Hi, thank you for taking the time to read my thread.
This all started because I received warning messages to say AVG and Windows Defender were off, although after many attempts at trying to to start them, I failed.
Therefore I tried to run SFC/Scannow, also DISM.../RestoreHealth, although both failed. Scannow reported unable to correct corrupt files, DSIM said unknown.
I have very limited knowledge of computers, so thought it best to speak to you guys. TIA.
Here are the .Txt files that I've been instructed to copy and paste:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Richard (administrator) on RICHARD (ASUSTeK COMPUTER INC. X550CA) (26-02-2021 06:41:05)
Running from C:\Users\Richard\Downloads
Loaded Profiles: Richard
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Paretologic Inc -> Digital Care Solutions (ParetoLogic)) C:\Program Files\BDServices\BitDefenderCOM.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [164608 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3636496 2020-03-06] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\KODAK EASYSHARE All-in-One Printer: C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll [261632 2012-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Print\Monitors\KODAK EASYSHARE All-in-One Printer: C:\WINDOWS\system32\EKIJ5000MON.dll [805376 2012-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E3A5D45-B299-4F4F-963D-96639B163AD6} - System32\Tasks\Software Updater SkipUAC(Richard) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {20D07301-0754-4D98-9023-33A6B22B9883} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\ASC_PerformanceMonitor" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\ASC_SkipUac_Richard" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-3411107159-1070077873-1841525149-1001" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\RtHDVBg" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\SmartDefrag_AutoAnalyze" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\SmartDefrag_Startup" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\SmartDefrag_Update" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Software Updater Scheduler" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Software Updater SkipUAC(Richard)" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\SU_AutoUpdate" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Uninstaller_SkipUac_Richard" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{98C8926F-187D-4723-A2B6-6CFA634D385A}" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\{65C3D43E-E5A3-481D-9352-126F2DD99808}" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {3C893D5A-8C9A-4B15-8D4D-2BD4B1C8B9D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {47DF9810-F6A2-4B0C-98E4-B70A28CABDF8} - System32\Tasks\{65C3D43E-E5A3-481D-9352-126F2DD99808} => C:\WINDOWS\system32\pcalua.exe -a C:\ProgramData\Kodak\Installer\Setup.exe -c /Web /x "{E0F274B7-592B-4669-8FB8-8D9825A09858}" CompanyName="Eastman Kodak Company" /code "2057"
Task: {5E415433-D5BC-414B-8985-44515AAE6A19} - System32\Tasks\Uninstaller_SkipUac_Richard => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {644370C0-0F78-4799-A741-525E9EFC74C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-23] (Google Inc -> Google Inc.)
Task: {73DF959D-C868-4F23-A973-6E80B6A277E2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {77D7B2E9-D157-4B75-849F-912D477BF1DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7FC8E34B-BC3E-41EE-A1EC-178912E8316B} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit)
Task: {8D939978-1C04-4261-9087-B58A7E403F0B} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {90CE6F7A-00B7-4C2A-A75F-69B1D9DD7BB3} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3183888 2020-03-10] (IObit Information Technology -> IObit)
Task: {ABA02E02-29A2-4267-93DF-7A1C4915F156} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3007760 2019-04-24] (IObit Information Technology -> IObit)
Task: {AD41904C-680D-4370-804D-82A489C025B7} - System32\Tasks\ASC_SkipUac_Richard => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8876816 2020-03-11] (IObit Information Technology -> IObit)
Task: {B5DFDE52-BF65-47ED-A482-EC4E67E51CF6} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B64A8C00-976B-4EE5-AD87-2FE13DBDF8B6} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5849872 2019-07-05] (IObit Information Technology -> IObit)
Task: {C1D26FC8-180C-4AE7-9F10-9D30933380A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {DB5AFBF8-22CC-445E-B842-BB00C6859B44} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {DFF09F86-325E-46CA-AE44-FB7F23C8B2EA} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {E4E84066-6172-43A6-A9F7-6540948D5DA2} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit)
Task: {FB4B7999-9C47-4041-973F-5BC9E1CD750E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-23] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\SparkTrust Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79D1DE68-56FB-4F72-B5E0-FB918DAD2B4C}: [DhcpNameServer] 10.0.0.243
Tcpip\..\Interfaces\{CA17CCC0-C1E3-4678-A9C4-A38235A3F540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D33B41AE-F5DB-42CB-8859-CC313193AC99}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-26]
CHR DownloadDir: C:\Users\Richard\Downloads
CHR Notifications: Default -> hxxps://pirateproxy.cc; hxxps://thepiratebay.org; hxxps://www.electriciansforums.net; hxxps://www.facebook.com; hxxps://www.junglescout.com; hxxps://www.wakeupuk.net; hxxps://www.wish.com
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={013DF0A8-A4BC-4DD5-B565-06D763B93533}&mid=8743dd459dca47d29dc96da73dc8933a-3c5e627b1624c73ab826fb50cd5d9c87c5579247&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-16 09:28:15&v=17.3.1.91&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (DuckDuckGo) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-01-09]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-05]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-23]
CHR Extension: (Honey) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-02-18]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1290000 2019-12-27] (IObit Information Technology -> IObit)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622184 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [353024 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7926328 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1038328 2017-08-09] (Paretologic Inc -> Digital Care Solutions (ParetoLogic))
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-03-22] (Brother Industries, Ltd.) [File not signed]
S3 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
S4 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1900032 2020-09-04] () [File not signed]
S4 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4433920 2020-09-04] () [File not signed]
R2 scan; C:\Program Files\BDServices\scan.dll [652568 2017-08-09] (Bitdefender SRL -> Bitdefender)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2020-12-18] (Microsoft) [File not signed]
S2 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2020-12-18] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileControl.sys [22440 2019-07-02] (IObit Information Technology -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [27528 2019-07-15] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [28064 2019-07-15] (IObit CO., LTD -> IObit)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4318648 2020-01-04] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-11-01] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208176 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [357400 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [249368 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [98840 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175368 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521472 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [465800 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-02-26] (CPUID -> CPUID)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-10-30] (Martin Malik - REALiX -> REALiX(tm))
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-12-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 tap-pia-0901; C:\WINDOWS\system32\DRIVERS\tap-pia-0901.sys [30720 2020-01-16] (Private Internet Access (London Trust Media Incorporated) -> The OpenVPN Project)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 06:41 - 2021-02-26 06:42 - 000024863 _____ C:\Users\Richard\Downloads\FRST.txt
2021-02-26 06:40 - 2021-02-26 06:41 - 000000000 ____D C:\FRST
2021-02-26 06:39 - 2021-02-26 06:39 - 002301440 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2021-02-26 06:37 - 2021-02-26 06:37 - 002781052 _____ C:\Users\Richard\Downloads\Speccy x64 portable.zip
2021-02-26 06:07 - 2021-02-26 06:16 - 000000000 ____D C:\Users\Richard\Documents\SysnativeFileCollectionApp
2021-02-26 06:07 - 2021-02-26 06:07 - 000175952 _____ (Sysnative) C:\Users\Richard\Downloads\SysnativeBSODCollectionApp.exe
2021-02-26 05:22 - 2021-02-26 05:22 - 000000017 _____ C:\Users\Richard\AppData\Local\resmon.resmoncfg
2021-02-26 00:30 - 2021-02-26 00:30 - 000288032 _____ C:\WINDOWS\Minidump\022621-39015-01.dmp
2021-02-26 00:22 - 2021-02-26 00:30 - 619322642 _____ C:\WINDOWS\MEMORY.DMP
2021-02-26 00:22 - 2021-02-26 00:22 - 000288032 _____ C:\WINDOWS\Minidump\022621-39781-01.dmp
2021-02-26 00:05 - 2021-02-26 00:06 - 000288032 _____ C:\WINDOWS\Minidump\022621-59750-01.dmp
2021-02-25 23:54 - 2021-02-25 23:54 - 098435072 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 006205440 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000425984 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000024576 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2021-02-23 23:13 - 2021-02-23 23:13 - 000175368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-02-23 01:53 - 2021-02-23 01:53 - 000319254 _____ C:\Users\Richard\Downloads\Untitled_Message (3).zip
2021-02-23 01:53 - 2021-02-23 01:53 - 000000000 ____D C:\Users\Richard\Downloads\Untitled_Message (3)
2021-02-23 01:44 - 2021-02-23 01:45 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message (2).zip
2021-02-23 01:38 - 2021-02-23 01:38 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message.zip
2021-02-23 01:38 - 2021-02-23 01:38 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message (1).zip
2021-02-21 09:56 - 2021-02-21 09:57 - 000288032 _____ C:\WINDOWS\Minidump\022121-41500-01.dmp
2021-02-21 08:41 - 2021-02-21 08:42 - 015970496 _____ (IObit ) C:\Users\Richard\Downloads\smart-defrag-setup.exe
2021-02-20 03:36 - 2021-02-20 03:36 - 000095903 _____ C:\Users\Richard\Downloads\Tracked_Returns_label_DA088912438GB.pdf
2021-02-18 22:28 - 2021-02-26 00:10 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak1
2021-02-18 19:36 - 2021-02-25 17:03 - 000004162 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-18 19:36 - 2021-02-18 19:36 - 000465800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000521472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000357400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-02-18 19:35 - 2021-02-18 19:35 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000249368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000208176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000098840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-02-17 11:26 - 2021-02-17 11:26 - 000000964 _____ C:\ProgramData\Desktop\Brother iPrint&Scan.lnk
2021-02-17 08:04 - 2021-02-17 09:13 - 025559040 _____ C:\Users\Richard\Downloads\Win8.1_English_x64.iso
2021-02-16 22:09 - 2021-02-16 22:09 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2021-02-16 19:26 - 2021-02-16 19:26 - 000288032 _____ C:\WINDOWS\Minidump\021621-45015-01.dmp
2021-02-16 19:09 - 2021-02-16 19:09 - 000288032 _____ C:\WINDOWS\Minidump\021621-37656-01.dmp
2021-02-16 19:01 - 2021-02-16 19:02 - 000288344 _____ C:\WINDOWS\Minidump\021621-37812-01.dmp
2021-02-16 16:47 - 2021-02-16 16:48 - 000288032 _____ C:\WINDOWS\Minidump\021621-46406-01.dmp
2021-02-16 16:43 - 2021-02-16 16:43 - 000288032 _____ C:\WINDOWS\Minidump\021621-42000-01.dmp
2021-02-16 01:07 - 2021-02-16 01:08 - 000288032 _____ C:\WINDOWS\Minidump\021621-43968-01.dmp
2021-02-16 00:51 - 2021-02-16 00:51 - 000288032 _____ C:\WINDOWS\Minidump\021621-44796-01.dmp
2021-02-14 11:18 - 2021-02-14 11:18 - 001578036 _____ C:\Users\Richard\Desktop\Vaccine_n.mp4
2021-02-13 15:18 - 2021-02-13 15:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-13 02:50 - 2021-02-13 02:50 - 000288032 _____ C:\WINDOWS\Minidump\021321-51406-01.dmp
2021-02-10 12:43 - 2021-01-12 06:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-10 12:43 - 2021-01-12 05:46 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-02-10 12:43 - 2021-01-12 05:44 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-10 12:43 - 2021-01-12 05:31 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-02-09 16:53 - 2021-02-25 17:03 - 000003370 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate
2021-02-09 16:53 - 2021-02-25 17:03 - 000003088 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler
2021-02-09 16:53 - 2021-02-25 17:03 - 000002844 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(Richard)
2021-02-09 16:53 - 2021-02-09 16:54 - 000002146 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2021-02-09 16:53 - 2021-02-09 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2021-02-09 07:53 - 2021-02-16 16:08 - 011636936 _____ C:\Users\Richard\Downloads\MB-SupportTool.exe
2021-02-09 07:53 - 2021-02-13 15:11 - 002297344 _____ (Farbar) C:\Users\Richard\Downloads\FRSTEnglish.exe
2021-02-09 03:11 - 2021-02-09 03:11 - 000000000 __SHD C:\found.001
2021-02-08 21:06 - 2021-02-08 21:06 - 000002172 _____ C:\ProgramData\Desktop\Google Earth.lnk
2021-02-08 21:06 - 2021-02-08 21:06 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Google
2021-02-08 21:06 - 2021-02-08 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2021-02-08 21:05 - 2021-02-08 21:05 - 030589432 _____ C:\Users\Richard\Downloads\googleearthwin.exe
2021-02-08 08:45 - 2021-02-08 08:45 - 000288032 _____ C:\WINDOWS\Minidump\020821-47187-01.dmp
2021-02-08 08:39 - 2021-02-08 08:39 - 000288344 _____ C:\WINDOWS\Minidump\020821-45875-01.dmp
2021-02-08 07:17 - 2021-02-08 07:17 - 000288032 _____ C:\WINDOWS\Minidump\020821-36906-01.dmp
2021-02-08 07:14 - 2021-02-08 07:14 - 000288032 _____ C:\WINDOWS\Minidump\020821-33203-01.dmp
2021-02-08 07:08 - 2021-02-08 07:08 - 000288344 _____ C:\WINDOWS\Minidump\020821-33281-01.dmp
2021-02-06 16:55 - 2021-02-17 06:00 - 000000000 _____ C:\Recovery.txt
2021-02-06 08:35 - 2021-02-06 08:35 - 000000000 __SHD C:\found.000
2021-02-05 09:39 - 2021-02-05 09:39 - 000096940 _____ C:\Users\Richard\Downloads\Three Peaks Walk.mmo
2021-02-05 09:39 - 2021-02-05 09:39 - 000009868 _____ C:\Users\Richard\Downloads\Three Peaks Walk.gpx
2021-02-03 10:12 - 2021-02-03 10:12 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup.exe
2021-02-03 05:03 - 2021-02-03 05:03 - 000000274 _____ C:\Users\Richard\Downloads\Untitled Project.kml
2021-02-03 04:59 - 2021-02-03 04:59 - 000080288 _____ C:\Users\Richard\Desktop\Google Earth.html
2021-02-03 04:59 - 2021-02-03 04:59 - 000000000 ____D C:\Users\Richard\Desktop\Google Earth_files
2021-01-29 16:16 - 2021-01-29 16:16 - 000288032 _____ C:\WINDOWS\Minidump\012921-47890-01.dmp
2021-01-29 11:57 - 2021-01-29 11:57 - 000001968 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2021-01-29 11:57 - 2021-01-29 11:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\AVG
2021-01-29 11:57 - 2021-01-29 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2021-01-29 11:52 - 2021-01-29 11:52 - 000000000 ____D C:\Program Files\AVG
2021-01-29 11:51 - 2021-01-29 11:51 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup (2).exe
2021-01-29 09:28 - 2021-01-29 09:28 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup (1).exe
2021-01-29 09:27 - 2021-01-29 09:27 - 000000000 ____D C:\Users\Richard\Documents\TotalAV
2021-01-29 09:24 - 2021-01-29 09:24 - 000000000 ____D C:\Users\Richard\AppData\Local\GUI.Win
2021-01-29 09:24 - 2021-01-29 09:24 - 000000000 ____D C:\ProgramData\SecuritySuite
2021-01-29 09:23 - 2021-01-29 16:16 - 000000000 ____D C:\ProgramData\TotalAV
2021-01-29 09:23 - 2021-01-29 16:16 - 000000000 ____D C:\Program Files (x86)\TotalAV
2021-01-29 07:20 - 2021-01-29 09:23 - 054108544 _____ C:\Users\Richard\Downloads\TotalAV_Setup.exe
2021-01-29 06:37 - 2021-01-29 06:36 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-01-29 06:14 - 2021-01-29 06:14 - 014191056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avgclear.exe
2021-01-28 16:14 - 2021-01-28 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-28 16:14 - 2021-01-28 16:14 - 000000000 ____D C:\ProgramData\Magix
2021-01-28 16:12 - 2021-01-29 07:04 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\Program Files\VEGAS
2021-01-28 16:06 - 2021-01-28 16:06 - 000000000 ____D C:\Users\Richard\Downloads\Sony Vegas Pro 17.0.0 Build 421 incl Patch [CrackingPatching.com]
2021-01-28 13:27 - 2021-01-28 13:28 - 026571028 _____ (The qBittorrent project) C:\Users\Richard\Downloads\qbittorrent_4.3.3_x64_setup.exe
2021-01-28 13:18 - 2021-01-28 13:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk
2021-01-28 13:04 - 2021-01-29 07:05 - 000000000 ____D C:\ProgramData\Sony
2021-01-28 13:03 - 2021-01-28 16:11 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-27 08:10 - 2021-01-27 08:10 - 000038745 _____ C:\Users\Richard\Downloads\8124862467387172_payment.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 06:35 - 2020-08-02 10:48 - 000000000 ____D C:\ProgramData\AVG
2021-02-26 06:06 - 2017-04-22 20:26 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-02-26 06:00 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 02:05 - 2013-08-22 13:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-02-26 02:02 - 2017-04-22 20:14 - 000000000 ____D C:\Users\Richard
2021-02-26 00:51 - 2018-07-22 15:55 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-02-26 00:50 - 2017-04-23 09:31 - 000987136 ___SH C:\Users\Richard\Desktop\Thumbs.db
2021-02-26 00:30 - 2018-04-08 18:49 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-26 00:02 - 2013-08-22 15:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-25 23:55 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2021-02-25 17:45 - 2017-04-22 20:25 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3411107159-1070077873-1841525149-1001
2021-02-25 17:10 - 2017-04-23 09:15 - 000003930 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{98C8926F-187D-4723-A2B6-6CFA634D385A}
2021-02-25 17:03 - 2020-03-22 16:00 - 000002826 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_Richard
2021-02-25 17:03 - 2019-11-29 16:34 - 000003026 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2021-02-25 17:03 - 2019-11-02 13:51 - 000002862 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Richard
2021-02-25 17:03 - 2019-08-02 18:27 - 000003174 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_AutoAnalyze
2021-02-25 17:03 - 2018-07-21 08:46 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-02-25 17:03 - 2018-07-21 08:46 - 000004324 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-25 17:03 - 2018-07-21 08:36 - 000003282 _____ C:\WINDOWS\system32\Tasks\{65C3D43E-E5A3-481D-9352-126F2DD99808}
2021-02-25 17:03 - 2018-02-15 07:36 - 000003022 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_Startup
2021-02-25 17:03 - 2018-02-15 07:36 - 000003020 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_Update
2021-02-25 17:03 - 2017-04-23 16:02 - 000003180 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-02-25 17:03 - 2017-04-23 16:02 - 000003168 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-02-25 17:03 - 2017-04-23 16:02 - 000003152 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-02-25 17:03 - 2017-04-23 09:20 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-25 17:03 - 2017-04-23 09:20 - 000003204 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-25 06:23 - 2018-09-26 20:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-25 02:33 - 2017-04-23 09:21 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-25 02:33 - 2017-04-23 09:21 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-24 15:18 - 2018-12-16 08:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WhatsApp
2021-02-23 23:12 - 2017-04-27 12:38 - 000000000 ____D C:\ProgramData\ProductData
2021-02-23 01:54 - 2021-01-24 13:26 - 000171008 ___SH C:\Users\Richard\Downloads\Thumbs.db
2021-02-21 08:45 - 2020-04-08 09:06 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Telegram Desktop
2021-02-20 03:51 - 2017-04-22 20:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-18 22:29 - 2017-04-23 10:12 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-02-17 22:26 - 2019-09-21 11:46 - 000000000 ____D C:\Users\Richard\AppData\Local\WhatsApp
2021-02-17 11:26 - 2018-07-06 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2021-02-17 11:26 - 2018-07-06 09:56 - 000000000 ____D C:\Program Files (x86)\Brother
2021-02-17 11:26 - 2018-04-14 08:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-16 19:26 - 2017-10-30 18:01 - 000000000 ____D C:\ProgramData\Kodak
2021-02-16 16:35 - 2017-04-23 03:59 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak
2021-02-16 00:38 - 2013-08-22 15:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-02-16 00:37 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 00:37 - 2013-08-22 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 06:32 - 2017-04-23 14:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 06:27 - 2017-04-23 14:55 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 16:53 - 2017-04-27 12:34 - 000000000 ____D C:\Program Files (x86)\IObit
2021-02-09 16:52 - 2017-04-27 12:34 - 000000000 ____D C:\ProgramData\IObit
2021-02-08 21:06 - 2017-04-23 09:20 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-08 08:53 - 2017-09-18 16:06 - 000000000 ____D C:\Users\Richard\Desktop\Gary Cooksley
2021-02-07 21:55 - 2019-12-06 13:55 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2021-02-03 10:39 - 2017-11-19 15:30 - 000000000 ____D C:\Program Files (x86)\SparkTrust
2021-01-29 16:16 - 2019-09-02 05:16 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-01-29 07:07 - 2018-07-17 21:22 - 000000000 ____D C:\ProgramData\ScanSoft
2021-01-29 07:03 - 2018-07-06 10:36 - 000000000 ____D C:\ProgramData\Nuance
2021-01-29 06:59 - 2017-04-27 12:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\IObit
2021-01-29 06:57 - 2017-05-18 06:43 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-29 06:41 - 2017-06-12 06:11 - 000000000 ____D C:\Users\Richard\AppData\Local\Avg
2021-01-28 13:18 - 2020-02-29 11:56 - 000000000 ____D C:\Program Files\Private Internet Access
==================== Files in the root of some directories ========
2017-11-19 15:31 - 2017-11-22 05:54 - 000000115 _____ () C:\Users\Richard\AppData\Roaming\LogFile.txt
2017-10-30 18:13 - 2017-10-30 18:13 - 000003178 _____ () C:\Users\Richard\AppData\Local\installer.log
2017-10-30 18:13 - 2017-10-30 18:13 - 000000236 _____ () C:\Users\Richard\AppData\Local\LaunchHomeCenter.log
2021-02-26 05:22 - 2021-02-26 05:22 - 000000017 _____ () C:\Users\Richard\AppData\Local\resmon.resmoncfg
2019-12-10 05:00 - 2019-12-10 05:00 - 000000000 _____ () C:\Users\Richard\AppData\Local\{735F5212-8A05-435A-8589-15A45D7DCAF5}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-12-03 01:33
==================== End of FRST.txt ========================
And:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Richard (26-02-2021 06:50:15)
Running from C:\Users\Richard\Downloads
Windows 8.1 (Update) (X64) (2017-04-22 20:18:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3411107159-1070077873-1841525149-500 - Administrator - Disabled)
Guest (S-1-5-21-3411107159-1070077873-1841525149-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3411107159-1070077873-1841525149-1003 - Limited - Enabled)
Richard (S-1-5-21-3411107159-1070077873-1841525149-1001 - Administrator - Enabled) => C:\Users\Richard
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 13.3.0 - IObit)
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (HKLM-x32\...\{376348C2-E372-48BC-A138-E896757BD86A}) (Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (HKLM-x32\...\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}) (Version: 7.6.13.10 - Your Company Name) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies)
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0F3243B3-FEA6-44DA-A6A6-4CA42F6A20DF}) (Version: 6.1.3.4 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{f3688e1e-b3e5-403f-9750-b51816920212}) (Version: 6.1.3.4 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
center (HKLM-x32\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
essentials (HKLM-x32\...\{BE94C681-68E2-4561-8ABC-8D2E799168B4}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{7BC71E16-6656-4F86-A274-4DF34437975E}) (Version: 1.2.25.1 - Brother Industries Ltd.)
iCare Data Recovery Free (HKLM-x32\...\{43D63B27-661F-428E-97B7-70D0604D28E8}_is1) (Version: 8.0.3 - iCareAll Inc.)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.6.0.2072 - IObit)
Kodak AIO Printer (HKLM\...\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}) (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.9.1.1 - Eastman Kodak Company)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
ocr (HKLM-x32\...\{BFBCF96F-7361-486A-965C-54B17AC35421}) (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{65EA2C86-30CD-444C-ADAB-8762BE4E2E8C}) (Version: 1.8.003.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 2.4.0+05574 - Private Internet Access, Inc.)
Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.3 - IObit)
SoftwareUpdateNotification (HKLM-x32\...\{F58E9F54-C092-42C5-B4C3-C4B7C337750B}) (Version: 1.0.7.0 - Brother Insutries Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\WhatsApp) (Version: 2.2104.10 - WhatsApp)
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-04-23] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3411107159-1070077873-1841525149-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.....Z.ZZZ:1 [1122]
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1 [1122]
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ....Z....Z:1 [1122]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2019-01-08 02:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService13 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: AVG Tools => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BitDefenderCOM => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DeviceAssociationService => 2
MSCONFIG\Services: DeviceInstall => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DsmSvc => 3
MSCONFIG\Services: Eaphost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: EventLog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: fhsvc => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: Kodak AiO Network Discovery Service => 2
MSCONFIG\Services: Kodak AiO Status Monitor Service => 2
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: NcaSvc => 3
MSCONFIG\Services: NcbService => 3
MSCONFIG\Services: NcdAutoSetup => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: PrivateInternetAccessService => 2
MSCONFIG\Services: PrivateInternetAccessWireguard => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: scan => 3
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: smphost => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: ss_conn_launcher_service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: svsvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: USBAppControl => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: VSS => 2
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: Wcmsvc => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WEPHOSTSVC => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: WlanSvc => 2
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WorkflowAppControl => 2
MSCONFIG\Services: workfolderssvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
HKLM\...\StartupApproved\Run: => "EKIJ5000StatusMonitor"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run32: => "EKStatusMonitor"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "EKIJ5000StatusMonitor"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_8A93C1D26E6679F3B6F436A3F299CCC8"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_94A469CBA2277F7295F560B121FA07B1"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD1A15A1-B23B-496D-828C-29E7D4558070}] => (Allow) LPort=1688
FirewallRules: [{DEEE57D2-A2EA-4964-8E2E-252BDCAEE3C3}] => (Block) LPort=445
FirewallRules: [{76EE6F2B-E7C7-44AE-89E1-5788E5E6B14C}] => (Block) LPort=445
FirewallRules: [{FF3805C2-55BF-42C0-8654-306F8337774F}] => (Allow) LPort=1688
FirewallRules: [{D1B01DC0-E1C9-4B59-A24A-1E4895016F3A}] => (Allow) LPort=9322
FirewallRules: [{4264BA44-9581-4C56-9A04-6E4EF7CE720E}] => (Allow) LPort=5353
FirewallRules: [{1B6EED72-800D-4471-952E-E61E663FC658}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{0737E079-EE02-474E-9FB2-45A5DC809EF1}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{B974E3FC-650A-47DB-9BBC-0530E3261882}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{C31B4A1F-ACBC-4C7B-BFC7-FCCC2EEC030C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{06476668-F55E-4D2A-861D-549D086C6935}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{00339ADE-2FA0-47E3-B417-FE2BD710DABB}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{EF6E52B3-9D82-48E4-987C-00D36BD36E0C}] => (Allow) E:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{074A51E3-D035-45D4-A084-B7F16EA2C6DB}] => (Allow) LPort=54925
FirewallRules: [{81CF8617-2F01-4071-BE89-58D3140A67DF}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{993AF3CF-D964-4CE6-B0EF-F8F447FE9384}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [TCP Query User{3CFA0FAC-534E-4A74-BC1A-7C84054B7452}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4A854861-308D-4F13-94B2-A69479B22ED6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E63762B9-801F-482E-A2A9-7C85474D7DB4}] => (Allow) LPort=54950
FirewallRules: [{762BEB76-C88E-407A-BCF1-1B5521E3551D}] => (Allow) LPort=54955
FirewallRules: [{2FCE1BA5-FAB8-4DA5-BA22-1872BA500C59}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/26/2021 06:06:52 AM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.1.7
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80::1dab:377f:dad:847%3
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/26/2021 06:14:22 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume D:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (02/26/2021 06:14:13 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume C:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:52 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:51 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service hung on starting.
Windows Defender:
================
Date: 2017-06-11 14:44:05.806
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-11 14:32:39.187
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-11 13:50:33.124
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-07 02:23:33.175
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-05-26 14:46:41.511
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-12 07:15:04.980
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.979
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.529
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.528
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:14:55.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X550CA.212 08/13/2013
Motherboard: ASUSTeK COMPUTER INC. X550CA
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 46%
Total physical RAM: 6029.74 MB
Available physical RAM: 3213.28 MB
Total Virtual: 12173.74 MB
Available Virtual: 9465.28 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.38 GB) (Free:298.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:536.7 GB) NTFS
Drive f: (Seagate Expansion Drive) (Fixed) (Total:465.76 GB) (Free:245.07 GB) NTFS
\\?\Volume{b81970ed-33f5-4c1e-868a-a9f407dc4092}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.77 GB) NTFS
\\?\Volume{2789036b-ad4f-4416-9f8e-e20a9348f31d}\ () (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{21b11954-97a1-4a1d-ba35-26ec54f79eda}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.74 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FAF3F0E5)
Partition: GPT.
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 13CC50B2)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
This all started because I received warning messages to say AVG and Windows Defender were off, although after many attempts at trying to to start them, I failed.
Therefore I tried to run SFC/Scannow, also DISM.../RestoreHealth, although both failed. Scannow reported unable to correct corrupt files, DSIM said unknown.
I have very limited knowledge of computers, so thought it best to speak to you guys. TIA.
Here are the .Txt files that I've been instructed to copy and paste:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Richard (administrator) on RICHARD (ASUSTeK COMPUTER INC. X550CA) (26-02-2021 06:41:05)
Running from C:\Users\Richard\Downloads
Loaded Profiles: Richard
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Paretologic Inc -> Digital Care Solutions (ParetoLogic)) C:\Program Files\BDServices\BitDefenderCOM.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [164608 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3636496 2020-03-06] (IObit Information Technology -> IObit)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\KODAK EASYSHARE All-in-One Printer: C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll [261632 2012-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Print\Monitors\KODAK EASYSHARE All-in-One Printer: C:\WINDOWS\system32\EKIJ5000MON.dll [805376 2012-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-25] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E3A5D45-B299-4F4F-963D-96639B163AD6} - System32\Tasks\Software Updater SkipUAC(Richard) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {20D07301-0754-4D98-9023-33A6B22B9883} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\ASC_PerformanceMonitor" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\ASC_SkipUac_Richard" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Optimize Start Menu Cache Files-S-1-5-21-3411107159-1070077873-1841525149-1001" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\RtHDVBg" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\SmartDefrag_AutoAnalyze" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\SmartDefrag_Startup" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\SmartDefrag_Update" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Software Updater Scheduler" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Software Updater SkipUAC(Richard)" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\SU_AutoUpdate" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Uninstaller_SkipUac_Richard" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{98C8926F-187D-4723-A2B6-6CFA634D385A}" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\{65C3D43E-E5A3-481D-9352-126F2DD99808}" /ENABLE
Task: {23EE9230-3ED4-46B7-8F5F-43C82D9CAEE3} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {3C893D5A-8C9A-4B15-8D4D-2BD4B1C8B9D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {47DF9810-F6A2-4B0C-98E4-B70A28CABDF8} - System32\Tasks\{65C3D43E-E5A3-481D-9352-126F2DD99808} => C:\WINDOWS\system32\pcalua.exe -a C:\ProgramData\Kodak\Installer\Setup.exe -c /Web /x "{E0F274B7-592B-4669-8FB8-8D9825A09858}" CompanyName="Eastman Kodak Company" /code "2057"
Task: {5E415433-D5BC-414B-8985-44515AAE6A19} - System32\Tasks\Uninstaller_SkipUac_Richard => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-09-10] (IObit Information Technology -> IObit)
Task: {644370C0-0F78-4799-A741-525E9EFC74C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-23] (Google Inc -> Google Inc.)
Task: {73DF959D-C868-4F23-A973-6E80B6A277E2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {77D7B2E9-D157-4B75-849F-912D477BF1DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7FC8E34B-BC3E-41EE-A1EC-178912E8316B} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit)
Task: {8D939978-1C04-4261-9087-B58A7E403F0B} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {90CE6F7A-00B7-4C2A-A75F-69B1D9DD7BB3} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [3183888 2020-03-10] (IObit Information Technology -> IObit)
Task: {ABA02E02-29A2-4267-93DF-7A1C4915F156} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3007760 2019-04-24] (IObit Information Technology -> IObit)
Task: {AD41904C-680D-4370-804D-82A489C025B7} - System32\Tasks\ASC_SkipUac_Richard => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [8876816 2020-03-11] (IObit Information Technology -> IObit)
Task: {B5DFDE52-BF65-47ED-A482-EC4E67E51CF6} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-07-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B64A8C00-976B-4EE5-AD87-2FE13DBDF8B6} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5849872 2019-07-05] (IObit Information Technology -> IObit)
Task: {C1D26FC8-180C-4AE7-9F10-9D30933380A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {DB5AFBF8-22CC-445E-B842-BB00C6859B44} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {DFF09F86-325E-46CA-AE44-FB7F23C8B2EA} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {E4E84066-6172-43A6-A9F7-6540948D5DA2} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [314128 2018-05-02] (IObit Information Technology -> IObit)
Task: {FB4B7999-9C47-4041-973F-5BC9E1CD750E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-23] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\SparkTrust Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79D1DE68-56FB-4F72-B5E0-FB918DAD2B4C}: [DhcpNameServer] 10.0.0.243
Tcpip\..\Interfaces\{CA17CCC0-C1E3-4678-A9C4-A38235A3F540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D33B41AE-F5DB-42CB-8859-CC313193AC99}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-26]
CHR DownloadDir: C:\Users\Richard\Downloads
CHR Notifications: Default -> hxxps://pirateproxy.cc; hxxps://thepiratebay.org; hxxps://www.electriciansforums.net; hxxps://www.facebook.com; hxxps://www.junglescout.com; hxxps://www.wakeupuk.net; hxxps://www.wish.com
CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={013DF0A8-A4BC-4DD5-B565-06D763B93533}&mid=8743dd459dca47d29dc96da73dc8933a-3c5e627b1624c73ab826fb50cd5d9c87c5579247&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-16 09:28:15&v=17.3.1.91&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (DuckDuckGo) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-01-09]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-05]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-23]
CHR Extension: (Honey) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-02-18]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AdvancedSystemCareService13; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1290000 2019-12-27] (IObit Information Technology -> IObit)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622184 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [353024 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7926328 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1038328 2017-08-09] (Paretologic Inc -> Digital Care Solutions (ParetoLogic))
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-03-22] (Brother Industries, Ltd.) [File not signed]
S3 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
S4 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1900032 2020-09-04] () [File not signed]
S4 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4433920 2020-09-04] () [File not signed]
R2 scan; C:\Program Files\BDServices\scan.dll [652568 2017-08-09] (Bitdefender SRL -> Bitdefender)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2020-12-18] (Microsoft) [File not signed]
S2 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2020-12-18] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileControl.sys [22440 2019-07-02] (IObit Information Technology -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [27528 2019-07-15] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [28064 2019-07-15] (IObit CO., LTD -> IObit)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4318648 2020-01-04] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2015-11-01] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208176 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [357400 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [249368 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [98840 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175368 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521472 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [465800 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2021-02-26] (CPUID -> CPUID)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-10-30] (Martin Malik - REALiX -> REALiX(tm))
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [25992 2019-07-30] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19280 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [31648 2019-07-30] (IObit CO., LTD -> IObit)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-12-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 tap-pia-0901; C:\WINDOWS\system32\DRIVERS\tap-pia-0901.sys [30720 2020-01-16] (Private Internet Access (London Trust Media Incorporated) -> The OpenVPN Project)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 06:41 - 2021-02-26 06:42 - 000024863 _____ C:\Users\Richard\Downloads\FRST.txt
2021-02-26 06:40 - 2021-02-26 06:41 - 000000000 ____D C:\FRST
2021-02-26 06:39 - 2021-02-26 06:39 - 002301440 _____ (Farbar) C:\Users\Richard\Downloads\FRST64.exe
2021-02-26 06:37 - 2021-02-26 06:37 - 002781052 _____ C:\Users\Richard\Downloads\Speccy x64 portable.zip
2021-02-26 06:07 - 2021-02-26 06:16 - 000000000 ____D C:\Users\Richard\Documents\SysnativeFileCollectionApp
2021-02-26 06:07 - 2021-02-26 06:07 - 000175952 _____ (Sysnative) C:\Users\Richard\Downloads\SysnativeBSODCollectionApp.exe
2021-02-26 05:22 - 2021-02-26 05:22 - 000000017 _____ C:\Users\Richard\AppData\Local\resmon.resmoncfg
2021-02-26 00:30 - 2021-02-26 00:30 - 000288032 _____ C:\WINDOWS\Minidump\022621-39015-01.dmp
2021-02-26 00:22 - 2021-02-26 00:30 - 619322642 _____ C:\WINDOWS\MEMORY.DMP
2021-02-26 00:22 - 2021-02-26 00:22 - 000288032 _____ C:\WINDOWS\Minidump\022621-39781-01.dmp
2021-02-26 00:05 - 2021-02-26 00:06 - 000288032 _____ C:\WINDOWS\Minidump\022621-59750-01.dmp
2021-02-25 23:54 - 2021-02-25 23:54 - 098435072 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 006205440 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000425984 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000028672 _____ C:\WINDOWS\system32\config\SAM.iobit
2021-02-25 23:54 - 2021-02-25 23:54 - 000024576 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2021-02-23 23:13 - 2021-02-23 23:13 - 000175368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-02-23 01:53 - 2021-02-23 01:53 - 000319254 _____ C:\Users\Richard\Downloads\Untitled_Message (3).zip
2021-02-23 01:53 - 2021-02-23 01:53 - 000000000 ____D C:\Users\Richard\Downloads\Untitled_Message (3)
2021-02-23 01:44 - 2021-02-23 01:45 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message (2).zip
2021-02-23 01:38 - 2021-02-23 01:38 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message.zip
2021-02-23 01:38 - 2021-02-23 01:38 - 004162925 _____ C:\Users\Richard\Downloads\Untitled_Message (1).zip
2021-02-21 09:56 - 2021-02-21 09:57 - 000288032 _____ C:\WINDOWS\Minidump\022121-41500-01.dmp
2021-02-21 08:41 - 2021-02-21 08:42 - 015970496 _____ (IObit ) C:\Users\Richard\Downloads\smart-defrag-setup.exe
2021-02-20 03:36 - 2021-02-20 03:36 - 000095903 _____ C:\Users\Richard\Downloads\Tracked_Returns_label_DA088912438GB.pdf
2021-02-18 22:28 - 2021-02-26 00:10 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak1
2021-02-18 19:36 - 2021-02-25 17:03 - 000004162 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-18 19:36 - 2021-02-18 19:36 - 000465800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000521472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000357400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-02-18 19:35 - 2021-02-18 19:35 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000249368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000208176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000098840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-02-18 19:35 - 2021-02-18 19:35 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-02-17 11:26 - 2021-02-17 11:26 - 000000964 _____ C:\ProgramData\Desktop\Brother iPrint&Scan.lnk
2021-02-17 08:04 - 2021-02-17 09:13 - 025559040 _____ C:\Users\Richard\Downloads\Win8.1_English_x64.iso
2021-02-16 22:09 - 2021-02-16 22:09 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2021-02-16 19:26 - 2021-02-16 19:26 - 000288032 _____ C:\WINDOWS\Minidump\021621-45015-01.dmp
2021-02-16 19:09 - 2021-02-16 19:09 - 000288032 _____ C:\WINDOWS\Minidump\021621-37656-01.dmp
2021-02-16 19:01 - 2021-02-16 19:02 - 000288344 _____ C:\WINDOWS\Minidump\021621-37812-01.dmp
2021-02-16 16:47 - 2021-02-16 16:48 - 000288032 _____ C:\WINDOWS\Minidump\021621-46406-01.dmp
2021-02-16 16:43 - 2021-02-16 16:43 - 000288032 _____ C:\WINDOWS\Minidump\021621-42000-01.dmp
2021-02-16 01:07 - 2021-02-16 01:08 - 000288032 _____ C:\WINDOWS\Minidump\021621-43968-01.dmp
2021-02-16 00:51 - 2021-02-16 00:51 - 000288032 _____ C:\WINDOWS\Minidump\021621-44796-01.dmp
2021-02-14 11:18 - 2021-02-14 11:18 - 001578036 _____ C:\Users\Richard\Desktop\Vaccine_n.mp4
2021-02-13 15:18 - 2021-02-13 15:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-13 02:50 - 2021-02-13 02:50 - 000288032 _____ C:\WINDOWS\Minidump\021321-51406-01.dmp
2021-02-10 12:43 - 2021-01-12 06:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-10 12:43 - 2021-01-12 05:46 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-02-10 12:43 - 2021-01-12 05:44 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-10 12:43 - 2021-01-12 05:31 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-02-09 16:53 - 2021-02-25 17:03 - 000003370 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate
2021-02-09 16:53 - 2021-02-25 17:03 - 000003088 _____ C:\WINDOWS\system32\Tasks\Software Updater Scheduler
2021-02-09 16:53 - 2021-02-25 17:03 - 000002844 _____ C:\WINDOWS\system32\Tasks\Software Updater SkipUAC(Richard)
2021-02-09 16:53 - 2021-02-09 16:54 - 000002146 _____ C:\ProgramData\Desktop\IObit Software Updater.lnk
2021-02-09 16:53 - 2021-02-09 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2021-02-09 07:53 - 2021-02-16 16:08 - 011636936 _____ C:\Users\Richard\Downloads\MB-SupportTool.exe
2021-02-09 07:53 - 2021-02-13 15:11 - 002297344 _____ (Farbar) C:\Users\Richard\Downloads\FRSTEnglish.exe
2021-02-09 03:11 - 2021-02-09 03:11 - 000000000 __SHD C:\found.001
2021-02-08 21:06 - 2021-02-08 21:06 - 000002172 _____ C:\ProgramData\Desktop\Google Earth.lnk
2021-02-08 21:06 - 2021-02-08 21:06 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Google
2021-02-08 21:06 - 2021-02-08 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2021-02-08 21:05 - 2021-02-08 21:05 - 030589432 _____ C:\Users\Richard\Downloads\googleearthwin.exe
2021-02-08 08:45 - 2021-02-08 08:45 - 000288032 _____ C:\WINDOWS\Minidump\020821-47187-01.dmp
2021-02-08 08:39 - 2021-02-08 08:39 - 000288344 _____ C:\WINDOWS\Minidump\020821-45875-01.dmp
2021-02-08 07:17 - 2021-02-08 07:17 - 000288032 _____ C:\WINDOWS\Minidump\020821-36906-01.dmp
2021-02-08 07:14 - 2021-02-08 07:14 - 000288032 _____ C:\WINDOWS\Minidump\020821-33203-01.dmp
2021-02-08 07:08 - 2021-02-08 07:08 - 000288344 _____ C:\WINDOWS\Minidump\020821-33281-01.dmp
2021-02-06 16:55 - 2021-02-17 06:00 - 000000000 _____ C:\Recovery.txt
2021-02-06 08:35 - 2021-02-06 08:35 - 000000000 __SHD C:\found.000
2021-02-05 09:39 - 2021-02-05 09:39 - 000096940 _____ C:\Users\Richard\Downloads\Three Peaks Walk.mmo
2021-02-05 09:39 - 2021-02-05 09:39 - 000009868 _____ C:\Users\Richard\Downloads\Three Peaks Walk.gpx
2021-02-03 10:12 - 2021-02-03 10:12 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup.exe
2021-02-03 05:03 - 2021-02-03 05:03 - 000000274 _____ C:\Users\Richard\Downloads\Untitled Project.kml
2021-02-03 04:59 - 2021-02-03 04:59 - 000080288 _____ C:\Users\Richard\Desktop\Google Earth.html
2021-02-03 04:59 - 2021-02-03 04:59 - 000000000 ____D C:\Users\Richard\Desktop\Google Earth_files
2021-01-29 16:16 - 2021-01-29 16:16 - 000288032 _____ C:\WINDOWS\Minidump\012921-47890-01.dmp
2021-01-29 11:57 - 2021-01-29 11:57 - 000001968 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2021-01-29 11:57 - 2021-01-29 11:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\AVG
2021-01-29 11:57 - 2021-01-29 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2021-01-29 11:52 - 2021-01-29 11:52 - 000000000 ____D C:\Program Files\AVG
2021-01-29 11:51 - 2021-01-29 11:51 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup (2).exe
2021-01-29 09:28 - 2021-01-29 09:28 - 000261056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avg_antivirus_free_setup (1).exe
2021-01-29 09:27 - 2021-01-29 09:27 - 000000000 ____D C:\Users\Richard\Documents\TotalAV
2021-01-29 09:24 - 2021-01-29 09:24 - 000000000 ____D C:\Users\Richard\AppData\Local\GUI.Win
2021-01-29 09:24 - 2021-01-29 09:24 - 000000000 ____D C:\ProgramData\SecuritySuite
2021-01-29 09:23 - 2021-01-29 16:16 - 000000000 ____D C:\ProgramData\TotalAV
2021-01-29 09:23 - 2021-01-29 16:16 - 000000000 ____D C:\Program Files (x86)\TotalAV
2021-01-29 07:20 - 2021-01-29 09:23 - 054108544 _____ C:\Users\Richard\Downloads\TotalAV_Setup.exe
2021-01-29 06:37 - 2021-01-29 06:36 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-01-29 06:14 - 2021-01-29 06:14 - 014191056 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Richard\Downloads\avgclear.exe
2021-01-28 16:14 - 2021-01-28 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-28 16:14 - 2021-01-28 16:14 - 000000000 ____D C:\ProgramData\Magix
2021-01-28 16:12 - 2021-01-29 07:04 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-28 16:12 - 2021-01-28 16:12 - 000000000 ____D C:\Program Files\VEGAS
2021-01-28 16:06 - 2021-01-28 16:06 - 000000000 ____D C:\Users\Richard\Downloads\Sony Vegas Pro 17.0.0 Build 421 incl Patch [CrackingPatching.com]
2021-01-28 13:27 - 2021-01-28 13:28 - 026571028 _____ (The qBittorrent project) C:\Users\Richard\Downloads\qbittorrent_4.3.3_x64_setup.exe
2021-01-28 13:18 - 2021-01-28 13:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Private Internet Access.lnk
2021-01-28 13:04 - 2021-01-29 07:05 - 000000000 ____D C:\ProgramData\Sony
2021-01-28 13:03 - 2021-01-28 16:11 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-27 08:10 - 2021-01-27 08:10 - 000038745 _____ C:\Users\Richard\Downloads\8124862467387172_payment.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 06:35 - 2020-08-02 10:48 - 000000000 ____D C:\ProgramData\AVG
2021-02-26 06:06 - 2017-04-22 20:26 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-02-26 06:00 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 02:05 - 2013-08-22 13:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2021-02-26 02:02 - 2017-04-22 20:14 - 000000000 ____D C:\Users\Richard
2021-02-26 00:51 - 2018-07-22 15:55 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-02-26 00:50 - 2017-04-23 09:31 - 000987136 ___SH C:\Users\Richard\Desktop\Thumbs.db
2021-02-26 00:30 - 2018-04-08 18:49 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-26 00:02 - 2013-08-22 15:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-25 23:55 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2021-02-25 17:45 - 2017-04-22 20:25 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3411107159-1070077873-1841525149-1001
2021-02-25 17:10 - 2017-04-23 09:15 - 000003930 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{98C8926F-187D-4723-A2B6-6CFA634D385A}
2021-02-25 17:03 - 2020-03-22 16:00 - 000002826 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_Richard
2021-02-25 17:03 - 2019-11-29 16:34 - 000003026 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2021-02-25 17:03 - 2019-11-02 13:51 - 000002862 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Richard
2021-02-25 17:03 - 2019-08-02 18:27 - 000003174 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_AutoAnalyze
2021-02-25 17:03 - 2018-07-21 08:46 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-02-25 17:03 - 2018-07-21 08:46 - 000004324 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-25 17:03 - 2018-07-21 08:36 - 000003282 _____ C:\WINDOWS\system32\Tasks\{65C3D43E-E5A3-481D-9352-126F2DD99808}
2021-02-25 17:03 - 2018-02-15 07:36 - 000003022 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_Startup
2021-02-25 17:03 - 2018-02-15 07:36 - 000003020 _____ C:\WINDOWS\system32\Tasks\SmartDefrag_Update
2021-02-25 17:03 - 2017-04-23 16:02 - 000003180 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-02-25 17:03 - 2017-04-23 16:02 - 000003168 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-02-25 17:03 - 2017-04-23 16:02 - 000003152 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-02-25 17:03 - 2017-04-23 09:20 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-25 17:03 - 2017-04-23 09:20 - 000003204 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-25 06:23 - 2018-09-26 20:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-25 02:33 - 2017-04-23 09:21 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-25 02:33 - 2017-04-23 09:21 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-24 15:18 - 2018-12-16 08:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WhatsApp
2021-02-23 23:12 - 2017-04-27 12:38 - 000000000 ____D C:\ProgramData\ProductData
2021-02-23 01:54 - 2021-01-24 13:26 - 000171008 ___SH C:\Users\Richard\Downloads\Thumbs.db
2021-02-21 08:45 - 2020-04-08 09:06 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Telegram Desktop
2021-02-20 03:51 - 2017-04-22 20:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-18 22:29 - 2017-04-23 10:12 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-02-17 22:26 - 2019-09-21 11:46 - 000000000 ____D C:\Users\Richard\AppData\Local\WhatsApp
2021-02-17 11:26 - 2018-07-06 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2021-02-17 11:26 - 2018-07-06 09:56 - 000000000 ____D C:\Program Files (x86)\Brother
2021-02-17 11:26 - 2018-04-14 08:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-16 19:26 - 2017-10-30 18:01 - 000000000 ____D C:\ProgramData\Kodak
2021-02-16 16:35 - 2017-04-23 03:59 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak
2021-02-16 00:38 - 2013-08-22 15:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-02-16 00:37 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 00:37 - 2013-08-22 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 06:32 - 2017-04-23 14:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 06:27 - 2017-04-23 14:55 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 16:53 - 2017-04-27 12:34 - 000000000 ____D C:\Program Files (x86)\IObit
2021-02-09 16:52 - 2017-04-27 12:34 - 000000000 ____D C:\ProgramData\IObit
2021-02-08 21:06 - 2017-04-23 09:20 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-08 08:53 - 2017-09-18 16:06 - 000000000 ____D C:\Users\Richard\Desktop\Gary Cooksley
2021-02-07 21:55 - 2019-12-06 13:55 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc
2021-02-03 10:39 - 2017-11-19 15:30 - 000000000 ____D C:\Program Files (x86)\SparkTrust
2021-01-29 16:16 - 2019-09-02 05:16 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-01-29 07:07 - 2018-07-17 21:22 - 000000000 ____D C:\ProgramData\ScanSoft
2021-01-29 07:03 - 2018-07-06 10:36 - 000000000 ____D C:\ProgramData\Nuance
2021-01-29 06:59 - 2017-04-27 12:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\IObit
2021-01-29 06:57 - 2017-05-18 06:43 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-29 06:41 - 2017-06-12 06:11 - 000000000 ____D C:\Users\Richard\AppData\Local\Avg
2021-01-28 13:18 - 2020-02-29 11:56 - 000000000 ____D C:\Program Files\Private Internet Access
==================== Files in the root of some directories ========
2017-11-19 15:31 - 2017-11-22 05:54 - 000000115 _____ () C:\Users\Richard\AppData\Roaming\LogFile.txt
2017-10-30 18:13 - 2017-10-30 18:13 - 000003178 _____ () C:\Users\Richard\AppData\Local\installer.log
2017-10-30 18:13 - 2017-10-30 18:13 - 000000236 _____ () C:\Users\Richard\AppData\Local\LaunchHomeCenter.log
2021-02-26 05:22 - 2021-02-26 05:22 - 000000017 _____ () C:\Users\Richard\AppData\Local\resmon.resmoncfg
2019-12-10 05:00 - 2019-12-10 05:00 - 000000000 _____ () C:\Users\Richard\AppData\Local\{735F5212-8A05-435A-8589-15A45D7DCAF5}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-12-03 01:33
==================== End of FRST.txt ========================
And:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Richard (26-02-2021 06:50:15)
Running from C:\Users\Richard\Downloads
Windows 8.1 (Update) (X64) (2017-04-22 20:18:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3411107159-1070077873-1841525149-500 - Administrator - Disabled)
Guest (S-1-5-21-3411107159-1070077873-1841525149-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3411107159-1070077873-1841525149-1003 - Limited - Enabled)
Richard (S-1-5-21-3411107159-1070077873-1841525149-1001 - Administrator - Enabled) => C:\Users\Richard
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 13.3.0 - IObit)
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (HKLM-x32\...\{376348C2-E372-48BC-A138-E896757BD86A}) (Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (HKLM-x32\...\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}) (Version: 7.6.13.10 - Your Company Name) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies)
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0F3243B3-FEA6-44DA-A6A6-4CA42F6A20DF}) (Version: 6.1.3.4 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{f3688e1e-b3e5-403f-9750-b51816920212}) (Version: 6.1.3.4 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
center (HKLM-x32\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
essentials (HKLM-x32\...\{BE94C681-68E2-4561-8ABC-8D2E799168B4}) (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{7BC71E16-6656-4F86-A274-4DF34437975E}) (Version: 1.2.25.1 - Brother Industries Ltd.)
iCare Data Recovery Free (HKLM-x32\...\{43D63B27-661F-428E-97B7-70D0604D28E8}_is1) (Version: 8.0.3 - iCareAll Inc.)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.6.0.2072 - IObit)
Kodak AIO Printer (HKLM\...\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}) (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.9.1.1 - Eastman Kodak Company)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
ocr (HKLM-x32\...\{BFBCF96F-7361-486A-965C-54B17AC35421}) (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{65EA2C86-30CD-444C-ADAB-8762BE4E2E8C}) (Version: 1.8.003.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 2.4.0+05574 - Private Internet Access, Inc.)
Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.3 - IObit)
SoftwareUpdateNotification (HKLM-x32\...\{F58E9F54-C092-42C5-B4C3-C4B7C337750B}) (Version: 1.0.7.0 - Brother Insutries Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\WhatsApp) (Version: 2.2104.10 - WhatsApp)
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-04-23] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-04-23] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3411107159-1070077873-1841525149-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2019-09-19] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZZ.....Z.ZZZ:1 [1122]
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1 [1122]
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ....Z....Z:1 [1122]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2019-01-08 02:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService13 => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: AVG Tools => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BitDefenderCOM => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DeviceAssociationService => 2
MSCONFIG\Services: DeviceInstall => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DsmSvc => 3
MSCONFIG\Services: Eaphost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: EventLog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: fhsvc => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: Kodak AiO Network Discovery Service => 2
MSCONFIG\Services: Kodak AiO Status Monitor Service => 2
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: NcaSvc => 3
MSCONFIG\Services: NcbService => 3
MSCONFIG\Services: NcdAutoSetup => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: PrivateInternetAccessService => 2
MSCONFIG\Services: PrivateInternetAccessWireguard => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: scan => 3
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: smphost => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: ss_conn_launcher_service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: svsvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: USBAppControl => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: VSS => 2
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: Wcmsvc => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WEPHOSTSVC => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: WlanSvc => 2
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WorkflowAppControl => 2
MSCONFIG\Services: workfolderssvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
HKLM\...\StartupApproved\Run: => "EKIJ5000StatusMonitor"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run32: => "EKStatusMonitor"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "EKIJ5000StatusMonitor"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_8A93C1D26E6679F3B6F436A3F299CCC8"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "Advanced SystemCare"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-3411107159-1070077873-1841525149-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_94A469CBA2277F7295F560B121FA07B1"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD1A15A1-B23B-496D-828C-29E7D4558070}] => (Allow) LPort=1688
FirewallRules: [{DEEE57D2-A2EA-4964-8E2E-252BDCAEE3C3}] => (Block) LPort=445
FirewallRules: [{76EE6F2B-E7C7-44AE-89E1-5788E5E6B14C}] => (Block) LPort=445
FirewallRules: [{FF3805C2-55BF-42C0-8654-306F8337774F}] => (Allow) LPort=1688
FirewallRules: [{D1B01DC0-E1C9-4B59-A24A-1E4895016F3A}] => (Allow) LPort=9322
FirewallRules: [{4264BA44-9581-4C56-9A04-6E4EF7CE720E}] => (Allow) LPort=5353
FirewallRules: [{1B6EED72-800D-4471-952E-E61E663FC658}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{0737E079-EE02-474E-9FB2-45A5DC809EF1}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{B974E3FC-650A-47DB-9BBC-0530E3261882}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{C31B4A1F-ACBC-4C7B-BFC7-FCCC2EEC030C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{06476668-F55E-4D2A-861D-549D086C6935}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{00339ADE-2FA0-47E3-B417-FE2BD710DABB}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{EF6E52B3-9D82-48E4-987C-00D36BD36E0C}] => (Allow) E:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{074A51E3-D035-45D4-A084-B7F16EA2C6DB}] => (Allow) LPort=54925
FirewallRules: [{81CF8617-2F01-4071-BE89-58D3140A67DF}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{993AF3CF-D964-4CE6-B0EF-F8F447FE9384}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [TCP Query User{3CFA0FAC-534E-4A74-BC1A-7C84054B7452}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4A854861-308D-4F13-94B2-A69479B22ED6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E63762B9-801F-482E-A2A9-7C85474D7DB4}] => (Allow) LPort=54950
FirewallRules: [{762BEB76-C88E-407A-BCF1-1B5521E3551D}] => (Allow) LPort=54955
FirewallRules: [{2FCE1BA5-FAB8-4DA5-BA22-1872BA500C59}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/26/2021 06:06:52 AM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.1.7
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80::1dab:377f:dad:847%3
Error: (02/26/2021 06:05:23 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2
System errors:
=============
Error: (02/26/2021 06:14:22 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume D:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (02/26/2021 06:14:13 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume C:.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:53 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:52 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:51 AM) (Source: DCOM) (EventID: 10016) (User: RICHARD)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
and APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
to the user Richard\Richard SID (S-1-5-21-3411107159-1070077873-1841525149-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/26/2021 06:06:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service hung on starting.
Windows Defender:
================
Date: 2017-06-11 14:44:05.806
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-11 14:32:39.187
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-11 13:50:33.124
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-07 02:23:33.175
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-05-26 14:46:41.511
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-06-12 07:15:04.980
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.979
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.529
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:15:04.528
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2017-06-12 07:14:55.167
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.245.730.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13804.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X550CA.212 08/13/2013
Motherboard: ASUSTeK COMPUTER INC. X550CA
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 46%
Total physical RAM: 6029.74 MB
Available physical RAM: 3213.28 MB
Total Virtual: 12173.74 MB
Available Virtual: 9465.28 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.38 GB) (Free:298.79 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:536.7 GB) NTFS
Drive f: (Seagate Expansion Drive) (Fixed) (Total:465.76 GB) (Free:245.07 GB) NTFS
\\?\Volume{b81970ed-33f5-4c1e-868a-a9f407dc4092}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.77 GB) NTFS
\\?\Volume{2789036b-ad4f-4416-9f8e-e20a9348f31d}\ () (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS
\\?\Volume{21b11954-97a1-4a1d-ba35-26ec54f79eda}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.74 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FAF3F0E5)
Partition: GPT.
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 13CC50B2)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================