1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Windows Explorer Couldn't See Folder

Discussion in 'Virus & Other Malware Removal' started by susb8383, May 28, 2019.

Thread Status:
Not open for further replies.
Advertisement
  1. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    I had a weird thing happen yesterday and I wonder if I have a virus. I had Windows Explorer open to a folder and I was deleting old files from it. All of a sudden the folder showed as blank. I also have a shortcut to this folder in the left column of windows explorer. Instead of the shortcut showing an icon of a folder, it was just a white rectangle. When I clicked on the shortcut, I got an error.

    I also had a Word document open that was a file in that same folder. When I saved the document, it 'goosed' everything and windows could then see the folder again. The icon went back to a folder and everything worked fine.

    Before I assume something is physically going wrong with the hard drive, I'd like to rule out a virus.

    Here are the results of sysinfo:

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz, Intel64 Family 6 Model 60 Stepping 3
    Processor Count: 4
    RAM: 8133 Mb
    Graphics Card: NVIDIA GeForce GT 720, 1024 Mb
    Hard Drives: C: 907 GB (386 GB Free);
    Motherboard: Dell Inc., 0KWVT8
    Antivirus: AVG Antivirus, Enabled and Updated
     
  2. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi susb8383, Welcome to the Tech Support Guy malware removal forum.

    I am iMacg3 and will be helping you with your computer problems.

    Please keep the following information in mind before we begin:
    • Back up any important data before we continue.
      • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
    • Do not run any fixes or tools on your system unless I request that you do so.
      • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
    • Please read all instructions carefully, and complete them in the order listed.
      • Items that are especially important will be highlighted in bold or red.
    • If your computer seems to start working normally, please don't abandon the topic.
      • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
    • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
      • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
    • If you have questions at any time during the cleanup, feel free to ask.

    ---------------------------------------------------
    Farbar Recovery Scan Tool (FRST)
    • Download FRST to your Desktop. (for 32 bit systems)
    • Download FRST64 to your Desktop. (for 64 bit systems)
    • Double click Frst.exe/Frst64.exe to launch it.
    • FRST will start to run.
      • When the tool opens click Yes to the disclaimer.
      • Press the Scan button.
      • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
     
  3. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Here is frst.txt:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
    Ran by BarkPark (administrator) on BARK_PARK (Dell Inc. XPS 8700) (02-06-2019 13:38:34)
    Running from C:\Users\BarkPark\Downloads
    Loaded Profiles: John & BarkPark (Available Profiles: John & BarkPark & Susie & Ashton)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (AVG Technologies CZ, s.r.o. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    (AVG Technologies CZ, s.r.o. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    (AVG Technologies CZ, s.r.o. -> ) C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    (Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Intel® Services Manager -> ) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
    (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2comm.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2pre.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2svc.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2tray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\pcdrwi.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    (Siber Systems -> Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
    HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [309680 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
    HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell Inc -> Dell, Inc.)
    HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2771832 2012-12-07] (Intuit, Inc. -> Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2187336 2017-10-20] (AVG Technologies CZ, s.r.o. -> )
    HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\MountPoints2: {34e91e38-2648-11e6-85be-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\MountPoints2: {1b58da54-67d9-11e5-9cf6-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\MountPoints2: {34e91e38-2648-11e6-85be-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
    HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2019-03-22] (Splashtop Inc. -> Splashtop Inc.)
    HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    Startup: C:\Users\BarkPark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-05-03]
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {105BD183-EDE2-4F48-A2DF-63A0D9CCBEF9} - System32\Tasks\BarkPark DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {16FBA4AE-EE7A-405D-8857-0F856494881D} - System32\Tasks\John1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {1C3F546E-2179-4719-8136-F82B11634547} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
    Task: {1F56DF1F-B921-4E8A-9291-DF66408EA5A6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    Task: {2E6D87E1-8F9F-4C62-B91C-CB3799FF0454} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    Task: {42C17925-55FB-4CEE-968B-66606C9952E1} - System32\Tasks\John DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {49303771-F7E8-4E99-B35D-D3951AD5F1C4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2981808 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    Task: {76EEA41B-731D-47FE-B6B4-73AC642CA7B4} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
    Task: {82AB7494-1DD0-453A-931A-B5C38646AF87} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1952448 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {A4F11779-135F-494B-9187-1AF75DA22997} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe [2561424 2015-07-26] (AVG Technologies CZ, s.r.o. -> )
    Task: {A79D1FC1-58C3-4E73-AF04-268C31F775D5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    Task: {A93260AF-8594-42F7-927B-66196B8C0BE8} - System32\Tasks\John => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {AE80B46D-CE6A-4874-A5AD-AD427E9BB1C8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    Task: {C357B75B-A69F-4BFF-B98A-702D4B20FEA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-31] (Google Inc -> Google Inc.)
    Task: {F164A754-81BE-4679-918D-1FA72DC0CA8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-31] (Google Inc -> Google Inc.)
    Task: {F4368259-DE4F-4E25-9662-9AC322797788} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{1680F0BD-E455-4133-B1BD-E9DCB9B2CF4E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{7F970F8C-35DE-4BC8-B706-F238CCAC9D36}: [DhcpNameServer] 10.13.109.99

    Internet Explorer:
    ==================
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> DefaultScope {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B795B6DE-A237-4400-B367-4C1EEABFE652}&mid=5679ad5033a247cd98dbd175391419f9-b6072b3e1023bbf9ee076fcb99ea4938ece6745b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-26 05:42:58&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll [2017-10-20] (AVG Technologies CZ, s.r.o. -> AVG)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Toolbar: HKU\S-1-5-21-357705481-3834319829-2341904365-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2015-05-02] (Intuit, Inc. -> Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: 4lbc0s6r.default
    FF ProfilePath: C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default [2019-06-02]
    FF Extension: (AVG Web TuneUp) - C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\Extensions\[email protected] [2018-03-07] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avg/wtu/update.json]
    FF Extension: (RoboForm Password Manager) - C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\Extensions\[email protected] [2019-04-16]
    FF SearchPlugin: C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\searchplugins\avg-secure-search.xml [2017-10-20]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-29] (Adobe Systems Incorporated -> )
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-29] (Adobe Systems Incorporated -> )
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] (Apple Inc. -> )
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-357705481-3834319829-2341904365-1000: @citrixonline.com/appdetectorplugin -> C:\Users\John\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-13] (Citrix Online -> Citrix Online)

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR Profile: C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default [2019-03-23]
    CHR Extension: (Slides) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-31]
    CHR Extension: (Docs) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-31]
    CHR Extension: (Google Drive) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-31]
    CHR Extension: (YouTube) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-31]
    CHR Extension: (Sheets) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-31]
    CHR Extension: (Google Docs Offline) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-31]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-31]
    CHR Extension: (Gmail) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-31]
    CHR Extension: (Chrome Media Router) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-23]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-05-03] (Adobe Systems) [File not signed]
    S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc. -> Apple Inc.)
    R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [204928 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [409280 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6893160 2019-05-28] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-04-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
    S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc. -> Dell Inc.)
    R2 GoToMyPC; C:\Program Files (x86)\GoToMyPC\g2svc.exe [1893336 2018-09-16] (LogMeIn, Inc. -> LogMeIn, Inc.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Softland SRL -> Microsoft)
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-02-01] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-20] (Seagate Technology LLC -> Seagate Technology LLC)
    R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-04] (Dell Inc. -> SoftThinks SAS)
    R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-25] (Microsoft Windows -> Microsoft Corporation)
    R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-10-20] (AVG Technologies CZ, s.r.o. -> )
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Qualcomm Atheros -> Atheros) [File not signed]
    R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Qualcomm Atheros -> Atheros) [File not signed]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2811904 2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
    R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37160 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [207496 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [263056 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [206408 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61520 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [167920 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112360 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1030832 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [477632 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [225144 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [385904 2019-05-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [68736 2012-12-27] (Qualcomm Atheros -> Atheros)
    R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-05-08] (Techporch Incorporated -> Dell Inc.)
    R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
    R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 monblanking; C:\Windows\System32\DRIVERS\monblanking.sys [47696 2018-09-16] (LogMeIn, Inc. -> LogMeIn, Inc)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation -> MCCI Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-02 13:38 - 2019-06-02 13:40 - 000035831 _____ C:\Users\BarkPark\Downloads\FRST.txt
    2019-06-02 13:38 - 2019-06-02 13:38 - 000000000 ____D C:\FRST
    2019-06-02 13:23 - 2019-06-02 13:23 - 002433536 _____ (Farbar) C:\Users\BarkPark\Downloads\FRST64.exe
    2019-06-02 12:21 - 2019-06-02 12:21 - 003506622 _____ C:\Users\BarkPark\Downloads\CalCheck_2.6.0_x64.zip
    2019-06-02 07:18 - 2019-06-02 07:18 - 000000000 ___RD C:\Users\BarkPark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2019-06-01 05:35 - 2019-06-01 05:35 - 000000000 ___RD C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2019-06-01 05:23 - 2019-06-01 05:24 - 000283944 _____ C:\Windows\Minidump\060119-17019-01.dmp
    2019-05-28 21:04 - 2019-05-28 21:04 - 000000000 ____D C:\Users\BarkPark\AppData\Local\Splashtop
    2019-05-28 21:02 - 2019-05-28 21:03 - 000000000 ____D C:\ProgramData\Splashtop
    2019-05-28 21:02 - 2019-05-28 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
    2019-05-28 21:02 - 2019-05-28 21:02 - 000000000 ____D C:\Program Files (x86)\Splashtop
    2019-05-28 21:02 - 2019-03-22 12:16 - 000310704 _____ (Splashtop Inc.) C:\Windows\system32\SRCredentialProvider.dll
    2019-05-28 21:00 - 2019-05-28 21:00 - 031009136 _____ (Splashtop Inc.) C:\Users\BarkPark\Downloads\Splashtop_Streamer_Windows_DEPLOY_INSTALLER_v3.3.0.2_3WZ42XHZ3HSP.exe
    2019-05-28 20:36 - 2019-05-28 20:36 - 000748192 _____ (TechGuy, Inc.) C:\Users\BarkPark\Downloads\SysInfo.exe
    2019-05-27 05:39 - 2019-05-27 05:39 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
    2019-05-22 05:56 - 2019-05-23 05:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2019-05-14 19:27 - 2019-05-14 19:28 - 000461584 _____ C:\Windows\Minidump\051419-29499-01.dmp
    2019-05-06 22:31 - 2019-05-08 00:08 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1
    2019-05-06 22:31 - 2019-05-06 22:31 - 000000865 _____ C:\Users\Public\Desktop\MyDefrag.lnk
    2019-05-06 22:31 - 2019-05-06 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
    2019-05-06 22:31 - 2010-05-21 12:11 - 001147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe
    2019-05-06 22:31 - 2010-05-21 12:11 - 000485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-02 13:37 - 2018-09-05 22:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2019-06-02 13:37 - 2018-08-31 05:48 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-06-02 13:37 - 2018-08-31 05:48 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-06-02 13:37 - 2018-06-23 09:12 - 000003702 _____ C:\Windows\System32\Tasks\John1
    2019-06-02 13:37 - 2018-05-09 09:14 - 000004202 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2019-06-02 13:37 - 2017-06-20 07:56 - 000003508 _____ C:\Windows\System32\Tasks\BarkPark DBAgent 2 0
    2019-06-02 13:37 - 2017-05-13 16:20 - 000003700 _____ C:\Windows\System32\Tasks\John
    2019-06-02 13:37 - 2017-05-13 16:17 - 000003492 _____ C:\Windows\System32\Tasks\John DBAgent 2 0
    2019-06-02 13:37 - 2017-05-13 16:16 - 000003504 _____ C:\Windows\System32\Tasks\Seagate_Install_Launch
    2019-06-02 13:37 - 2017-04-04 07:59 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
    2019-06-02 13:37 - 2016-03-29 15:48 - 000003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2019-06-02 13:37 - 2015-09-10 08:09 - 000002464 _____ C:\Windows\System32\Tasks\0915avUpdateInfo
    2019-06-02 13:37 - 2015-09-10 08:09 - 000000338 _____ C:\Windows\Tasks\0915avUpdateInfo.job
    2019-06-02 13:37 - 2015-08-30 08:48 - 000003708 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
    2019-06-02 13:37 - 2014-06-25 10:34 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
    2019-06-02 13:37 - 2014-06-25 10:34 - 000003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
    2019-06-02 13:22 - 2016-11-20 09:22 - 000000000 ____D C:\Users\BarkPark\AppData\LocalLow\Mozilla
    2019-06-02 07:27 - 2015-05-03 08:12 - 000000000 ____D C:\Users\BarkPark\Documents\Outlookdata
    2019-06-02 07:18 - 2015-04-30 19:43 - 000000000 ____D C:\Users\BarkPark\Documents\Bluetooth Folder
    2019-06-02 07:08 - 2016-11-20 09:02 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
    2019-06-02 04:58 - 2009-07-14 00:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2019-06-02 04:58 - 2009-07-14 00:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2019-06-01 09:32 - 2015-05-03 16:33 - 000013076 _____ C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).CAL
    2019-06-01 06:19 - 2018-06-23 08:41 - 000000000 ____D C:\Users\John\Desktop\Camera June 21 18
    2019-06-01 05:29 - 2014-06-25 10:43 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2019-06-01 05:24 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2019-06-01 05:23 - 2015-05-08 08:29 - 593874749 _____ C:\Windows\MEMORY.DMP
    2019-06-01 05:23 - 2015-05-08 08:29 - 000000000 ____D C:\Windows\Minidump
    2019-05-30 17:24 - 2015-05-04 16:38 - 000000000 ____D C:\Users\John\Documents\Outlookdata
    2019-05-30 05:12 - 2017-04-04 07:59 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
    2019-05-27 23:40 - 2009-07-14 01:13 - 000787758 _____ C:\Windows\system32\PerfStringBackup.INI
    2019-05-27 23:40 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
    2019-05-27 05:39 - 2018-10-20 13:36 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000477632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000225144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000167920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
    2019-05-27 05:38 - 2019-01-05 10:25 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
    2019-05-27 05:38 - 2017-11-27 06:16 - 000207496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
    2019-05-27 05:38 - 2017-04-04 07:59 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
    2019-05-27 05:37 - 2019-01-14 16:10 - 000263056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
    2019-05-27 05:37 - 2019-01-05 10:25 - 000206408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
    2019-05-27 05:37 - 2019-01-05 10:25 - 000061520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
    2019-05-23 22:56 - 2017-09-22 20:34 - 000000370 _____ C:\Windows\SysWOW64\SmartFlow.txt
    2019-05-23 22:50 - 2018-07-23 22:50 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
    2019-05-23 05:18 - 2015-04-30 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-05-22 17:21 - 2015-04-30 19:26 - 000000000 ____D C:\Users\John\Documents\Bluetooth Folder
    2019-05-21 16:20 - 2018-08-31 05:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-05-21 16:20 - 2018-08-31 05:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-05-18 20:53 - 2015-05-01 00:19 - 000000000 ____D C:\Users\Susie\Documents\Bluetooth Folder
    2019-05-18 20:52 - 2018-11-12 12:56 - 000000000 ____D C:\Users\Susie\AppData\LocalLow\Mozilla
    2019-05-18 16:55 - 2015-05-01 16:20 - 000094096 _____ C:\Users\Susie\AppData\Local\GDIPFONTCACHEV1.DAT

    ==================== Files in the root of some directories =======

    2015-05-03 16:33 - 2019-06-01 09:32 - 000013076 _____ () C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).CAL
    2018-07-31 15:52 - 2019-02-28 17:50 - 000009435 _____ () C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).EML
    2016-11-28 20:29 - 2017-05-23 15:45 - 000007606 _____ () C:\Users\BarkPark\AppData\Local\Resmon.ResmonCfg

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)


    LastRegBack: 2019-06-02 00:42
    ==================== End of FRST.txt ============================
     
  4. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Here is additional.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
    Ran by BarkPark (02-06-2019 13:41:08)
    Running from C:\Users\BarkPark\Downloads
    Windows 7 Professional Service Pack 1 (X64) (2015-04-30 23:23:48)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-357705481-3834319829-2341904365-500 - Administrator - Disabled)
    Ashton (S-1-5-21-357705481-3834319829-2341904365-1003 - Administrator - Enabled) => C:\Users\Ashton
    BarkPark (S-1-5-21-357705481-3834319829-2341904365-1001 - Administrator - Enabled) => C:\Users\BarkPark
    Guest (S-1-5-21-357705481-3834319829-2341904365-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-357705481-3834319829-2341904365-1007 - Limited - Enabled)
    John (S-1-5-21-357705481-3834319829-2341904365-1000 - Administrator - Enabled) => C:\Users\John
    Susie (S-1-5-21-357705481-3834319829-2341904365-1002 - Administrator - Enabled) => C:\Users\Susie

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    01 Transaction Pro Importer 4.0 (HKLM-x32\...\01 Transaction Pro Importer 4.0) (Version: 4.0.10 - Baystate Consulting (781) 932-1133)
    Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
    Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
    Adobe Reader XI (11.0.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
    Atheros Outlook Addin 2010 (HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\D9918D4858F5B722A4667B7989E1983A8FCC0462) (Version: 1.0.0.0 - Microsoft)
    AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.5.3093 - AVG Technologies)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.566 - AVG Technologies)
    Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
    Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
    Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
    Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
    Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
    Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
    GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
    GoToMyPC (HKLM\...\{92C11758-A413-42AA-B0C8-30ED9F99719B}) (Version: 10.1.2329 - LogMeIn, Inc.)
    GoToMyPC Print Assistant (HKLM\...\{57414DD3-55A7-4D2E-916F-2F1407AABE91}) (Version: 8.6.942 - Softland)
    Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.0.7075 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    novaPDF 8 Printer Driver (HKLM\...\{1A9E9E77-B29B-47C6-ADEB-9E7D6F7A08CE}) (Version: 8.6.942 - Softland)
    Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
    QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
    QuickBooks (HKLM-x32\...\{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}) (Version: 20.0.4017.807 - Intuit Inc.) Hidden
    QuickBooks Pro 2010 (HKLM-x32\...\{0700E22B-A422-40A5-BD20-04BF618CA0F9}) (Version: 20.0.4017.807 - Intuit Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
    Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
    RoboForm 8-4-7-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-4-7-7 - Siber Systems)
    Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.9.2.0 - Seagate)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.3.0.2 - Splashtop Inc.)
    VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-03-12] (SoftThinks -> )
    ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-03-12] (SoftThinks -> )
    ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-01-07] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
    WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
    WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-04 17:56 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
    2015-05-04 17:56 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
    2015-05-02 16:22 - 2009-06-22 09:14 - 000921600 _____ (AMYUNI Technologies hxxp://www.amyuni.com) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\acpdf400.dll
    2015-05-02 16:22 - 2009-06-22 09:14 - 000437760 _____ (AMYUNI Technologies hxxp://www.amyuni.com) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\acpdfui400.dll
    2014-06-25 10:36 - 2012-12-27 06:05 - 000439296 ____N (Atheros) [File not signed] C:\Windows\system32\athihvs.dll
    2015-05-04 17:56 - 2013-06-12 19:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
    2015-05-04 17:56 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
    2015-05-04 17:56 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
    2015-05-04 17:56 - 2014-05-22 13:50 - 004513792 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    2015-05-04 17:56 - 2013-10-10 21:55 - 002040320 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
    2015-05-04 17:56 - 2013-09-25 15:35 - 000282112 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    2015-05-04 17:56 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
    2015-05-04 17:56 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
    2015-05-04 17:56 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
    2015-05-04 17:56 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
    2015-05-04 17:56 - 2014-06-16 15:59 - 001537536 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    2015-05-04 17:56 - 2014-06-16 16:02 - 000579584 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    2015-05-04 17:56 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
    2014-06-25 10:35 - 2013-04-26 11:40 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
    2013-02-06 15:11 - 2013-02-06 15:11 - 000503296 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
    2013-02-06 15:11 - 2013-02-06 15:11 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
    2013-02-01 19:20 - 2013-02-01 19:20 - 000032768 _____ (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\CFScan.dll
    2013-02-01 18:27 - 2013-02-01 18:27 - 000045056 _____ (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    2017-04-21 13:26 - 2017-04-21 13:26 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    2015-05-04 18:15 - 2006-11-02 06:18 - 000850432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\PS5UI.DLL
    2014-06-25 10:34 - 2014-06-25 10:34 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
    2012-12-27 22:32 - 2012-12-27 22:32 - 000204928 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    2012-12-27 22:32 - 2012-12-27 22:32 - 000801920 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
    2012-12-27 22:32 - 2012-12-27 22:32 - 000054400 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
    2012-12-27 22:32 - 2012-12-27 22:32 - 000020608 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athr_debug.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000041088 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BPP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000045696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BTBIP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000163456 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 001023104 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    2012-12-27 22:33 - 2012-12-27 22:33 - 000516736 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\filetransfer.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000085632 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000099968 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000106624 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GOEP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000083072 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000093824 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\L2capLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000311936 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ObjPush.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 004933248 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000074368 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\PhoneBook.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000065664 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\RfcommLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000109696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\sesmgr.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000285312 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000042112 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\sim.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000130176 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\skypeagent.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000061568 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Sync.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000030848 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.DLL
    2014-06-25 10:39 - 2012-12-26 02:41 - 000081536 ____N (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    2012-12-27 22:33 - 2012-12-27 22:33 - 000327296 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
    2013-08-19 11:07 - 2013-08-19 11:07 - 000883200 _____ (Seagate Technology LLC) [File not signed] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBRes_en-US.nls
    2016-06-17 12:38 - 2016-06-17 12:38 - 000018944 _____ (Softland) [File not signed] C:\Windows\System32\novamn8.dll
    2009-02-19 12:15 - 2009-02-19 12:15 - 000643072 _____ (STLport Consulting, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\stlport_r50.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2018-12-03 10:53 - 000000858 _____ C:\Windows\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files (x86)\Common Files\Adobe\AGL
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    DNS Servers: 75.75.75.75 - 75.75.76.76
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: DellUpdate => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: McComponentHostService => 3
    MSCONFIG\Services: Seagate MobileBackup Service => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: SupportAssistAgent => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [{BA4159D9-EC5E-4FB4-87CD-C40A1CBD615A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{34EDD164-D110-4798-B87F-35CF4C459CE8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{99079E98-B566-47FF-B590-18666E85C5F1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
    FirewallRules: [{C5B3FD22-CC0A-4AC1-8647-657DB2A47EC4}] => (Allow) LPort=54925
    FirewallRules: [{AA530CFC-41E0-45B6-9CA8-DA7DEB10CDBD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{820F8DA1-FA8C-4118-A4B8-D288B11A17E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{1BD444EF-E41B-4864-9D18-36F2A3C3390B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{A094EB5B-9E0E-47A4-ACE2-952F025DBF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [TCP Query User{3F02E5C1-060F-43FF-8F24-F425478D0084}C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe] => (Allow) C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe No File
    FirewallRules: [UDP Query User{A4225E7C-84A0-4E71-B7A8-E5342EEEF56A}C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe] => (Allow) C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe No File
    FirewallRules: [{69CB21C5-8E4F-4556-946F-A2E8AC80427E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{79008F1F-2A42-4830-BFE7-9BC499F2BE74}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{6FC5DC03-7B05-4AD2-9C1B-A85C976EE416}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{82FCFBF8-2A9D-457E-9302-6F8D19318337}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{209E0095-B32E-4C9B-B7CA-F91D7BE346E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{1633A39B-E892-4970-8D22-2C5CC6894A6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{A3FDB294-136E-4180-BEA9-D4B6A57908DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{0217D073-42AB-41BD-9F0F-A0BC5689528F}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [UDP Query User{2E94EB2E-EBDC-47FC-AF93-165B1C79CB83}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [{FD99F55F-0229-436E-A96F-5635F1E67B4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{A97CCBB6-19EE-41BB-88C7-C2A223606640}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{697B2793-9E5F-45F7-A1F8-4D681282B41F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{8908356D-CB51-4C64-A241-FA64882BB635}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{B69C2180-2E51-464D-9CC7-562BAC939F20}] => (Allow) LPort=8888
    FirewallRules: [TCP Query User{0C428F6E-C78B-4421-B28E-5B08E55AB009}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
    FirewallRules: [UDP Query User{F83AC28F-429A-49B0-8149-7BE79DB505B7}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
    FirewallRules: [{CB6714A2-B92A-463E-B11C-0CAAD1CC0237}] => (Allow) LPort=8888
    FirewallRules: [{B73F44B0-0735-42E8-B8D6-798F024EA176}] => (Allow) LPort=8501
    FirewallRules: [{372243A9-90E6-4E9A-87D8-FD5782FAE5BC}] => (Allow) LPort=8501
    FirewallRules: [{A13E8D4B-12EE-434F-8CA0-A1DD46711AFB}] => (Allow) C:\Users\Susie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{00BF6C04-D9AF-439A-8734-B7EA9A803E9B}] => (Allow) C:\Users\Susie\AppData\Roaming\Zoom\bin\airhost.exe No File
    FirewallRules: [TCP Query User{9BF16D9C-FE06-47C8-9E12-82B9B8D3E0E0}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File
    FirewallRules: [UDP Query User{0575A0B0-961B-4D69-BEAA-24C9088C7BD8}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File
    FirewallRules: [{FAC7E923-628C-4C5C-B5AA-A0DE07FA1C6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
    FirewallRules: [{5F59D8DE-93A2-4D60-90A4-21DBEC1578C8}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)

    ==================== Restore Points =========================

    23-05-2019 00:00:08 Scheduled Checkpoint
    28-05-2019 21:01:21 Installed Splashtop Streamer.

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/02/2019 09:19:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

    Error: (06/02/2019 07:09:01 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/02 07:09:01.963]: [00007588]: Initialize TwdsMain Class failed!

    Error: (06/02/2019 07:09:01 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/02 07:09:01.963]: [00007588]: ##### Fatal ERROR!! Create STI-device failed! #####

    Error: (06/01/2019 02:15:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

    Error: (06/01/2019 01:35:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

    Error: (06/01/2019 08:07:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
    Description: An unexpected error has occured in "QuickBooks Pro 2010":
    DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1036 from function:'DBMgr::DBConnPool::init'

    Error: (06/01/2019 08:07:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
    Description: An unexpected error has occured in "QuickBooks Pro 2010":
    Connection String:CON=QBConnectionPool-Probe-QB_data_engine_20; ;DBF=C:\Users\Public\Documents\Intuit\QuickBooks\Company Files\A Bark In The Park.QBW;ENG=QB_data_engine_20;DBN=bbee55b8bf9b40afbb3dbd299de7bfd8

    Error: (06/01/2019 08:07:05 AM) (Source: QuickBooks) (EventID: 4) (User: )
    Description: An unexpected error has occured in "QuickBooks Pro 2010":
    Connection Error:Invalid user ID or password


    System errors:
    =============
    Error: (06/01/2019 05:24:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffffa8006c57450, 0xfffff8800e0119e0, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060119-17019-01.

    Error: (06/01/2019 05:24:02 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 5:21:19 AM on ‎6/‎1/‎2019 was unexpected.

    Error: (05/27/2019 11:53:56 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk5\DR5.

    Error: (05/27/2019 11:53:21 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk5\DR5.

    Error: (05/27/2019 11:53:21 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk5\DR5.

    Error: (05/27/2019 05:36:17 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (05/24/2019 05:21:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (05/24/2019 05:17:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Dell Hardware Support service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.


    CodeIntegrity:
    ===================================

    Date: 2017-08-09 21:40:42.158
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2017-07-09 14:04:27.121
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-07-24 09:30:58.614
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-07-24 09:30:58.453
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-10-20 19:18:59.258
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-10-20 19:18:59.082
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    BIOS: Dell Inc. A08 04/16/2014
    Motherboard: Dell Inc. 0KWVT8
    Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
    Percentage of memory in use: 86%
    Total physical RAM: 8133.75 MB
    Available physical RAM: 1122.06 MB
    Total Virtual: 16265.68 MB
    Available Virtual: 7918.04 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:907.74 GB) (Free:382.33 GB) NTFS

    \\?\Volume{2afb943c-fc84-11e3-a130-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:23.73 GB) (Free:13.16 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 3880BC0D)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=23.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=907.7 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  5. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi,

    Do you use AVG Web TuneUp? If not, I would recommend you uninstall it:

    ---------------------------------------------------
    Uninstall a Program
    • Press the Windows Key + R.
    • Type appwiz.cpl in the Run box and click OK.
    • The Add/Remove Programs list will open. Locate the following programs on the list:
      Code:
      AVG Web TuneUp
    • Select each program and click Uninstall.
    • Restart the computer if prompted.

    ---------------------------------------------------
    Farbar Recovery Scan Tool - Fix

    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press Ctrl+y (Ctrl and y keys at the same time)
    • A blank randomly named notepad file will open.
    • Copy and paste the following into it ....
    Code:
    start
    
    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:
    
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> DefaultScope {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B795B6DE-A237-4400-B367-4C1EEABFE652}&mid=5679ad5033a247cd98dbd175391419f9-b6072b3e1023bbf9ee076fcb99ea4938ece6745b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-26 05:42:58&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
    FF SearchPlugin: C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\searchplugins\avg-secure-search.xml [2017-10-20]
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    FirewallRules: [{69CB21C5-8E4F-4556-946F-A2E8AC80427E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{79008F1F-2A42-4830-BFE7-9BC499F2BE74}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{82FCFBF8-2A9D-457E-9302-6F8D19318337}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{209E0095-B32E-4C9B-B7CA-F91D7BE346E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [TCP Query User{0217D073-42AB-41BD-9F0F-A0BC5689528F}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [UDP Query User{2E94EB2E-EBDC-47FC-AF93-165B1C79CB83}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [{FD99F55F-0229-436E-A96F-5635F1E67B4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{A97CCBB6-19EE-41BB-88C7-C2A223606640}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{697B2793-9E5F-45F7-A1F8-4D681282B41F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{8908356D-CB51-4C64-A241-FA64882BB635}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{00BF6C04-D9AF-439A-8734-B7EA9A803E9B}] => (Allow) C:\Users\Susie\AppData\Roaming\Zoom\bin\airhost.exe No File
    FirewallRules: [TCP Query User{9BF16D9C-FE06-47C8-9E12-82B9B8D3E0E0}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File
    FirewallRules: [UDP Query User{0575A0B0-961B-4D69-BEAA-24C9088C7BD8}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File
    
    C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
    
    CMD: Bitsadmin /Reset /Allusers
    
    end
    • Press Ctrl+s to save the file.
    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Now press the Fix button once and wait.
    • FRST will process the fixlist
    • When finished, it will produce a log (fixlog.txt) in the same folder/directory as FRST
    • Please post the log in your next reply.
     
  6. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
    Ran by BarkPark (03-06-2019 20:39:35) Run:1
    Running from C:\Users\BarkPark\Downloads
    Loaded Profiles: John & BarkPark & Susie & Ashton (Available Profiles: John & BarkPark & Susie & Ashton)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start

    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:

    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> DefaultScope {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B795B6DE-A237-4400-B367-4C1EEABFE652}&mid=5679ad5033a247cd98dbd175391419f9-b6072b3e1023bbf9ee076fcb99ea4938ece6745b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-26 05:42:58&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
    FF SearchPlugin: C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\searchplugins\avg-secure-search.xml [2017-10-20]
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    FirewallRules: [{69CB21C5-8E4F-4556-946F-A2E8AC80427E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{79008F1F-2A42-4830-BFE7-9BC499F2BE74}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{82FCFBF8-2A9D-457E-9302-6F8D19318337}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{209E0095-B32E-4C9B-B7CA-F91D7BE346E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [TCP Query User{0217D073-42AB-41BD-9F0F-A0BC5689528F}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [UDP Query User{2E94EB2E-EBDC-47FC-AF93-165B1C79CB83}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe No File
    FirewallRules: [{FD99F55F-0229-436E-A96F-5635F1E67B4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{A97CCBB6-19EE-41BB-88C7-C2A223606640}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
    FirewallRules: [{697B2793-9E5F-45F7-A1F8-4D681282B41F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{8908356D-CB51-4C64-A241-FA64882BB635}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
    FirewallRules: [{00BF6C04-D9AF-439A-8734-B7EA9A803E9B}] => (Allow) C:\Users\Susie\AppData\Roaming\Zoom\bin\airhost.exe No File
    FirewallRules: [TCP Query User{9BF16D9C-FE06-47C8-9E12-82B9B8D3E0E0}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File
    FirewallRules: [UDP Query User{0575A0B0-961B-4D69-BEAA-24C9088C7BD8}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe] => (Allow) C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe No File

    C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe

    CMD: Bitsadmin /Reset /Allusers

    end
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
    HKLM\SOFTWARE\Policies\Mozilla => removed successfully
    C:\Windows\Tasks\0915avUpdateInfo.job => moved successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
    HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
    "HKU\S-1-5-21-357705481-3834319829-2341904365-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F93FADBD-C7F6-4030-A986-C07E9F4B4F40} => removed successfully
    HKLM\Software\Classes\CLSID\{F93FADBD-C7F6-4030-A986-C07E9F4B4F40} => not found
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
    HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
    HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => not found
    "C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\searchplugins\avg-secure-search.xml" => not found
    HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
    HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
    HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
    HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
    HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69CB21C5-8E4F-4556-946F-A2E8AC80427E}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{79008F1F-2A42-4830-BFE7-9BC499F2BE74}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82FCFBF8-2A9D-457E-9302-6F8D19318337}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{209E0095-B32E-4C9B-B7CA-F91D7BE346E5}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0217D073-42AB-41BD-9F0F-A0BC5689528F}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2E94EB2E-EBDC-47FC-AF93-165B1C79CB83}C:\users\barkpark\appdata\local\temp\g2_1704\g2viewer.exe" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD99F55F-0229-436E-A96F-5635F1E67B4D}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A97CCBB6-19EE-41BB-88C7-C2A223606640}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{697B2793-9E5F-45F7-A1F8-4D681282B41F}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8908356D-CB51-4C64-A241-FA64882BB635}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00BF6C04-D9AF-439A-8734-B7EA9A803E9B}" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9BF16D9C-FE06-47C8-9E12-82B9B8D3E0E0}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe" => removed successfully
    "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0575A0B0-961B-4D69-BEAA-24C9088C7BD8}C:\users\barkpark\appdata\local\temp\g2_2329\g2viewer.exe" => removed successfully
    C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe => moved successfully

    ========= Bitsadmin /Reset /Allusers =========


    BITSADMIN version 3.0 [ 7.5.7601 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {5BCC01EB-8F05-43B4-B7EF-E0531221A2E7} canceled.
    1 out of 1 jobs canceled.

    ========= End of CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80066977 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 153195075 B
    Edge => 0 B
    Chrome => 5958299 B
    Firefox => 1106740188 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 16674 B
    systemprofile32 => 33186 B
    LocalService => 0 B
    NetworkService => 64104 B
    John => 113613051 B
    BarkPark => 10917861 B
    Susie => 441682 B
    Ashton => 52681 B

    RecycleBin => 2654287 B
    EmptyTemp: => 1.4 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 20:42:00 ====
     
  7. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi,

    ---------------------------------------------------
    AdwCleaner

    Download AdwCleaner and save it to your desktop.
    • Right-click on AdwCleaner.exe and select Run as Administrator
    • Accept the EULA (I accept), then click on Scan.
    • Let the scan complete. If no objects are detected, close the AdwCleaner window.
    • If any objects are detected, uncheck any items you want to keep.
    • Click on the Clean and Repair button.
    • Once the cleaning process is complete, AdwCleaner will ask to restart your computer. Allow it to do so.
    • After the restart, an AdwCleaner window will open. Click on View Log File, and the log will open in notepad. Copy and paste the contents of the log into your next reply.
    Note: the AdwCleaner log is also saved to C:\AdwCleaner\Logs\AdwCleaner[CXX].txt (where XX is two numbers).

    ---------------------------------------------------
    ESET Online Scanner

    Download ESET Online Scanner and save it to your desktop.
    • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
    • When the tool opens, click Get Started.
    • Read and accept the license agreement.
    • At the Welcome to ESET Online Scanner window, click Get Started.
    • Select whether you would like to send anonymous data to ESET.
    • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
    • Click on the Full Scan option.
    • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
    • ESET will now begin scanning your computer. This may take some time.
    • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
    • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
    • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
    • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
     
  8. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    # -------------------------------
    # Malwarebytes AdwCleaner 7.3.0.0
    # -------------------------------
    # Build: 04-04-2019
    # Database: 2019-05-27.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 06-05-2019
    # Duration: 00:00:04
    # OS: Windows 7 Professional
    # Cleaned: 7
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted C:\ProgramData\AVG_UPDATE_0915AV
    Deleted C:\Users\BarkPark\AppData\Roaming\download Manager

    ***** [ Files ] *****

    Deleted C:\Users\BarkPark\Downloads\SysInfo.exe

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    Deleted C:\Windows\System32\Tasks\0915avUpdateInfo

    ***** [ Registry ] *****

    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4F11779-135F-494B-9187-1AF75DA22997}
    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4F11779-135F-494B-9187-1AF75DA22997}
    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0915avUpdateInfo

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [1853 octets] - [05/06/2019 22:42:00]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
     
  9. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    6/6/2019 9:46:12 AM
    Files scanned: 298577
    Infected files: 1
    Cleaned threats: 1
    Total scan time 02:36:23
    Scan status: Finished


    C:\Users\BarkPark\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting
     
  10. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi,

    ---------------------------------------------------
    FRST Scan
    • Double click Frst.exe/Frst64.exe to launch it.
    • FRST will start to run.
      • Press the Scan button.
      • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
     
  11. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-06-2019 01
    Ran by BarkPark (administrator) on BARK_PARK (Dell Inc. XPS 8700) (11-06-2019 21:25:37)
    Running from C:\Users\BarkPark\Downloads
    Loaded Profiles: John & BarkPark (Available Profiles: John & BarkPark & Susie & Ashton)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
    (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (Dell Inc. -> ) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
    (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistUI.exe
    (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
    (Dell Inc. -> SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
    (Dell Inc. -> SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Intel® Services Manager -> ) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    (Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
    (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2comm.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2pre.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2svc.exe
    (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToMyPC\g2tray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
    (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    (Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    (Siber Systems -> Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
    HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [309680 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
    HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell Inc -> Dell, Inc.)
    HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2771832 2012-12-07] (Intuit, Inc. -> Intuit Inc. All rights reserved.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\MountPoints2: {34e91e38-2648-11e6-85be-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\MountPoints2: {1b58da54-67d9-11e5-9cf6-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\...\MountPoints2: {34e91e38-2648-11e6-85be-003c7ff0f00a} - K:\TLBootstrap_WPP.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
    HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\Windows\system32\SRCredentialProvider.dll [2019-03-22] (Splashtop Inc. -> Splashtop Inc.)
    HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    Startup: C:\Users\BarkPark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-05-03]
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {105BD183-EDE2-4F48-A2DF-63A0D9CCBEF9} - System32\Tasks\BarkPark DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {16FBA4AE-EE7A-405D-8857-0F856494881D} - System32\Tasks\John1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {1F56DF1F-B921-4E8A-9291-DF66408EA5A6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2314008 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    Task: {2E6D87E1-8F9F-4C62-B91C-CB3799FF0454} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2018-03-19] (Siber Systems -> Siber Systems)
    Task: {42C17925-55FB-4CEE-968B-66606C9952E1} - System32\Tasks\John DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {49303771-F7E8-4E99-B35D-D3951AD5F1C4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2981808 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    Task: {76EEA41B-731D-47FE-B6B4-73AC642CA7B4} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
    Task: {82AB7494-1DD0-453A-931A-B5C38646AF87} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1952448 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {A79D1FC1-58C3-4E73-AF04-268C31F775D5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    Task: {A93260AF-8594-42F7-927B-66196B8C0BE8} - System32\Tasks\John => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    Task: {AE80B46D-CE6A-4874-A5AD-AD427E9BB1C8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    Task: {C357B75B-A69F-4BFF-B98A-702D4B20FEA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-31] (Google Inc -> Google Inc.)
    Task: {F164A754-81BE-4679-918D-1FA72DC0CA8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-31] (Google Inc -> Google Inc.)
    Task: {F4368259-DE4F-4E25-9662-9AC322797788} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{1680F0BD-E455-4133-B1BD-E9DCB9B2CF4E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{7F970F8C-35DE-4BC8-B706-F238CCAC9D36}: [DhcpNameServer] 10.13.109.99

    Internet Explorer:
    ==================
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-357705481-3834319829-2341904365-1000 -> DefaultScope {F93FADBD-C7F6-4030-A986-C07E9F4B4F40} URL =
    BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Toolbar: HKU\S-1-5-21-357705481-3834319829-2341904365-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-03-19] (Siber Systems -> Siber Systems Inc.)
    Handler-x32: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll [2015-05-02] (Intuit, Inc. -> Intuit, Inc.)
    Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: 4lbc0s6r.default
    FF ProfilePath: C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default [2019-06-11]
    FF Extension: (RoboForm Password Manager) - C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Profiles\4lbc0s6r.default\Extensions\[email protected] [2019-06-06]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-29] (Adobe Systems Incorporated -> )
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-29] (Adobe Systems Incorporated -> )
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-357705481-3834319829-2341904365-1000: @citrixonline.com/appdetectorplugin -> C:\Users\John\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-13] (Citrix Online -> Citrix Online)

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR Profile: C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default [2019-06-03]
    CHR Extension: (Slides) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-31]
    CHR Extension: (Docs) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-31]
    CHR Extension: (Google Drive) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-31]
    CHR Extension: (YouTube) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-31]
    CHR Extension: (Sheets) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-31]
    CHR Extension: (Google Docs Offline) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-31]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-31]
    CHR Extension: (Gmail) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-31]
    CHR Extension: (Chrome Media Router) - C:\Users\BarkPark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-23]

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-05-03] (Adobe Systems) [File not signed]
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
    R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [204928 2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [409280 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6893160 2019-05-28] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
    R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-06-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
    S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc. -> Dell Inc.)
    R2 GoToMyPC; C:\Program Files (x86)\GoToMyPC\g2svc.exe [1893336 2018-09-16] (LogMeIn, Inc. -> LogMeIn, Inc.)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] (Intel® Services Manager -> )
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Softland SRL -> Microsoft)
    R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-02-01] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-20] (Seagate Technology LLC -> Seagate Technology LLC)
    R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
    R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-04] (Dell Inc. -> SoftThinks SAS)
    R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-25] (Microsoft Windows -> Microsoft Corporation)
    R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Qualcomm Atheros -> Atheros) [File not signed]
    R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Qualcomm Atheros -> Atheros) [File not signed]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2811904 2012-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
    R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37160 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [207496 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [263056 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [206408 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61520 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [167920 2019-06-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112360 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1030832 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [477632 2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [225656 2019-06-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [385904 2019-05-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [68736 2012-12-27] (Qualcomm Atheros -> Atheros)
    R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-05-08] (Techporch Incorporated -> Dell Inc.)
    R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
    R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 monblanking; C:\Windows\System32\DRIVERS\monblanking.sys [47696 2018-09-16] (LogMeIn, Inc. -> LogMeIn, Inc)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation -> MCCI Corporation)
    S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-11 21:25 - 2019-06-11 21:25 - 000000000 ____D C:\Users\BarkPark\Downloads\FRST-OlderVersion
    2019-06-11 07:23 - 2019-06-11 07:23 - 000000000 ___RD C:\Users\BarkPark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2019-06-11 05:41 - 2019-06-11 05:41 - 000000000 ___RD C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2019-06-10 18:12 - 2019-06-10 18:12 - 000000000 ____D C:\Users\John\AppData\Roaming\Sony Corporation
    2019-06-10 18:06 - 2019-06-10 18:06 - 000000997 _____ C:\Users\Public\Desktop\Music Center for PC.lnk
    2019-06-10 18:06 - 2019-06-10 18:06 - 000000000 ____D C:\Users\John\AppData\Roaming\Sony
    2019-06-10 18:06 - 2019-06-10 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Center
    2019-06-10 18:05 - 2019-06-10 18:12 - 000000000 ____D C:\ProgramData\Sony Corporation
    2019-06-10 18:05 - 2019-06-10 18:05 - 000000000 ____D C:\Program Files (x86)\Sony
    2019-06-10 18:04 - 2019-06-10 18:04 - 000000000 ____D C:\Users\John\AppData\Local\Downloaded Installations
    2019-06-10 18:02 - 2019-06-10 18:02 - 111025656 _____ (Sony Home Entertainment & Sound Products Inc.) C:\Users\John\Desktop\musiccenter_setup_2.1.0.exe
    2019-06-09 10:30 - 2019-06-09 10:30 - 000001749 _____ C:\Users\Public\Desktop\iTunes.lnk
    2019-06-09 10:30 - 2019-06-09 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2019-06-09 10:30 - 2019-06-09 10:30 - 000000000 ____D C:\Program Files\iPod
    2019-06-09 10:29 - 2019-06-09 10:30 - 000000000 ____D C:\Program Files\iTunes
    2019-06-09 10:24 - 2019-06-09 10:24 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2019-06-09 10:22 - 2019-06-09 10:22 - 000000000 ____D C:\Program Files\Bonjour
    2019-06-09 10:22 - 2019-06-09 10:22 - 000000000 ____D C:\Program Files (x86)\Bonjour
    2019-06-09 10:17 - 2019-06-09 10:18 - 274864968 _____ (Apple Inc.) C:\Users\John\Desktop\iTunes64Setup.exe
    2019-06-06 09:46 - 2019-06-06 09:46 - 000000544 _____ C:\Users\BarkPark\Desktop\eset.txt
    2019-06-05 23:38 - 2019-06-05 23:38 - 000000000 _____ C:\Users\BarkPark\Desktop\New Text Document.txt
    2019-06-05 23:33 - 2019-06-07 05:22 - 000000000 ____D C:\Users\BarkPark\AppData\Local\ESET
    2019-06-05 23:33 - 2019-06-05 23:33 - 000000794 _____ C:\Users\BarkPark\Desktop\ESET Online Scanner.lnk
    2019-06-05 23:32 - 2019-06-05 23:33 - 007969304 _____ (ESET spol. s r.o.) C:\Users\BarkPark\Downloads\esetonlinescanner_enu.exe
    2019-06-05 22:40 - 2019-06-05 22:46 - 000000000 ____D C:\AdwCleaner
    2019-06-04 16:21 - 2019-06-04 16:21 - 000000000 ____D C:\Users\BarkPark\AppData\Local\mbamtray
    2019-06-04 16:20 - 2019-06-04 16:20 - 007025360 _____ (Malwarebytes) C:\Users\BarkPark\Downloads\adwcleaner_7.3.exe
    2019-06-04 16:19 - 2019-06-04 16:19 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-06-04 16:19 - 2019-06-04 16:19 - 000000000 ____D C:\Program Files\Malwarebytes
    2019-06-04 16:18 - 2019-06-04 16:18 - 063182216 _____ (Malwarebytes ) C:\Users\BarkPark\Downloads\mb3-setup-43841.43841-3.7.1.2839-1.0.586-1.0.10430.exe
    2019-06-03 20:39 - 2019-06-03 20:42 - 000009687 _____ C:\Users\BarkPark\Downloads\Fixlog.txt
    2019-06-02 16:04 - 2019-06-02 16:04 - 000002121 _____ C:\Users\Public\Desktop\SupportAssist.lnk
    2019-06-02 13:41 - 2019-06-02 13:44 - 000037770 _____ C:\Users\BarkPark\Downloads\Addition.txt
    2019-06-02 13:38 - 2019-06-11 21:27 - 000034463 _____ C:\Users\BarkPark\Downloads\FRST.txt
    2019-06-02 13:38 - 2019-06-11 21:25 - 000000000 ____D C:\FRST
    2019-06-02 13:23 - 2019-06-11 21:25 - 002418688 _____ (Farbar) C:\Users\BarkPark\Downloads\FRST64.exe
    2019-06-02 12:21 - 2019-06-02 12:21 - 003506622 _____ C:\Users\BarkPark\Downloads\CalCheck_2.6.0_x64.zip
    2019-06-01 05:23 - 2019-06-01 05:24 - 000283944 _____ C:\Windows\Minidump\060119-17019-01.dmp
    2019-05-28 21:04 - 2019-05-28 21:04 - 000000000 ____D C:\Users\BarkPark\AppData\Local\Splashtop
    2019-05-28 21:02 - 2019-05-28 21:03 - 000000000 ____D C:\ProgramData\Splashtop
    2019-05-28 21:02 - 2019-05-28 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
    2019-05-28 21:02 - 2019-05-28 21:02 - 000000000 ____D C:\Program Files (x86)\Splashtop
    2019-05-28 21:02 - 2019-03-22 12:16 - 000310704 _____ (Splashtop Inc.) C:\Windows\system32\SRCredentialProvider.dll
    2019-05-28 21:00 - 2019-05-28 21:00 - 031009136 _____ (Splashtop Inc.) C:\Users\BarkPark\Downloads\Splashtop_Streamer_Windows_DEPLOY_INSTALLER_v3.3.0.2_3WZ42XHZ3HSP.exe
    2019-05-27 05:39 - 2019-05-27 05:39 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
    2019-05-22 05:56 - 2019-06-07 05:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2019-05-14 19:27 - 2019-05-14 19:28 - 000461584 _____ C:\Windows\Minidump\051419-29499-01.dmp

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-11 21:27 - 2015-05-03 08:12 - 000000000 ____D C:\Users\BarkPark\Documents\Outlookdata
    2019-06-11 21:23 - 2016-11-20 09:22 - 000000000 ____D C:\Users\BarkPark\AppData\LocalLow\Mozilla
    2019-06-11 07:23 - 2015-05-04 16:38 - 000000000 ____D C:\Users\John\Documents\Outlookdata
    2019-06-11 07:23 - 2015-04-30 19:43 - 000000000 ____D C:\Users\BarkPark\Documents\Bluetooth Folder
    2019-06-11 07:03 - 2016-11-20 09:02 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
    2019-06-11 06:03 - 2009-07-14 00:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2019-06-11 06:03 - 2009-07-14 00:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2019-06-11 05:51 - 2014-06-25 10:43 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2019-06-11 05:44 - 2017-04-04 07:59 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
    2019-06-11 05:40 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2019-06-10 22:04 - 2015-05-28 23:33 - 000000000 ____D C:\Users\John\AppData\Local\CrashDumps
    2019-06-10 15:59 - 2009-07-14 01:13 - 000787758 _____ C:\Windows\system32\PerfStringBackup.INI
    2019-06-10 15:59 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
    2019-06-10 06:19 - 2018-06-23 08:41 - 000000000 ____D C:\Users\John\Desktop\Camera June 21 18
    2019-06-09 10:24 - 2015-05-10 14:55 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2019-06-09 05:09 - 2015-04-30 19:26 - 000000000 ____D C:\Users\John\Documents\Bluetooth Folder
    2019-06-07 05:22 - 2015-04-30 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-06-06 09:40 - 2017-04-04 07:59 - 000167920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
    2019-06-03 05:35 - 2017-04-04 07:59 - 000225656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
    2019-06-03 05:29 - 2014-06-25 10:41 - 000000000 ____D C:\ProgramData\PCDr
    2019-06-03 05:26 - 2015-04-30 19:24 - 000094096 _____ C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
    2019-06-03 05:23 - 2009-07-14 00:45 - 000351288 _____ C:\Windows\system32\FNTCACHE.DAT
    2019-06-02 18:00 - 2015-04-30 19:44 - 000094096 _____ C:\Users\BarkPark\AppData\Local\GDIPFONTCACHEV1.DAT
    2019-06-02 16:04 - 2014-06-25 10:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
    2019-06-02 16:03 - 2017-06-25 11:10 - 000000000 ____D C:\ProgramData\SupportAssist
    2019-06-02 13:37 - 2018-09-05 22:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
    2019-06-02 13:37 - 2018-08-31 05:48 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-06-02 13:37 - 2018-08-31 05:48 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-06-02 13:37 - 2018-06-23 09:12 - 000003702 _____ C:\Windows\System32\Tasks\John1
    2019-06-02 13:37 - 2018-05-09 09:14 - 000004202 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2019-06-02 13:37 - 2017-06-20 07:56 - 000003508 _____ C:\Windows\System32\Tasks\BarkPark DBAgent 2 0
    2019-06-02 13:37 - 2017-05-13 16:20 - 000003700 _____ C:\Windows\System32\Tasks\John
    2019-06-02 13:37 - 2017-05-13 16:17 - 000003492 _____ C:\Windows\System32\Tasks\John DBAgent 2 0
    2019-06-02 13:37 - 2017-05-13 16:16 - 000003504 _____ C:\Windows\System32\Tasks\Seagate_Install_Launch
    2019-06-02 13:37 - 2016-03-29 15:48 - 000003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2019-06-02 13:37 - 2015-08-30 08:48 - 000003708 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
    2019-06-02 13:37 - 2014-06-25 10:34 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
    2019-06-02 13:37 - 2014-06-25 10:34 - 000003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
    2019-06-01 09:32 - 2015-05-03 16:33 - 000013076 _____ C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).CAL
    2019-06-01 05:23 - 2015-05-08 08:29 - 593874749 _____ C:\Windows\MEMORY.DMP
    2019-06-01 05:23 - 2015-05-08 08:29 - 000000000 ____D C:\Windows\Minidump
    2019-05-30 05:12 - 2017-04-04 07:59 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
    2019-05-27 05:39 - 2018-10-20 13:36 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000477632 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
    2019-05-27 05:39 - 2017-04-04 07:59 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
    2019-05-27 05:38 - 2019-01-05 10:25 - 000037160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
    2019-05-27 05:38 - 2017-11-27 06:16 - 000207496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
    2019-05-27 05:38 - 2017-04-04 07:59 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
    2019-05-27 05:37 - 2019-01-14 16:10 - 000263056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
    2019-05-27 05:37 - 2019-01-05 10:25 - 000206408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
    2019-05-27 05:37 - 2019-01-05 10:25 - 000061520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
    2019-05-23 22:56 - 2017-09-22 20:34 - 000000370 _____ C:\Windows\SysWOW64\SmartFlow.txt
    2019-05-23 22:50 - 2018-07-23 22:50 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
    2019-05-21 16:20 - 2018-08-31 05:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-05-21 16:20 - 2018-08-31 05:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-05-18 20:53 - 2015-05-01 00:19 - 000000000 ____D C:\Users\Susie\Documents\Bluetooth Folder
    2019-05-18 20:52 - 2018-11-12 12:56 - 000000000 ____D C:\Users\Susie\AppData\LocalLow\Mozilla
    2019-05-18 16:55 - 2015-05-01 16:20 - 000094096 _____ C:\Users\Susie\AppData\Local\GDIPFONTCACHEV1.DAT

    ==================== Files in the root of some directories ================

    2015-05-03 16:33 - 2019-06-01 09:32 - 000013076 _____ () C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).CAL
    2018-07-31 15:52 - 2019-02-28 17:50 - 000009435 _____ () C:\Users\BarkPark\AppData\Roaming\Comma Separated Values (Windows).EML
    2016-11-28 20:29 - 2017-05-23 15:45 - 000007606 _____ () C:\Users\BarkPark\AppData\Local\Resmon.ResmonCfg

    ==================== FLock ================

    2014-06-25 14:07 C:\System Recovery
    2019-06-10 18:05 C:\System Volume Information
    2014-06-25 12:17 C:\Windows\CSC

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)


    LastRegBack: 2019-06-02 00:42
    ==================== End of FRST.txt ============================
     
  12. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2019 01
    Ran by BarkPark (11-06-2019 21:27:50)
    Running from C:\Users\BarkPark\Downloads
    Windows 7 Professional Service Pack 1 (X64) (2015-04-30 23:23:48)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-357705481-3834319829-2341904365-500 - Administrator - Disabled)
    Ashton (S-1-5-21-357705481-3834319829-2341904365-1003 - Administrator - Enabled) => C:\Users\Ashton
    BarkPark (S-1-5-21-357705481-3834319829-2341904365-1001 - Administrator - Enabled) => C:\Users\BarkPark
    Guest (S-1-5-21-357705481-3834319829-2341904365-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-357705481-3834319829-2341904365-1007 - Limited - Enabled)
    John (S-1-5-21-357705481-3834319829-2341904365-1000 - Administrator - Enabled) => C:\Users\John
    Susie (S-1-5-21-357705481-3834319829-2341904365-1002 - Administrator - Enabled) => C:\Users\Susie

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    01 Transaction Pro Importer 4.0 (HKLM-x32\...\01 Transaction Pro Importer 4.0) (Version: 4.0.10 - Baystate Consulting (781) 932-1133)
    Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
    Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
    Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
    Adobe Reader XI (11.0.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
    Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
    Atheros Outlook Addin 2010 (HKU\S-1-5-21-357705481-3834319829-2341904365-1000\...\D9918D4858F5B722A4667B7989E1983A8FCC0462) (Version: 1.0.0.0 - Microsoft)
    AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.5.3093 - AVG Technologies)
    Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
    Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
    Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
    Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
    Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
    Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
    Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
    GoTo Opener (HKLM-x32\...\{D144D2C2-4F96-48B7-BB2A-E9185050B619}) (Version: 1.0.491 - LogMeIn, Inc.)
    GoToMyPC (HKLM\...\{92C11758-A413-42AA-B0C8-30ED9F99719B}) (Version: 10.1.2329 - LogMeIn, Inc.)
    GoToMyPC Print Assistant (HKLM\...\{57414DD3-55A7-4D2E-916F-2F1407AABE91}) (Version: 8.6.942 - Softland)
    Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 67.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0.1 (x64 en-US)) (Version: 67.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.1.7088 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Music Center for PC (HKLM-x32\...\{D5344456-90D0-409F-AF67-CCE2BD4C4592}) (Version: 2.1.0.01472 - Sony Home Entertainment & Sound Products Inc.)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    novaPDF 8 Printer Driver (HKLM\...\{1A9E9E77-B29B-47C6-ADEB-9E7D6F7A08CE}) (Version: 8.6.942 - Softland)
    Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
    QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
    QuickBooks (HKLM-x32\...\{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}) (Version: 20.0.4017.807 - Intuit Inc.) Hidden
    QuickBooks Pro 2010 (HKLM-x32\...\{0700E22B-A422-40A5-BD20-04BF618CA0F9}) (Version: 20.0.4017.807 - Intuit Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
    Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
    RoboForm 8-4-7-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-4-7-7 - Siber Systems)
    Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.9.2.0 - Seagate)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.3.0.2 - Splashtop Inc.)
    VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.DLL [2014-03-12] (SoftThinks -> )
    ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.DLL [2014-03-12] (SoftThinks -> )
    ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-12-27] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-01-07] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-05-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
    WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
    WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

    ==================== Loaded Modules (Whitelisted) ==============

    2015-05-04 17:56 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
    2015-05-04 17:56 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
    2014-06-25 10:36 - 2012-12-27 06:05 - 000439296 ____N (Atheros) [File not signed] C:\Windows\system32\athihvs.dll
    2015-05-04 17:56 - 2013-06-12 19:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
    2015-05-04 17:56 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
    2015-05-04 17:56 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
    2015-05-04 17:56 - 2014-05-22 13:50 - 004513792 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    2015-05-04 17:56 - 2013-10-10 21:55 - 002040320 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
    2015-05-04 17:56 - 2013-09-25 15:35 - 000282112 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    2015-05-04 17:56 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
    2015-05-04 17:56 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
    2015-05-04 17:56 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
    2015-05-04 17:56 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
    2015-05-04 17:56 - 2014-06-16 15:59 - 001537536 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    2015-05-04 17:56 - 2014-06-16 16:02 - 000579584 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    2015-05-04 17:56 - 2013-03-08 02:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
    2014-06-25 10:35 - 2013-04-26 11:40 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
    2013-02-06 15:11 - 2013-02-06 15:11 - 000503296 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
    2013-02-06 15:11 - 2013-02-06 15:11 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
    2013-02-01 19:20 - 2013-02-01 19:20 - 000032768 _____ (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\CFScan.dll
    2013-02-01 18:27 - 2013-02-01 18:27 - 000045056 _____ (Intuit) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    2017-04-21 13:24 - 2017-04-21 13:24 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    2017-04-21 13:26 - 2017-04-21 13:26 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    2014-06-25 10:34 - 2014-06-25 10:34 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
    2012-12-27 22:32 - 2012-12-27 22:32 - 000204928 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
    2012-12-27 22:32 - 2012-12-27 22:32 - 000801920 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
    2012-12-27 22:32 - 2012-12-27 22:32 - 000054400 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
    2012-12-27 22:32 - 2012-12-27 22:32 - 000020608 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athr_debug.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000041088 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BPP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000045696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BTBIP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 001023104 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
    2012-12-27 22:33 - 2012-12-27 22:33 - 000516736 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\filetransfer.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000085632 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GattI.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000099968 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\gatts.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000106624 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\GOEP.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000083072 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Handsfree.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000093824 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\L2capLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000311936 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ObjPush.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 004933248 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\OutLookLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000074368 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\PhoneBook.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000065664 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\RfcommLib.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000109696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\sesmgr.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000042112 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\sim.DLL
    2012-12-27 22:33 - 2012-12-27 22:33 - 000130176 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\skypeagent.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000061568 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Sync.dll
    2012-12-27 22:33 - 2012-12-27 22:33 - 000030848 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.DLL
    2014-06-25 10:39 - 2012-12-26 02:41 - 000081536 ____N (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
    2012-12-27 22:33 - 2012-12-27 22:33 - 000327296 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
    2013-08-19 11:07 - 2013-08-19 11:07 - 000883200 _____ (Seagate Technology LLC) [File not signed] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBRes_en-US.nls
    2016-06-17 12:38 - 2016-06-17 12:38 - 000018944 _____ (Softland) [File not signed] C:\Windows\System32\novamn8.dll
    2009-02-19 12:15 - 2009-02-19 12:15 - 000643072 _____ (STLport Consulting, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\stlport_r50.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2018-12-03 10:53 - 000000858 _____ C:\Windows\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files (x86)\Common Files\Adobe\AGL
    HKU\S-1-5-21-357705481-3834319829-2341904365-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    HKU\S-1-5-21-357705481-3834319829-2341904365-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\BarkPark\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
    DNS Servers: 75.75.75.75 - 75.75.76.76
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: DellUpdate => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: McComponentHostService => 3
    MSCONFIG\Services: Seagate MobileBackup Service => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: SupportAssistAgent => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [{BA4159D9-EC5E-4FB4-87CD-C40A1CBD615A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{34EDD164-D110-4798-B87F-35CF4C459CE8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{99079E98-B566-47FF-B590-18666E85C5F1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
    FirewallRules: [{C5B3FD22-CC0A-4AC1-8647-657DB2A47EC4}] => (Allow) LPort=54925
    FirewallRules: [TCP Query User{3F02E5C1-060F-43FF-8F24-F425478D0084}C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe] => (Allow) C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe No File
    FirewallRules: [UDP Query User{A4225E7C-84A0-4E71-B7A8-E5342EEEF56A}C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe] => (Allow) C:\users\john\appdata\local\temp\g2_1611\g2viewer.exe No File
    FirewallRules: [{1633A39B-E892-4970-8D22-2C5CC6894A6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{A3FDB294-136E-4180-BEA9-D4B6A57908DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{B69C2180-2E51-464D-9CC7-562BAC939F20}] => (Allow) LPort=8888
    FirewallRules: [TCP Query User{0C428F6E-C78B-4421-B28E-5B08E55AB009}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
    FirewallRules: [UDP Query User{F83AC28F-429A-49B0-8149-7BE79DB505B7}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
    FirewallRules: [{CB6714A2-B92A-463E-B11C-0CAAD1CC0237}] => (Allow) LPort=8888
    FirewallRules: [{B73F44B0-0735-42E8-B8D6-798F024EA176}] => (Allow) LPort=8501
    FirewallRules: [{372243A9-90E6-4E9A-87D8-FD5782FAE5BC}] => (Allow) LPort=8501
    FirewallRules: [{A13E8D4B-12EE-434F-8CA0-A1DD46711AFB}] => (Allow) C:\Users\Susie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{FAC7E923-628C-4C5C-B5AA-A0DE07FA1C6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
    FirewallRules: [{4DB18B26-3FB5-48B5-A2FC-CAE47726BA2C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{4635B52C-7032-47A0-8D73-68C6E6D4BBD2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{32F193DB-4A7D-45A2-A0E8-B12FB97E8D4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{70B9BD3D-A969-4A97-83D5-249470132A55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{7BE62C0C-71CA-43E0-85CA-1086AAC59E78}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{F3EC716E-EFE6-44CA-B1F8-26F0A05BDB0C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{E1A33B0A-259B-47CA-A132-7FF87B1D2468}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)

    ==================== Restore Points =========================

    03-06-2019 20:39:37 Restore Point Created by FRST
    09-06-2019 10:25:03 Installed iTunes
    10-06-2019 18:04:41 Installed Music Center for PC.

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/11/2019 09:05:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

    Error: (06/11/2019 08:59:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).

    Error: (06/11/2019 06:18:16 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/11 06:18:16.088]: [00008376]: Initialize TwdsMain Class failed!

    Error: (06/11/2019 06:18:16 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/11 06:18:16.088]: [00008376]: ##### Fatal ERROR!! Create STI-device failed! #####

    Error: (06/11/2019 06:13:02 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/11 06:13:02.653]: [00009056]: Initialize TwdsMain Class failed!

    Error: (06/11/2019 06:13:02 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
    Description: TWN BrtTWN: [2019/06/11 06:13:02.653]: [00009056]: ##### Fatal ERROR!! Create STI-device failed! #####

    Error: (06/11/2019 05:42:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (06/11/2019 01:13:36 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
    Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).


    System errors:
    =============
    Error: (06/11/2019 05:40:06 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 1:25:23 AM on ‎6/‎11/‎2019 was unexpected.

    Error: (06/10/2019 08:47:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:47:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:47:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:47:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:46:45 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:46:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.

    Error: (06/10/2019 08:46:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 80.


    CodeIntegrity:
    ===================================

    Date: 2017-08-09 21:40:42.158
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2017-07-09 14:04:27.121
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-07-24 09:30:58.614
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2016-07-24 09:30:58.453
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-10-20 19:18:59.258
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-10-20 19:18:59.082
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    BIOS: Dell Inc. A08 04/16/2014
    Motherboard: Dell Inc. 0KWVT8
    Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
    Percentage of memory in use: 73%
    Total physical RAM: 8133.75 MB
    Available physical RAM: 2156.22 MB
    Total Virtual: 16265.68 MB
    Available Virtual: 9294.3 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:907.74 GB) (Free:377.65 GB) NTFS
    Drive i: (WALKMAN) (Removable) (Total:14.24 GB) (Free:13.66 GB) FAT32

    \\?\Volume{2afb943c-fc84-11e3-a130-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:23.73 GB) (Free:13.16 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 3880BC0D)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=23.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=907.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 5 (MBR Code: Windows XP) (Size: 14.3 GB) (Disk ID: 0049C3BC)
    Partition 1: (Not Active) - (Size=14.3 GB) - (Type=0C)

    ==================== End of Addition.txt ============================
     
  13. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi,

    How is the computer doing?
     
  14. susb8383

    susb8383 Thread Starter

    Joined:
    Apr 22, 2011
    Messages:
    121
    Sorry, didn't realize that was it.

    So can you tell me if I had a virus that we fixed? And if that would have caused my original problem? I'm trying to figure out if I have a hard drive that's starting to fail in which case I should get a new computer before I can't recover my files or if it was caused by a virus and won't happen again.

    Thanks.
     
  15. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    492
    Hi,

    It appears that the issue is not caused by malware. You can run GSmartControl to test your hard drive for issues:


    Please download gsmartcontrol and save it to your Desktop.
    • Extract gsmartcontrol-0.8.7-win32.zip to a folder, double-click on gsmartcontrol.exe
    • A list of hard drives will appear, single-click each disk to see Drive Information and identify your drive
      note: most machines will only have one or two entries, but an easy way to identify your drive is by its size.
    • Double-click on the hard drive to see detailed Device Information
    • Click on the Attributes tab, do you see any red or pink entries like the ones below? Please list the names in your next reply if there are any.
      [​IMG]
    • Click on the Perform Tests tab
    • Select Extended Self-Test and click Execute
      note: this test can take several hours to run
    • Allow the test to complete, the results will be displayed at the bottom
    • Please post the result of the scan in your next reply
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1227807

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice