterVideo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-07] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-08] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [509728 2018-12-05] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2823000 2010-08-25] (Symantec Corporation -> Dell, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc. -> McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation -> Sony Corporation)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [37104 2018-02-28] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [989912 2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation -> Corel Corporation)
S3 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation -> Corel Corporation)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1074720 2012-08-30] (Safer Networking Ltd. -> Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1358360 2012-08-30] (Safer Networking Ltd. -> Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [166528 2012-03-22] (Safer Networking Ltd. -> Safer-Networking Ltd.)
S3 SftService; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [1692480 2011-09-22] (Dell Inc -> SoftThinks SAS)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-10-04] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-10-04] (Microsoft) [File not signed]
S3 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S3 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [3058168 2010-05-20] (Broadcom Corporation -> Broadcom Corporation)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77144 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (Microsoft Windows Hardware Compatibility Publisher -> LeapFrog)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [406056 2010-06-08] (Broadcom Corporation -> Broadcom Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-07] (Malwarebytes Corporation -> Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [510808 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [373592 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516952 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [980824 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [117592 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [253784 2018-12-10] (McAfee, Inc. -> McAfee, LLC)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2015-03-25] (iolo technologies, LLC -> EldoS Corporation)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation -> Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation -> Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation -> Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (OOO Sfera-Tehno -> Atola) [File not signed]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31232 2015-03-18] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-10-12] (AnchorFree Inc -> Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2011-11-17] (Wondershare Software Co., Ltd. -> Wondershare)
U1 aswbdisk; no ImagePath
U3 mfeaack01; \Device\mfeaack01.sys [X]
S3 mfeavfk02; \Device\mfeavfk02.sys [X]
S3 mfeavfk03; \Device\mfeavfk03.sys [X]
S1 upzocdbr; \??\C:\Windows\system32\drivers\upzocdbr.sys [X]
S1 zeonetfilter; system32\drivers\zeonetfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-07 12:42 - 2019-04-07 12:42 - 000000000 ___DC C:\ProgramData\McInstTemp0056921554655346
2019-04-07 10:55 - 2019-04-07 10:55 - 000274416 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-02 20:14 - 2019-04-02 20:14 - 000000773 ____C C:\Users\MARK\Desktop\Stephanie - Shortcut.lnk
2019-03-26 20:19 - 2019-03-26 20:20 - 000004913 ____C C:\Users\MARK\Downloads\Verizion BBB.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-07 15:39 - 2018-10-15 21:28 - 000000000 ___DC C:\Program Files (x86)\PowerENGAGE
2019-04-07 15:29 - 2018-10-19 12:22 - 000000000 ___DC C:\FRST
2019-04-07 15:27 - 2018-03-25 10:43 - 000000000 ___DC C:\Users\MARK\Desktop\APPLE
2019-04-07 11:20 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-07 11:20 - 2009-07-14 00:45 - 000028352 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-07 10:55 - 2018-04-18 21:36 - 000000000 ___DC C:\Windows\System32\Tasks\McAfee
2019-04-07 10:55 - 2009-07-14 01:08 - 000000006 ___HC C:\Windows\Tasks\SA.DAT
2019-04-06 21:46 - 2012-01-23 20:34 - 000000000 ___DC C:\Users\MARK\AppData\Roaming\Audacity
2019-04-05 23:09 - 2014-06-29 11:25 - 000000000 ___DC C:\Users\MARK\Desktop\GF
2019-04-01 17:33 - 2009-07-14 01:08 - 000032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-03-29 18:02 - 2019-02-24 16:45 - 000153328 ____C (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-28 18:36 - 2009-07-14 01:13 - 000782470 ____C C:\Windows\system32\PerfStringBackup.INI
2019-03-28 18:36 - 2009-07-13 23:20 - 000000000 ___DC C:\Windows\inf
2019-03-28 17:39 - 2015-06-22 20:15 - 000003330 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 17:39 - 2015-06-22 20:15 - 000003202 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 18:23 - 2014-07-25 15:36 - 000000000 ___DC C:\Program Files (x86)\Garmin
2019-03-26 18:23 - 2012-11-21 13:09 - 000000000 ___DC C:\ProgramData\Package Cache
2019-03-26 18:22 - 2018-10-26 11:43 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-03-26 18:22 - 2014-08-14 14:45 - 000003552 ____C C:\Windows\System32\Tasks\GarminUpdaterTask
2019-03-26 18:22 - 2013-05-10 20:31 - 000000000 ___DC C:\ProgramData\Garmin
2019-03-25 20:22 - 2018-09-09 12:30 - 000000000 ___DC C:\Users\MARK\Desktop\LANDSCAPE DAMAGE
2019-03-22 18:51 - 2018-04-18 21:35 - 000000000 ___DC C:\Program Files (x86)\McAfee
2019-03-22 17:57 - 2015-06-22 20:15 - 000002226 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-22 17:57 - 2015-06-22 20:15 - 000002185 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-16 20:26 - 2018-04-18 21:26 - 000000000 ___DC C:\Program Files\Common Files\McAfee
2019-03-13 11:21 - 2016-10-20 12:11 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 11:21 - 2016-10-20 12:11 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 11:21 - 2016-10-20 12:11 - 000004446 ____C C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 11:21 - 2016-10-20 12:11 - 000004312 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 11:21 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\SysWOW64\Macromed
2019-03-13 11:21 - 2011-12-23 02:24 - 000000000 ___DC C:\Windows\system32\Macromed
2019-03-12 23:43 - 2018-03-13 11:43 - 000004458 ____C C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-11 14:08 - 2018-04-18 21:35 - 000003618 ____C C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2019-03-11 13:16 - 2018-04-18 21:37 - 000003258 ____C C:\Windows\System32\Tasks\McAfeeLogon
2019-03-11 13:14 - 2018-04-18 21:25 - 000000000 ___DC C:\ProgramData\McAfee
2019-03-11 13:07 - 2013-05-11 14:35 - 000000900 __SHC C:\ProgramData\KGyGaAvL.sys
2019-03-10 20:09 - 2016-01-08 22:46 - 000000000 ___DC C:\Users\MARK\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2013-04-29 18:57 - 2013-04-29 18:59 - 000308064 ____C () C:\Users\MARK\AppData\Roaming\CodecsLE_Install.log
2017-08-04 20:04 - 2017-08-04 20:04 - 000000445 ____C () C:\Users\MARK\AppData\Roaming\com.cloudapp.windows.plist
2016-03-13 00:48 - 2016-03-13 00:48 - 000099384 ____C () C:\Users\MARK\AppData\Roaming\inst.exe
2013-11-21 13:22 - 2016-03-13 00:48 - 000007859 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.cat
2013-11-21 13:22 - 2016-03-13 00:48 - 000001167 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.inf
2013-11-21 13:22 - 2016-03-13 00:48 - 000000055 ____C () C:\Users\MARK\AppData\Roaming\pcouffin.log
2013-11-21 13:22 - 2016-03-13 00:48 - 000082816 ____C (VSO Software) C:\Users\MARK\AppData\Roaming\pcouffin.sys
2015-03-21 20:25 - 2015-03-22 13:03 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.1.txt
2015-03-21 20:25 - 2015-03-21 20:25 - 000001181 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.2.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000919 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt
2015-03-21 20:25 - 2015-03-22 13:09 - 000000000 ____C () C:\Users\MARK\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2015-07-16 23:21 - 2017-05-08 11:56 - 000006656 ____C () C:\Users\MARK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 16:24 - 2016-08-03 02:41 - 000007601 ____C () C:\Users\MARK\AppData\Local\resmon.resmoncfg
2013-05-16 15:25 - 2017-08-03 23:39 - 000331584 ____C () C:\Users\MARK\AppData\Local\rx_audio.Cache
2013-02-22 20:31 - 2017-08-03 23:39 - 001282348 ____C () C:\Users\MARK\AppData\Local\rx_image32.Cache
2015-03-15 11:04 - 2015-03-15 11:04 - 000000402 ____C () C:\Users\MARK\AppData\Local\Temp-log.txt

Some files in TEMP:
====================
2019-01-16 19:47 - 2019-01-16 19:47 - 040477384 ____C () C:\Users\MARK\AppData\Local\Temp\vlc-3.0.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-04-04 18:59

==================== End of FRST.txt ============================
 
#4 ·
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by MARK (07-04-2019 15:40:34)
Running from C:\Users\MARK\Desktop\APPLE
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-31 19:44:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2130412082-872510349-2259372935-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2130412082-872510349-2259372935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2130412082-872510349-2259372935-1002 - Limited - Enabled)
MARK (S-1-5-21-2130412082-872510349-2259372935-1000 - Administrator - Enabled) => C:\Users\MARK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Spybot - Search and Destroy (Disabled - Out of date) {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother BRAdmin Light 1.33.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.33.0000 - Brother)
Brother iPrint&Scan (HKLM-x32\...\{122F41FC-AE6B-40BB-9CBD-A7B59C8FD2F6}) (Version: 4.1.1.1 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{25b63596-6d2a-44d4-8068-23a5f89888ec}) (Version: 4.1.1.1 - Brother Industries, Ltd.)
Brother Port Driver (HKLM-x32\...\{EEA8DF77-9D7E-421A-A9A8-A6E9894A18A3}) (Version: 1.0.3.3 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.201 - Corel Inc.) Hidden
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.61 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell System Detect (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
Garmin Express (HKLM-x32\...\{A05A8CFE-F458-4731-BD47-01C675E8944C}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{b347cf7c-d07d-417b-b26a-8d6a851f696d}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin MapInstall (HKLM-x32\...\{31C7D42D-A0ED-4D2A-A8E8-69E97058DBB9}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM-x32\...\{5229915a-6947-4503-9027-48a306d56a04}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Graboid Video 3.89 (HKLM-x32\...\Graboid Video) (Version: 3.89 - Graboid Inc.)
Graboid Video 3.89 Setup (HKLM-x32\...\{6b5f9db0-02dc-4c5b-b16b-6a7f1f81557e}) (Version: 3.8.9 - FUSENET)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\Kodi) (Version: - XBMC Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee Multi Access (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.29 - McAfee, Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Excel 97 (HKLM-x32\...\Excel) (Version: - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook 97 (HKLM-x32\...\Outlook) (Version: - )
Microsoft SkyDrive (HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PhotoShowExpress (HKLM-x32\...\{3250260C-7A95-4632-893B-89657EB5545B}) (Version: 2.0.063 - Sonic Solutions) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
RealDownloader (HKLM-x32\...\{F735970C-1049-440A-8BC1-00BFBC196F22}) (Version: 18.1.11.204 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.11 - RealNetworks)
RealProducer Plus 8.5 (HKLM-x32\...\RealProducer 8.5) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator NXT Pro (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.2 - Roxio) Hidden
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartGPS Eco (HKLM-x32\...\{F0DF2A34-80D0-477C-8718-7E665341FA55}) (Version: 3.0.0.00 - MiTAC Digital Corp.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{9A00EC4E-27E1-42C4-98DD-662F32AC8870}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.10 - Safer-Networking Ltd.)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Triple Scoop Music (HKLM-x32\...\{4CD51492-D68C-49AC-9692-29FCC19FBC26}) (Version: 1.0.019 - Roxio) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 ATV (HKLM-x32\...\USB2.0 ATV) (Version: - )
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wondershare Streaming Audio Recorder(Build 2.0.2.3) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.0.2.3 - Wondershare Software Co.,Ltd.)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF}\InprocServer32 -> C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation -> Corel Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{ea49acd6-0f0e-5ff1-89c4-30eda3d53b62}\InprocServer32 -> C:\Users\MARK\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnContentManager64.dll (MiTAC International Corporation -> MiTAC Digital Corp.)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2130412082-872510349-2259372935-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MARK\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-05-06] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-01-07] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers2_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers6_S-1-5-21-2130412082-872510349-2259372935-1000: [RXDCExtSvr] -> {A66FC8BB-7AFD-4FCF-BBA1-341AE079C7DF} => C:\Program Files\Roxio Creator NXT\Virtual Drive 10\DC_ShellExt64.dll [2012-07-18] (Corel Corporation -> Corel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C9EAD9F-AE32-4E33-A188-9016BB202408} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe (RealNetworks, Inc. -> )
Task: {0F592054-FC0B-4DF8-B651-202C56DE274D} - System32\Tasks\{3E677D04-C9FB-4050-A4D5-9BFD909EF240} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {144E0E91-D00E-4D82-9885-778C3A749490} - System32\Tasks\{487AB330-EBD7-4A76-B891-A91754FD4314} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {19605A68-8D93-416E-B6A1-F04C2F6ECAA4} - System32\Tasks\{45416873-6870-44CC-8E45-58127503EEAF} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {1A942A5C-FE8D-4049-A9D6-8893D90BA979} - System32\Tasks\{2D3028CF-CE03-4AE4-B144-B8BEB566D687} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {1AB4AD6F-E0BC-4ED9-BC19-A949BEE5AE8A} - System32\Tasks\{611A5EB1-E8DC-4164-8DA6-A9358CB16A08} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {1B6955DB-AE88-49F1-8F3E-BC99722CA012} - System32\Tasks\{67C0FFD8-6786-4EDB-A901-EB2DF2A3BDE9} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {2641C192-8073-4AC1-97AA-B0B3EF20EB8B} - System32\Tasks\{AAA228C8-54C2-4654-91AF-95C5C52D20BB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARK\AppData\Local\Temp\Temp1_MPEG_Streamclip_1.2.zip\MPEG_Streamclip.exe <==== ATTENTION
Task: {281A7460-642E-40A2-B0E5-A2D2BA0CC5C4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
Task: {2DE00C78-BF46-49E7-8C1E-8D19E977FDA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2E3336D9-3D8F-43A0-9EA1-5177B465CD91} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {3268B6BC-5528-4FB5-A5CC-F1A9064FDBA4} - System32\Tasks\{D5E8CB6B-319E-4F0E-917E-CBAC38E34677} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {38B8C499-E203-4AAA-9330-DABB68DF9F43} - System32\Tasks\{8CD991B8-C611-457C-9A4B-8E148BBC1495} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {38D302D2-0E6B-45A9-8EB5-5A6693DA67ED} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {3A4C9BB5-147B-47CB-8157-34D11DDF3D1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3DE84952-ECFD-482D-B8F2-1268D979F166} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {40FC8802-9F5A-42F6-B95D-6C0067FCEB69} - System32\Tasks\{27003535-56D0-44FC-AE23-EFC0AAFC1A81} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
Task: {4789B856-DCCB-4458-AF1C-133ECB9341E3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {4CCEF7E3-0CC7-488D-9226-593999AC0E27} - System32\Tasks\{13F92E3C-232E-4FA8-8FF7-EEAAF6931DD8} => C:\Users\MARK\Downloads\musicmatch10.00.4033.exe
Task: {50BF9D53-83BC-4D7E-BCB7-F008C9946199} - System32\Tasks\{479B464A-5FCF-410E-AFE0-ED5300A0DDD0} => C:\Program Files (x86)\Roxio Creator NXT\Roxio Central\RoxioCentralFx.exe (Corel Corporation -> )
Task: {525ADD04-55BA-4913-B544-CBC829CDA221} - System32\Tasks\{9FB150E9-5941-4658-BCD0-641ED11803BF} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {52AE9C83-353E-48EF-991B-E119CF4F8DE4} - System32\Tasks\{7F471F8C-38C6-4F94-BC8A-0CBAD06FE02A} => C:\Users\MARK\Downloads\musicmatch82.exe
Task: {57E2CE92-4517-4777-BD34-47208D0716FA} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {6074794B-09C5-4E18-8515-4DBADDC76F61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {67EDB240-E03D-437C-818F-D15D6C99C491} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
Task: {683BBDA8-64D7-4168-95B6-2FB04C07BC90} - System32\Tasks\{605EAD35-C8E6-48D5-953C-4BDE791AA5E8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {79022F55-5129-4E5A-9779-C9ACFFBA8BA4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {7A170C85-4395-40BB-A490-4F9CB05784B1} - System32\Tasks\{6440DA17-3021-4946-9EDC-65255B783269} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {7C4ED347-BB52-4987-95A2-B8F8F280210C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {85C067FB-5098-4051-B1CA-9E7E7BF214A9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8780C8BE-F54B-47DA-85F9-AFDADD2E4C2C} - System32\Tasks\{7F70CAB2-072C-4D42-AEF6-16B1B69095C7} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {8F98D4DD-65A0-46CA-B885-29F47ABAEB0B} - System32\Tasks\{F40CE779-309B-4896-974C-AE6E2C94644D} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
Task: {90C45678-9B30-4EFF-91CC-917E12E06B45} - System32\Tasks\{7849AF3E-8179-490E-B09B-D31FDF213381} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {97B89E7B-895D-4E58-BD0A-15C923FF6F5D} - System32\Tasks\{9386CA07-7838-4DD2-938F-C939BD959A61} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {9A15C862-F14A-40C5-8312-DBAB1E30AA0C} - System32\Tasks\{EBDC029A-1928-42DF-B29D-CF913C18B968} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {9A99B748-ACA2-41E5-BE40-8BB1086F6DCB} - System32\Tasks\{31B93D9E-EA8C-4990-BF18-B09BFBAA435D} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {9F712EF0-97B6-4661-B891-7859479E23A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {A06C3FD6-61F0-43C5-B2C4-697911A016EA} - System32\Tasks\{C1FE1AD8-7E5A-42FE-BFD1-7BE5D2CF6E2B} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {A3FDE451-DDF4-4F0F-9B56-4D6119FF1EDB} - System32\Tasks\{BC0B3BDD-C189-4564-91B2-8AE4B6510985} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {A483F551-EE1F-4BBC-B877-CDBDAE73B07E} - System32\Tasks\{8A4CD231-08EE-44AB-9ECA-E7443D8CAE31} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
Task: {A84DD5FE-E359-4A54-BC95-9EB95EF9F6DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A909DD0B-138D-4229-9422-97518BFBE2E5} - System32\Tasks\{20F50F2F-8C2B-4F7F-9DDA-FC3F2ACAC9BA} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {AC00B659-6AEE-482A-8872-52BF69556ADC} - System32\Tasks\{007A1385-A538-4B74-AF24-B76DCD096802} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {AF4E8988-8683-4AFF-A1DC-B874E3E9DD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B7BA3B97-3BEE-4160-AB67-7B3CE597B5E7} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {B7E83BA7-06F3-41D8-8B7D-E52F6488C1E2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
Task: {BBAA77C7-8BE7-43D3-BCF8-7BCBB44FEA48} - System32\Tasks\{0E5FFA70-B7B3-4AD7-AF23-C403A980856A} => C:\Program Files (x86)\Dell AIO Printer A940\DLBAaiox.exe
Task: {BD09F54A-6D5C-4393-9BDA-2319D1CB3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (RealNetworks, Inc.) [File not signed]
Task: {C0752428-0D21-4764-8805-EB4EE14F241C} - System32\Tasks\{35990657-F8A1-4941-BC71-31E7500013C4} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {C6729723-48E4-4D50-959E-667C6603319C} - System32\Tasks\{0BA0CD3C-B95D-4721-AEE6-8991F35A9D92} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {CF997253-70E7-46FA-A97E-46BB686709D4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Microsoft Corporation -> Microsoft)
Task: {D026AE65-BA76-4145-B862-3BB536091F80} - System32\Tasks\{74A7DDF1-BDA7-4B5A-BA82-F6455C234E40} => C:\Program Files (x86)\MultiViewer\MultiViewer.exe
Task: {D1782047-A988-4544-AC47-E3A3629E46BD} - System32\Tasks\{5B006323-E1AE-4E67-A035-715B6B7DEC4A} => C:\Users\MARK\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {D5D96F18-E3AB-4B5A-8E0D-267E1647199C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {D6E1EAD5-7358-4A5E-99A9-56F3B1AF031F} - System32\Tasks\{AA42977C-B36D-4D54-97F4-9D36BF2B1165} => C:\Program Files (x86)\Digiarty\WinX DVD Author 6.3.7\DVD_Author.exe
Task: {D7F4C430-E3AB-4E5E-A7D1-1178230F9255} - System32\Tasks\{5379BC2C-7DEB-41FC-8555-042FA7281998} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
Task: {DEDA0FDF-B354-4C37-9532-012E80F9C1E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E0BD0B9D-F7E7-45B4-9698-B4A1DC18C24E} - System32\Tasks\{15D2093E-FD56-45CB-BB1C-1CDBEBD7356D} => C:\Program Files (x86)\AOL Desktop 9.7\aol.exe
Task: {E3D600BB-67DA-4B85-BC16-E30120C0D15E} - System32\Tasks\{711738D9-A6C7-442A-B24A-2D60FC80400F} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {E4DAEAE3-C231-4E06-B9C5-9534DC76148B} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {E90EEF97-DF18-4FAF-9B3C-F0A250A3A92F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2130412082-872510349-2259372935-1000 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {F050F864-D1A1-4F59-9DDD-4C3D8CAB6AB2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F17576A4-12A6-4EA5-9184-E67519F1BF0A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> )
Task: {F395931B-FEF9-4729-954C-E9BC4573D1F6} - System32\Tasks\{7A1E1935-8DD2-4CFA-A169-A8C098A30AC4} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {F62B2F93-50D6-4CF4-A92C-EBA904523A73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F823E685-BBD6-4AB4-8015-BF6FBF8AB1F9} - System32\Tasks\{70F70446-4007-4E05-81FC-E0298A3944D6} => C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
Task: {FDABE515-D080-42BE-A063-EA74269EE848} - System32\Tasks\{1A1EF3C2-E0E5-4E2D-B05A-D4F60D251591} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2016-09-29 19:59 - 2014-03-04 15:06 - 000180224 ____C (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBM1E.DLL
2009-12-09 11:24 - 2009-12-09 16:24 - 000892416 _____ ( ) [File not signed] C:\Windows\System32\dlealmpm.DLL
2009-12-09 11:24 - 2009-12-09 16:24 - 001371648 _____ ( ) [File not signed] C:\Windows\System32\dleacomc.dll
2011-12-31 15:54 - 2009-11-04 09:18 - 000189440 _____ () [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2018-10-04 18:01 - 2018-10-04 18:01 - 000012288 ____C (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
2018-10-04 18:01 - 2018-10-04 18:01 - 000020480 ____C (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
2017-03-30 16:39 - 2018-01-19 11:26 - 002976256 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2017-04-05 13:35 - 2017-04-05 13:35 - 003581952 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
2017-03-22 17:21 - 2018-01-18 15:39 - 000314368 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2016-11-25 10:18 - 2016-11-25 10:18 - 000225280 ____C (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 ____C (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 003084800 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 005139968 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 005010944 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 002950144 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 002234880 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 004571648 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 000438272 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-24 16:45 - 2019-03-29 18:02 - 001181184 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-24 16:45 - 2019-03-29 18:02 - 000124928 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000026112 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000020992 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-11-18 19:36 - 2019-03-29 18:02 - 000259584 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000729088 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000073216 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000179712 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000014848 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-29 18:02 - 2019-03-29 18:02 - 000101888 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-02-24 16:45 - 2019-03-29 18:02 - 000035328 ____C (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 ____C () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-10-04 14:25 - 2018-01-18 15:39 - 001720832 ____C () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 ____C (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2017-03-22 17:21 - 2018-01-18 15:39 - 000519168 ____C () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000137728 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-04-05 09:53 - 2017-11-07 19:55 - 000440832 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-27 15:33 - 2017-11-07 20:04 - 000087040 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 000087552 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 15:39 - 2017-08-18 11:23 - 017974784 ____C () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-03-13 15:53 - 2017-03-13 15:53 - 063977984 ____C (Aviata Inc.) [File not signed] C:\Program Files (x86)\PowerENGAGE\PowerENGAGE.exe
2017-03-13 15:53 - 2017-03-13 15:53 - 013151744 ____C (Node.js) [File not signed] C:\Program Files (x86)\PowerENGAGE\node.dll
2017-03-13 15:53 - 2017-03-13 15:53 - 001943040 ____C () [File not signed] C:\Program Files (x86)\PowerENGAGE\ffmpeg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2130412082-872510349-2259372935-1000\...\123simsen.com -> www.123simsen.com

There are 7716 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-04-23 20:26 - 000000093 ____C C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.eom

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2130412082-872510349-2259372935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Find Fast.lnk => C:\Windows\pss\Microsoft Find Fast.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARK^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Office Startup.lnk => C:\Windows\pss\Office Startup.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE" -b
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files (x86)\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EasyHideIPVPN => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\MARK\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1429832463\ee\AOLSoftware.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ICF => "C:\Program Files (x86)\Internet Content Filter\mfp.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => c:\program files (x86)\real\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RunDLLEntry_EptMon => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
MSCONFIG\startupreg: RunDLLEntry_THXCfg => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShwiconXP9106 => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D73D967-32C1-47D8-A7EC-3531A66698A9}] => (Allow) LPort=8317
FirewallRules: [{60B8BD61-B3F8-41B9-99A5-7114CEEDE77D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [{FA59CBB4-ACEC-492B-B1FC-7AD0903E866A}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe No File
FirewallRules: [{A33D26D9-CE08-46F5-B82E-C10258442428}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe No File
FirewallRules: [TCP Query User{854E718D-AB3C-4BE9-B8B7-5D58343EC677}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe No File
FirewallRules: [UDP Query User{4E97F9E1-7AE7-4798-BF9D-34870D6B2A65}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe No File
FirewallRules: [{523026AA-B677-4B72-98B2-6EFB4301A605}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe No File
FirewallRules: [{EF658E54-E933-4B65-B15D-0AB754B5A288}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe No File
FirewallRules: [{5EAFCF4E-6A35-4B46-9DF7-75F2D8AEFE37}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe No File
FirewallRules: [{BCE73B4E-BB6C-4161-80B2-AEB5C1F0DF4F}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe No File
FirewallRules: [{6F0F663F-8EEB-49B3-83B4-D60F032CEC94}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{BE620D61-375A-45B8-A7A1-032C60F0F0C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{A3E79D60-D78C-4908-A19F-A9198A72A1E3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4330BC75-0C59-4E97-97B4-66F6372307B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F14FD71F-DB73-4A73-ABBD-8684304BC899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2E46833-6F90-4EFE-9D36-4B9C004BE1AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8618A21-5A22-420D-B01B-E30098310878}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{CAE93EB0-B764-496E-928D-7A3BB74D5761}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8C1B05D4-CFF0-43AE-89D7-9B6FE38615F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7B9A6B1C-7269-4262-B8C7-00984B1C459C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{A9D262DD-556F-46DB-AE7F-5FA35F467B27}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{0F2F525B-5AC3-43A6-B71C-42324E9A4A1B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{9171BB16-FB20-43FB-8F59-8541A78B3CA8}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{D47569E2-94AA-4636-A940-570CF5207FFD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C412CF6-3399-40D1-AADE-16480338A529}] => (Allow) LPort=54950
FirewallRules: [{51189D0A-8B0D-4C6A-91B4-50196E2A53C0}] => (Allow) LPort=54955
FirewallRules: [{A177CACD-4DC6-47ED-8343-52F5089A69A5}] => (Allow) C:\Users\MARK\Desktop\House Photos During\Install\wlan_wiz\.\wlan_assistant\waw.exe () [File not signed]
FirewallRules: [{CE311DD8-4022-4ECD-AC15-050AD59E5D70}] => (Allow) LPort=54925
FirewallRules: [{0165FC47-5764-4FCD-A899-B7C7ABCFE8A0}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe No File
FirewallRules: [{0C570BB3-48B9-45E1-ADD7-FF9D978CBFBB}] => (Allow) D:\Install\wlan_wiz\.\wlan_assistant\waw.exe No File
FirewallRules: [{C08CB953-F2EC-4E4D-9032-03D8282F5E85}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{39045324-700B-46DC-93D7-080FEC37AABD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

03-01-2019 14:13:11 Scheduled Checkpoint
10-01-2019 18:09:16 Scheduled Checkpoint
11-01-2019 16:35:57 Installed 4K Video Downloader 4.4
19-01-2019 14:34:37 Scheduled Checkpoint
26-01-2019 22:10:38 Restore Operation
03-02-2019 15:34:07 Scheduled Checkpoint
15-02-2019 20:39:41 Scheduled Checkpoint
17-02-2019 12:04:13 Restore Operation
23-02-2019 12:44:21 Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012
03-03-2019 13:20:35 Scheduled Checkpoint
11-03-2019 14:19:21 Scheduled Checkpoint
19-03-2019 13:41:43 Scheduled Checkpoint
26-03-2019 18:20:45 Garmin Express
02-04-2019 18:29:34 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: DW1501 Wireless-N WLAN Half-Mini Card
Description: DW1501 Wireless-N WLAN Half-Mini Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: zeonetfilter
Description: zeonetfilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: zeonetfilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2019 03:43:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:43:20.578]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:43:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:43:13.528]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:42:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:42:31.224]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:42:24 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:42:24.174]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:42:17 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:42:17.123]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:41:34 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:41:34.821]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:41:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:41:27.771]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

Error: (04/07/2019 03:41:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/04/07 15:41:20.720]: [00005948]: Error GetInkSupplyType Send ( ErrCode == 5 )

System errors:
=============
Error: (04/07/2019 03:01:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/07/2019 03:01:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (04/07/2019 03:01:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (04/07/2019 03:00:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/07/2019 03:00:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (04/07/2019 03:00:54 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (04/07/2019 01:00:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/07/2019 01:00:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Windows Defender:
===================================
Date: 2012-12-06 12:38:35.266
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{A79DE555-8EAC-467C-AB04-83BDA31245E7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2017-07-10 23:19:38.373
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-09-29 11:39:42.279
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-10 17:02:44.289
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-07 15:20:31.801
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2013-04-03 21:06:50.287
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-01-26 13:24:20.802
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.751
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.695
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-26 13:24:20.648
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.105
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:57.044
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.973
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 20:02:56.851
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 85%
Total physical RAM: 8174.45 MB
Available physical RAM: 1184.44 MB
Total Virtual: 16347.07 MB
Available Virtual: 6138.91 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:17.9 GB) NTFS

\\?\Volume{7c551ac4-2d3e-11e1-bf29-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:13.25 GB) (Free:2.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: AC289F96)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
#5 ·
Hi,

Thank you for the FRST.txt and Addition.txt logs.

-------------------------------

Can you describe the issue in more detail?

Additionally, it seems there may be a potentially unwanted modification to your Chrome Startup URLs to open an adware-related website. Did you set this intentionally?

-------------------------------

Is this program on your computer properly activated?

Camtasia Studio 8
 
#6 ·
When I turn on my computer it boots up then through out the day it progressively gets very slow and the activity light just stays on which seems like forever when ever I do anything. I didn't intentionally set up Chrome to open up any adware-related websites. Camtasia is okay, why do you ask?
 
#8 ·
Hi,

Open Google Chrome. Click the Menu icon (three vertical dots, upper right corner of the Chrome window) and click Settings. Scroll down until you reach the "On Startup" category. If the URL "websearch.thesearchpage.info" is listed, please remove it from the "On Startup" section.

-----------------------

There is evidence that the program Camtasia Studio 8 may be activated illegitimately. If it is, please uninstall it before we continue. If it is activated properly, let me know.
 
#9 ·
The only thing in On startup is 3 options that say:

Open the New Tab page

Continue where you left off

Open a specific page or set of pages
----------------------------------------------------------------------------------------------------------------

Also, as far as I know my Camtasia is activated and installed properly.
 
#10 ·
Hi,

We'll reset the Chrome Startup URLs, clean up some empty registy entries, and scan some files at VirusTotal using a FRST "fixlist" script.

----------------

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
 

Attachments

#17 ·
The website URL starts with "websearch.thesearchpage.info"

If you want to keep this website in the Chrome Startup URLs, which I wouldn't recommend, then let me know. I will modify the "fixlist.txt" file so it will not reset the startup URLs to default.
 
#25 ·
Hi,

That URL is associated with a browser hijacker/search page redirect. Additionally, scanning the URL at VirusTotal shows that several antivirus programs detect it as malicious/unwanted. If the URL does appear in the Chrome "Open a specific page or set of pages" settings, I would recommend you remove it. However, if you wish to have the site open when Chrome is launched, let me know.
 
#28 ·
Hi,

I have attached a new FRST fix below.
It will not remove the Chrome Startup URLs.

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
 

Attachments

Status
Not open for further replies.
You have insufficient privileges to reply here.
Top