Solved Two problems: tinny music everyday at 4pm, AND a scareware pop-up

Kaelkitty

Kaelkitty

Posts: 84   +0
Here are my FRST.logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Dell (administrator) on DELL-PC (22-09-2018 02:42:41)
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(RaMMicHaeL) C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(CrispyBytes Software) C:\Program Files (x86)\DateInTray\DateInTray.exe
(Facebook) C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGameroom.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Duality Software) C:\Program Files (x86)\DS Clock\dsetime.exe
(Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\bfgclient\bfggameservices.exe
() C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2187336 2017-12-22] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-07-13] (Apple Inc.)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe [592384 2007-02-15] (highspheres.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [7 Taskbar Tweaker] => C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [447488 2018-05-20] (RaMMicHaeL)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [DateInTray] => C:\Program Files (x86)\DateInTray\DateInTray.exe [95744 2010-03-05] (CrispyBytes Software)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2018-09-21] (Siber Systems)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472 2018-09-10] (Adobe Systems Incorporated)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: {bc61dcd2-7345-11e7-8872-001aa0419180} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\driversupport.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\freefileviewer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\g2minstaller.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pcchrono.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sidebar.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wakemeup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk [2016-06-14]
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7+ Taskbar Tweaker.lnk [2017-07-28]
ShortcutTarget: 7+ Taskbar Tweaker.lnk -> C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe (RaMMicHaeL)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DateInTray.lnk [2017-07-29]
ShortcutTarget: DateInTray.lnk -> C:\Program Files (x86)\DateInTray\DateInTray.exe (CrispyBytes Software)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-03-21]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare.lnk [2017-07-29]
ShortcutTarget: Kodak EasyShare.lnk -> C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk [2016-05-03]
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5DBC6179-CB64-4C52-822A-0DEEBFEDCFE4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BCFCF5C20-E14B-4F7C-97DA-E707D953A141%7D&mid=0340cd93399647cc8168d153e6afe49d-bedeb04c32ee1ac935d3d85898546a8263f90d25&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-04-21%2016:22:28&v=4.2.9.726&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-1400945040-2960571981-3055813832-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={CFCF5C20-E14B-4F7C-97DA-E707D953A141}&mid=0340cd93399647cc8168d153e6afe49d-bedeb04c32ee1ac935d3d85898546a8263f90d25&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-04-21 16:22:28&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-09-21] (Siber Systems Inc.)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-09-10] (Oracle Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-09-21] (Siber Systems Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-22] (AVG)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-09-21] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-09-21] (Siber Systems Inc.)

FireFox:
========
FF DefaultProfile: oi853qa9.default
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default [2018-09-22]
FF user.js: detected! => C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\user.js [2017-07-28]
FF Session Restore: Mozilla\Firefox\Profiles\oi853qa9.default -> is enabled.
FF Extension: (About sessionstore) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\aboutsessionstore@dt.xpi [2016-10-10] [Legacy]
FF Extension: (Classic Theme Restorer) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-08-04] [Legacy]
FF Extension: (Colour That Site!) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\ColourThatSite@einspeiser.de.xpi [2016-06-08] [Legacy]
FF Extension: (English (Australian) Dictionary) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\en-AU@dictionaries.addons.mozilla.org [2016-04-28] [Legacy] [not signed]
FF Extension: (Pinterest Save Button) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-07-25]
FF Extension: (RoboForm Password Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\rf-firefox@siber.com.xpi [2018-07-27]
FF Extension: (SQLite Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-28] [Legacy]
FF Extension: (Tab Groups) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\tabgroups@quicksaver.xpi [2017-01-28] [Legacy]
FF Extension: (Session Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy]
FF Extension: (FEBE) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-17] [Legacy]
FF Extension: (ScrapBook) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2016-09-01] [Legacy]
FF Extension: (NoUn Buttons) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{99f30549-35d4-11d9-8a2a-396c6e707e82}.xpi [2016-04-28] [Legacy]
FF Extension: (ReminderFox) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2018-05-30] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-10] ()
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-09-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-09-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1400945040-2960571981-3055813832-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dell\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-05-09] (Citrix Online)

Chrome:
=======
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2018-06-27]
CHR Extension: (Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-26]
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-27]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-27]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-27]
CHR Extension: (Google Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-27]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [432592 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Technologies CZ, s.r.o.)
S4 DSAO; C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe [2033104 2016-10-23] (PC Drivers HeadQuarters LP)
R2 DSClockSyncTime; C:\Program Files (x86)\DS Clock\dsetime.exe [62264 2009-11-19] (Duality Software)
R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [52664 2018-07-18] (Microsoft)
S4 svcWMU; C:\Program Files (x86)\WakeMeUp\WMUSvc.exe [808448 2007-02-15] (Highspheres.com) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6593536 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48640 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [41472 2018-07-26] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-12-22] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [192104 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [155664 2018-09-12] (AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-01-03] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [653928 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78864 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459624 2018-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208216 2018-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 02:42 - 2018-09-22 02:45 - 000020906 _____ C:\Users\Dell\Desktop\FRST.txt
2018-09-22 02:38 - 2018-09-22 02:38 - 002404864 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2018-09-21 13:51 - 2018-09-21 13:51 - 000012962 _____ C:\Users\Dell\Downloads\This computer is BLOCKED
2018-09-20 18:27 - 2018-09-20 18:27 - 000000000 ____D C:\Users\Dell\Desktop\PHOTO FOLDERS (OLD) - Copy
2018-09-17 12:10 - 2018-09-17 12:11 - 000011874 _____ C:\Users\Dell\Downloads\Income Statement
2018-09-15 01:10 - 2018-09-15 01:10 - 000000000 _____ C:\Users\Dell\Desktop\exiftool
2018-09-10 17:42 - 2018-09-10 17:42 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Sun
2018-09-10 17:41 - 2018-09-21 13:56 - 000003668 _____ C:\Windows\System32\Tasks\JavaUpdateSched
2018-09-10 17:40 - 2018-09-10 17:40 - 000145272 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-09-10 17:40 - 2018-09-10 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-09-10 17:38 - 2018-09-10 17:38 - 000000000 ____D C:\Program Files\Java
2018-09-10 16:34 - 2018-09-10 16:36 - 105455992 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-10.0.2_windows-x64_bin.exe
2018-09-10 16:07 - 2018-09-10 16:07 - 000001444 _____ C:\Users\Public\Desktop\LibreOffice 6.0.lnk
2018-09-10 16:07 - 2018-09-10 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
2018-09-10 16:06 - 2018-09-10 16:07 - 000000000 ____D C:\Program Files\LibreOffice
2018-09-10 13:47 - 2018-09-10 13:57 - 274317312 _____ C:\Users\Dell\Downloads\LibreOffice_6.0.6_Win_x64.msi
2018-09-10 13:45 - 2018-09-10 13:46 - 000018999 _____ C:\Users\Dell\Downloads\LibreOffice_6.0.6_Win_x64_helppack_en-GB.msi.torrent
2018-09-10 13:01 - 2018-09-10 13:01 - 001211216 _____ (Oracle Corporation) C:\Users\Dell\Downloads\JavaUninstallTool.exe
2018-09-10 12:54 - 2018-09-21 13:56 - 000003144 _____ C:\Windows\System32\Tasks\{9034CCE8-0529-402D-83F5-07AA22336ADA}
2018-09-10 12:51 - 2018-09-10 12:51 - 000001995 _____ C:\Users\Dell\Desktop\7+ Taskbar Tweaker.lnk
2018-08-31 04:56 - 2018-08-31 04:54 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 02:42 - 2017-12-19 12:34 - 000000000 ____D C:\FRST
2018-09-21 16:02 - 2016-09-21 00:28 - 000003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2018-09-21 14:02 - 2009-07-14 14:15 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-21 14:02 - 2009-07-14 14:15 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-21 13:56 - 2018-08-18 17:07 - 000003560 _____ C:\Windows\System32\Tasks\doPDF 9 Update
2018-09-21 13:56 - 2018-08-18 17:07 - 000003540 _____ C:\Windows\System32\Tasks\doPDF 9 Telemetry
2018-09-21 13:56 - 2018-05-19 16:05 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-21 13:56 - 2018-05-16 13:30 - 000004310 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2018-09-21 13:56 - 2018-01-14 10:13 - 000003214 _____ C:\Windows\System32\Tasks\klcp_update
2018-09-21 13:56 - 2017-12-20 06:01 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-09-21 13:56 - 2017-07-27 22:02 - 000002962 _____ C:\Windows\System32\Tasks\{0E59508C-BE36-4B2B-A14A-00D56A47BAC3}
2018-09-21 13:56 - 2017-04-25 08:11 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-09-21 13:56 - 2017-01-02 15:03 - 000003132 _____ C:\Windows\System32\Tasks\{29D149EF-EC65-40D7-B7D7-2190A79A460C}
2018-09-21 13:56 - 2016-06-12 14:59 - 000003002 _____ C:\Windows\System32\Tasks\{CEDEAF75-B7F1-419A-9967-BC6FE3751283}
2018-09-21 13:56 - 2016-06-12 14:28 - 000003002 _____ C:\Windows\System32\Tasks\{0469D58A-F4AC-4FFE-87C3-63DE0C613505}
2018-09-21 13:56 - 2016-06-12 14:27 - 000003002 _____ C:\Windows\System32\Tasks\{E8293F52-06BD-4F09-A0BE-35F2B8AAB023}
2018-09-21 13:56 - 2016-05-21 02:01 - 000003134 _____ C:\Windows\System32\Tasks\{45FBBD5F-F88A-49D4-A283-B4F373E77EB0}
2018-09-21 13:56 - 2016-05-05 16:51 - 000003124 _____ C:\Windows\System32\Tasks\{122501A7-1579-4F3C-9980-D73CC72456D6}
2018-09-21 13:56 - 2016-04-29 10:06 - 000003696 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2018-09-21 13:56 - 2016-04-28 11:42 - 000003222 _____ C:\Windows\System32\Tasks\{3F1240AA-27E5-491C-8839-0A7C8598CF0A}
2018-09-21 13:56 - 2016-04-21 16:37 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 10:38 - 2016-04-29 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2018-09-20 19:02 - 2017-06-19 18:13 - 000000000 ____D C:\ProgramData\TEMP
2018-09-20 18:06 - 2016-05-21 02:52 - 254389248 ____R C:\Users\Public\Documents\ESBK.mb
2018-09-20 18:06 - 2016-05-21 02:52 - 212474880 ____R C:\Users\Public\Documents\ESBK.mbb
2018-09-20 09:03 - 2016-05-03 06:35 - 000000000 ____D C:\Users\Dell\Desktop\PROGRAM SETUPS
2018-09-20 01:03 - 2016-04-21 16:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-19 03:47 - 2016-04-21 14:56 - 000000000 ____D C:\Users\Dell
2018-09-19 03:44 - 2017-06-18 11:46 - 000000000 ____D C:\Program Files\Recuva
2018-09-19 00:26 - 2017-07-08 07:45 - 000000000 ___RD C:\Users\Dell\Desktop\2013 PHOTOS
2018-09-18 16:35 - 2016-05-06 12:33 - 000000000 ____D C:\Users\Dell\AppData\Roaming\MailWasherPro
2018-09-13 04:57 - 2017-04-25 08:11 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-09-12 00:57 - 2017-04-25 08:11 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-09-10 20:01 - 2016-04-29 14:56 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-10 20:01 - 2016-04-29 14:56 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-10 20:01 - 2016-04-29 14:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-10 20:01 - 2016-04-29 14:56 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-10 20:01 - 2016-04-29 14:55 - 000000000 ____D C:\Users\Dell\AppData\Local\Adobe
2018-09-10 19:58 - 2016-04-22 15:46 - 000094584 _____ C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-10 19:54 - 2017-07-28 13:05 - 000416576 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-10 19:54 - 2016-04-21 15:37 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-10 19:54 - 2009-07-14 14:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-10 17:26 - 2009-07-14 12:50 - 000000000 ____D C:\Windows\system32\NDF
2018-09-10 16:55 - 2009-07-14 12:50 - 000000000 ____D C:\Windows\inf
2018-09-10 16:45 - 2016-05-03 06:31 - 000000000 ____D C:\Users\Dell\Desktop\OLD PROGRAM SETUPS
2018-09-10 16:20 - 2017-10-13 12:07 - 000000000 ____D C:\Users\Dell\AppData\Local\RoboForm
2018-09-10 16:17 - 2017-06-07 12:58 - 000000000 ____D C:\Users\Dell\Desktop\COLES POINTS
2018-09-10 16:16 - 2018-02-21 07:53 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-10 13:03 - 2016-04-21 16:24 - 000000000 ____D C:\ProgramData\Oracle
2018-09-10 12:29 - 2008-07-24 03:11 - 000000000 ____D C:\Users\Dell\Desktop\BANK AND FINANCIAL
2018-09-05 00:57 - 2017-04-25 08:11 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-08-31 04:58 - 2017-04-25 08:11 - 000078864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-08-31 04:54 - 2017-11-28 18:00 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-08-31 04:53 - 2018-01-03 11:28 - 000653928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2018-08-31 04:53 - 2017-04-25 08:11 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys

==================== Files in the root of some directories =======

2017-12-17 16:19 - 2017-12-17 16:19 - 000000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2016-07-30 09:31 - 2016-07-30 09:31 - 000000022 _____ () C:\Users\Dell\AppData\Local\kodakpcd.ini
2016-05-07 13:13 - 2017-07-27 23:34 - 000007608 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-09-10 12:41 - 2018-09-10 12:41 - 001906040 _____ (Oracle Corporation) C:\Users\Dell\AppData\Local\Temp\jre-8u181-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-15 07:46

==================== End of FRST.txt ============================
 
Here is the Additions.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Dell (22-09-2018 02:46:24)
Running from C:\Users\Dell\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-04-21 05:26:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1400945040-2960571981-3055813832-500 - Administrator - Disabled)
Dell (S-1-5-21-1400945040-2960571981-3055813832-1000 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-1400945040-2960571981-3055813832-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {FD3E91FB-7C15-3254-D603-FC5F31625538}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Duplicate Finder (Remove only) (HKLM-x32\...\1-abc.net Duplicate Finder) (Version: - )
7+ Taskbar Tweaker v5.5 (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\7 Taskbar Tweaker) (Version: 5.5 - RaMMicHaeL)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Attribute Changer 8.20a (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.3.0 - AVG Netherlands B.V)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{F0A7F6FC-97BC-4D27-B33B-6E1EFE1BB42D}) (Version: 16.78.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.78.3.33194 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CardRecovery 6.10 (HKLM-x32\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CCScore (HKLM-x32\...\{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
DateInTray 1.6 (HKLM-x32\...\DateInTray) (Version: 1.6 - CrispyBytes Software)
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version: - )
Desktop Restore version 1.6.4 (HKLM\...\{DBD4F07A-7607-4A4F-A46C-6AA399E06E38}_is1) (Version: 1.6.4 - Jamie O'Connell)
doPDF (HKLM\...\{F80F7F88-4DD9-4674-8F84-AB97F3C594F0}) (Version: 9.4.241 - Softland) Hidden
doPDF 9 (HKLM-x32\...\{338841ea-b7de-412c-8a44-2bd4fb9d761a}) (Version: 9.4.241 - Softland)
doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{CA14C18F-8F65-4258-A1CF-ECFB17891B59}) (Version: 9.1.232 - Softland)
doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{93476622-206D-4957-B751-1B9E7E5A9324}) (Version: 9.1.232 - Softland)
doPDF 9 Printer Driver (HKLM\...\{8339CCC0-9EAE-43E2-90C9-487EE55403FA}) (Version: 9.4.241 - Softland)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.60.000 - Runtime Software)
Driver Support (HKLM-x32\...\DriverSupport) (Version: 10.1.4.76 - PC Drivers HeadQuarters LP) <==== ATTENTION
DS Clock (HKLM-x32\...\DS Clock_is1) (Version: 2.6.3 - Duality Software)
ESSBrwr (HKLM-x32\...\{643EAE81-920C-4931-9F0B-4B343B225CA6}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (HKLM-x32\...\{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (HKLM-x32\...\{42938595-0D83-404D-9F73-F8177FDD531A}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (HKLM-x32\...\{91517631-A9F3-4B7C-B482-43E0068FD55A}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (HKLM-x32\...\{8E92D746-CD9F-4B90-9668-42B74C14F765}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (HKLM-x32\...\{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (HKLM-x32\...\{8A502E38-29C9-49FA-BCFA-D727CA062589}) (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (HKLM-x32\...\{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Eudora (HKLM-x32\...\{6BCDFA1F-A5AC-4C01-8448-1D70FC79329A}) (Version: 7.0 - )
EXIF Date Changer v3.3.6 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: - Rellik Software)
Express Uninstaller v3.0 (HKLM-x32\...\Express Uninstaller_is1) (Version: 3.0 - Smart PC Solutions)
Facebook Gameroom 1.20.6618.42311 (HKLM-x32\...\{CF2C7CB9-1009-4EAA-9033-317F4C4C9DA2}) (Version: 1.20.6618.42311 - Facebook)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
fflink (HKLM-x32\...\{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}) (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
Flip Words (HKLM-x32\...\BFG-Flip Words) (Version: - )
Flip Words v2.3 (HKLM-x32\...\Flip Words_is1) (Version: - HipSoft LLC)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION
Google Chrome (HKLM-x32\...\{22773B3E-818C-3DE5-8CBD-2FF73D97A2F4}) (Version: 63.0.3239.132 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoToMeeting 8.19.0.8126 (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\GoToMeeting) (Version: 8.19.0.8126 - LogMeIn, Inc.)
Gummy Drop! (HKLM-x32\...\BFG-Gummy Drop!) (Version: - )
Icon Restore 1.0 (HKLM-x32\...\Icon Restore_is1) (Version: - Tim Taylor)
IconRestorer 2.0.8.1 SR1 (HKLM-x32\...\IconRestorer Supporters Edition_is1) (Version: - FSL - FreeSoftLand)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
K-Lite Codec Pack 13.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
LibreOffice 6.0.6.2 (HKLM\...\{982E3D14-3F50-412B-A1C2-BC9262E8810F}) (Version: 6.0.6.2 - The Document Foundation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netbrdg (HKLM-x32\...\{4537EA4B-F603-4181-89FB-2953FC695AB1}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
NirSoft SysExporter (HKLM-x32\...\NirSoft SysExporter) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OfotoXMI (HKLM-x32\...\{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RoboForm 8-5-4-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-5-4-4 - Siber Systems)
SFR (HKLM-x32\...\{DB02F716-6275-42E9-B8D2-83BA2BF5100B}) (Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (HKLM-x32\...\{605A4E39-613C-4A12-B56F-DEFBE6757237}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Shorter Oxford English Dictionary (Sixth Edition) (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Shorter Oxford English Dictionary (Sixth Edition)) (Version: - )
skin0001 (HKLM-x32\...\{5316DFC9-CE99-4458-9AB3-E8726EDE0210}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (HKLM-x32\...\{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
staticcr (HKLM-x32\...\{8943CE61-53BD-475E-90E1-A580869E98A2}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Super Finder XT 2.6.3.2 (HKLM-x32\...\Super Finder XT Supporters Edition_is1) (Version: - FSL - FreeSoftLand)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Seeds Program (HKLM-x32\...\The Seeds Program) (Version: 3.0 - CyberNiche Software)
Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.10.20.0 - File.org)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VPRINTOL (HKLM-x32\...\{999D43F4-9709-4887-9B1A-83EBB15A8370}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WakeMeUp! (HKLM-x32\...\{DFA8FEE4-109C-43D4-84CF-4AC724AD1D4E}_is1) (Version: 1.8.5.34 - Highspheres.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WIRELESS (HKLM-x32\...\{F9593CFB-D836-49BC-BFF1-0E669A411D9F}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [RmgShellExtModule] -> {EA31839B-63AA-4550-92CD-D9EEDE3127A9} => C:\Program Files (x86)\Microsoft Pro Photo Tools\MSImgShellExt.dll [2008-09-12] (Microsoft Corp.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-04-19] (Romain Petges)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-04-19] (Romain Petges)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [DeskMenu] -> {7E74422F-2393-11D4-98E0-444553540000} => C:\Program Files\Desktop Restore\dkticnsr.dll [2014-07-14] (Jamie O'Connell)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers5-x32: [RmgShellExtModule] -> {EA31839B-63AA-4550-92CD-D9EEDE3127A9} => C:\Program Files (x86)\Microsoft Pro Photo Tools\MSImgShellExt.dll [2008-09-12] (Microsoft Corp.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => C:\Windows\SysWOW64\Layout.dll [2001-05-26] (Microsoft)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023876AA-16E7-468C-892C-93B57A54E74C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08F8541E-1C80-41B0-8F4B-41030DF08AE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {09CFF0EE-00D3-471D-96F1-5FAC8A525B33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {0A8C8A8B-98CC-4208-B885-1C18FFAB2A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0B9B42AB-0272-4F5D-A350-4434B19BF628} - System32\Tasks\{0469D58A-F4AC-4FFE-87C3-63DE0C613505} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {0CF4F649-6E06-49CF-BE8E-75FD82CC78A4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-08-31] (AVG Technologies CZ, s.r.o.)
Task: {0E400F79-2C2E-4290-A6C1-4220B234E30F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-07-26] (AVG Technologies CZ, s.r.o.)
Task: {1A9556A6-E49E-4C88-B982-2DB0E4D4C499} - System32\Tasks\{CEDEAF75-B7F1-419A-9967-BC6FE3751283} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {1B716BE1-387C-4035-BFB3-E282BD63FAB9} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software) <==== ATTENTION
Task: {318E1C3F-F925-42C0-9893-3E3FAE3D4706} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMJJJJNJNJNJNJOJOMCNMJJJNMGMCNLMPMGMJJCNGMKMOMNJCNJJJJMJOJNMNJJJLMMMIMGMMJJNJICMHMCNKMCNLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMMMKMPMJNHICMCJFJHJKJLIJNBJCMLLKJDJDJJNKJCMFJOJMJOIJJKJDJGJMIPLGJPINIG (the data entry has 92 more characters).
Task: {381F4ED1-9E38-4CAF-8C7B-4F15895D59B2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {3DBCE8AE-B626-44F8-BE38-3EF7F4EEAB7C} - System32\Tasks\{9034CCE8-0529-402D-83F5-07AA22336ADA} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\jre-8u181-windows-i586.exe -d C:\Users\Dell\Downloads
Task: {3FBA4D60-7925-43EB-AD7C-4B34703BD104} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {58FB34D6-9791-4A56-8ECC-FC3A80F6695E} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-06-27] (Oracle Corporation)
Task: {5C846CDD-B1F0-43C9-8761-8B0CF50077B7} - System32\Tasks\doPDF 9 Telemetry => C:\Program Files\Softland\novaPDF 9\Driver\GoogleAnalytics.exe [2018-07-18] ()
Task: {60858FC5-C8A1-4E5E-808A-043A56F617EC} - System32\Tasks\{29D149EF-EC65-40D7-B7D7-2190A79A460C} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\FacebookGameroom.exe -d C:\Users\Dell\Downloads
Task: {7121162F-BC9E-4C66-9939-294E66F1046A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-10] (Adobe Systems Incorporated)
Task: {7F79AB50-37D5-485E-986E-2EA604E2BBF5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-10] (AVG Technologies CZ, s.r.o.)
Task: {8B80E63A-F386-48FD-96F4-513A960436D6} - System32\Tasks\{0E59508C-BE36-4B2B-A14A-00D56A47BAC3} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {8BAD118F-802F-4D4F-B311-5598C07764F4} - System32\Tasks\{45FBBD5F-F88A-49D4-A283-B4F373E77EB0} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\install_easyshare.exe -d C:\Users\Dell\Downloads
Task: {8D93E98E-BE62-4DFB-8A7A-06EC0F2C1119} - System32\Tasks\{48F7E6B4-D004-47F3-A1BF-4FBBE2604F19} => C:\Program Files (x86)\FireTrust\MailWasher Pro\MailWasher.exe [2010-06-13] (Firetrust Ltd)
Task: {94802374-423E-48FE-AB8E-619E15EADC39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {98B33931-C937-4487-BE2D-695E6FDE9296} - System32\Tasks\{E8293F52-06BD-4F09-A0BE-35F2B8AAB023} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {9C318BB5-D249-4395-BE69-73F60711DBD4} - System32\Tasks\doPDF 9 Update => C:\Program Files\Softland\novaPDF 9\Driver\UpdateApplication.exe [2018-07-18] ()
Task: {9C8C8189-263A-4E6B-9549-2F3E46721281} - System32\Tasks\G2MUploadTask-S-1-5-21-1400945040-2960571981-3055813832-1000 => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupload.exe [2017-12-22] (LogMeIn, Inc.)
Task: {9E1BCBAC-CB55-447D-A114-9378945C3E05} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2018-09-21] (Siber Systems)
Task: {A5303677-8364-495C-A233-C77CD8C645F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {AA59CDD8-00EC-4974-97B3-6D9585222E27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {B36FE3C1-DA28-470A-AAE2-222A800A8B51} - System32\Tasks\{3F1240AA-27E5-491C-8839-0A7C8598CF0A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Dell\Desktop\Old Documents\Desktop\install_easyshare.exe" -d "C:\Users\Dell\Desktop\Old Documents\Desktop"
Task: {BB3AF36A-B5C0-4778-9BEB-16DD52A24803} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8666C15-E88A-4273-8B50-D876575EAC8A} - System32\Tasks\G2MUpdateTask-S-1-5-21-1400945040-2960571981-3055813832-1000 => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupdate.exe [2017-12-22] (LogMeIn, Inc.)
Task: {C87DFB08-C15A-4B00-B91A-8EDB8D33B5A8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-10] (AVG Technologies CZ, s.r.o.)
Task: {D8035EDB-849A-4550-B60A-C428F7C35949} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-12-20] ()
Task: {E4B4DE7B-E12B-4B31-84C8-96D9A97A9EAE} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E7363191-CDA9-4E4D-873D-D264674A949B} - System32\Tasks\{122501A7-1579-4F3C-9980-D73CC72456D6} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\icon_restore.exe -d C:\Users\Dell\Downloads
Task: {F2C035FD-FF3A-436E-833A-E51F9EA1E7DA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F308AE71-BBC5-4D71-8130-344622D6C01E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {F4C3CCB6-DBBE-4D61-A734-C4DC90CD49F0} - System32\Tasks\EasyShare Registration Task => C:\Windows\system32\rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt _RegistrationOffer@16

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EasyShare Registration Task.job => rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1400945040-2960571981-3055813832-1000.job => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1400945040-2960571981-3055813832-1000.job => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Dell\Desktop\OLD UNUSED DESKTOP SHORTCUTS\CrossLoop.lnk -> E:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop) -> -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.CrossLoop.com -startup=server
ShortcutWithArgument: C:\Users\Dell\Desktop\Old Documents\Desktop\OLD UNUSED DESKTOP SHORTCUTS\CrossLoop.lnk -> E:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop) -> -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.CrossLoop.com -startup=server

==================== Loaded Modules (Whitelisted) ==============

2016-04-21 16:22 - 2017-12-22 19:06 - 000981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-04-21 15:36 - 2015-02-04 11:51 - 000115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-01 10:37 - 2018-01-01 10:37 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-04-21 16:22 - 2017-12-22 19:06 - 002187336 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2018-07-18 19:47 - 2018-07-18 19:47 - 000146736 _____ () C:\Program Files\Softland\novaPDF 9\Server\AgileDotNetRT64.dll
2018-08-31 04:54 - 2018-08-31 04:54 - 000700144 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2014-03-06 07:14 - 2014-03-06 07:14 - 000274208 _____ () C:\Program Files (x86)\bfgclient\bfggameservices.exe
2017-01-27 09:25 - 2017-01-27 09:25 - 001143208 ____H () C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
2018-08-31 04:54 - 2018-08-31 04:54 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 001184256 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.Core.dll
2018-02-13 22:30 - 2018-02-13 22:30 - 071641088 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libcef.dll
2016-11-29 00:28 - 2016-11-29 00:28 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-03-13 05:40 - 2018-03-13 05:40 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 000774656 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 003149824 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libglesv2.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 000078848 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libegl.dll
2018-08-31 04:53 - 2018-08-31 04:53 - 000987888 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-08-31 04:54 - 2018-08-31 04:54 - 000897264 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-08-31 04:53 - 2018-08-31 04:53 - 000542448 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-09-22 02:00 - 2018-09-22 02:00 - 005690608 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18092104\algo.dll
2014-03-06 07:14 - 2014-03-06 07:14 - 001568032 _____ () C:\Program Files (x86)\bfgclient\bfgcommon.dll
2015-10-18 10:23 - 2015-10-18 10:23 - 000132608 _____ () C:\Program Files (x86)\Gummy Drop!\libEGL.dll
2015-10-18 10:23 - 2015-10-18 10:23 - 002612736 _____ () C:\Program Files (x86)\Gummy Drop!\libGLESv2.dll
2017-06-19 22:24 - 2016-04-20 09:37 - 022220288 _____ () C:\ProgramData\Big Fish\Cef\1.1180.832\libcef.dll
2017-06-19 22:24 - 2016-04-20 09:37 - 000628224 _____ () C:\ProgramData\Big Fish\Cef\1.1180.832\libglesv2.dll
2017-06-19 22:24 - 2016-04-20 09:37 - 000110592 _____ () C:\ProgramData\Big Fish\Cef\1.1180.832\libegl.dll
2015-10-18 10:23 - 2015-10-18 10:23 - 000249856 _____ () C:\Program Files (x86)\Gummy Drop!\Lemon.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:036B81D9 [184]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA [229]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:04 - 2018-08-09 22:14 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DS Clock => "C:\Program Files (x86)\DS Clock\DSClock.exe"
MSCONFIG\startupreg: GwxControlPanelMonitor => "C:\Users\Dell\Downloads\GWX_control_panel.exe" /traymode
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: WMUAgent.exe => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
MSCONFIG\startupreg: WMUTray.exe => C:\Program Files (x86)\WakeMeUp\WMUTray.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{61B32523-F297-498A-8C04-76CE04DC04FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{59F98E38-97D5-4F97-91C1-53AFDF238061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C58FEDB-C45B-4FB2-BBBB-36A5989C6579}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
FirewallRules: [{96FB0B6F-6FB7-4B82-8F82-2C399548C899}] => (Allow) C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
FirewallRules: [{397D9B16-0813-4414-AA35-5126032E1A0E}] => (Allow) C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
FirewallRules: [{099D5AA3-A011-4754-9F67-11DFAB6ADDFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97181567-08F6-434D-9599-E546E8B3DA25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4016BB59-E041-4A44-B400-021CD6929D63}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{04C452D4-A6B5-4722-A351-A3B441F62212}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{07E13034-589E-4007-B819-C73F59624A63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B10D4F1-ED72-41F8-90D6-30BAA75D747A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{FB8B430F-9D36-4C98-8B02-C0034304C074}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{06363EBF-C5B1-4963-BC13-2B8C971A7DC9}] => (Allow) LPort=8501
FirewallRules: [{E2D2B596-72F5-47DB-92FE-85A099AC5CA4}] => (Allow) LPort=8501
FirewallRules: [{44C398B5-0A88-406D-A397-757645A90F68}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{4DDBD175-31DB-4445-AF07-02636DDDE76A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe

==================== Restore Points =========================

12-08-2018 15:55:08 Scheduled Checkpoint
18-08-2018 17:00:33 doPDF 9
10-09-2018 13:14:25 Removed Java 8 Update 171
10-09-2018 13:17:33 Removed Java 8 Update 171 (64-bit)
10-09-2018 13:26:17 Removed Java 8 Update 181
10-09-2018 13:27:40 Removed Windows 7 Upgrade Advisor
10-09-2018 15:34:44 Installed LibreOffice 6.0.6.2
10-09-2018 16:15:35 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
10-09-2018 16:54:50 Removed Java 8 Update 181
10-09-2018 17:11:09 Removed Java 8 Update 181
18-09-2018 14:26:49 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2018 01:20:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 56.0.2.6506 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1564

Start Time: 01d45147a8e5f3d9

Termination Time: 1995

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 5710586c-bd51-11e8-8bba-001aa0419180

Error: (09/21/2018 10:37:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RoboTaskBarIcon.exe, version: 8.5.3.3, time stamp: 0x5b969f9a
Faulting module name: RoboForm.DLL, version: 8.5.3.3, time stamp: 0x5b969f8e
Exception code: 0xc0000094
Fault offset: 0x0060a1a7
Faulting process id: 0x934
Faulting application start time: 0x01d44a2471b2e881
Faulting application path: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Faulting module path: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.DLL
Report Id: aed00edf-bd3a-11e8-8bba-001aa0419180

Error: (09/20/2018 06:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0a30ca22
Faulting process id: 0x93c
Faulting application start time: 0x01d450bf0c77eb22
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 65dc793a-bcb2-11e8-8bba-001aa0419180

Error: (09/20/2018 06:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0763c4ca
Faulting process id: 0x1b58
Faulting application start time: 0x01d44e8a6df88350
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 2d5f1239-bcb2-11e8-8bba-001aa0419180

Error: (09/20/2018 05:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EasyShare.exe, version: 8.30.62.106, time stamp: 0x4d658608
Faulting module name: ESSkin.esx, version: 8.30.62.106, time stamp: 0x4d659e49
Exception code: 0xc0000005
Fault offset: 0x005c664c
Faulting process id: 0x10d0
Faulting application start time: 0x01d44f605d385709
Faulting application path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
Faulting module path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\ESSkin.esx
Report Id: 56cd2b3f-bcab-11e8-8bba-001aa0419180

Error: (09/19/2018 12:29:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EasyShare.exe version 8.30.62.106 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1274

Start Time: 01d44e2775c7b45b

Termination Time: 601

Application Path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe

Report Id: 73aa1a36-bb53-11e8-8bba-001aa0419180

Error: (09/17/2018 10:56:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x07f2c4ea
Faulting process id: 0x114c
Faulting application start time: 0x01d448f8223faf28
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 3ed422f0-ba7d-11e8-8bba-001aa0419180

Error: (09/17/2018 11:08:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EasyShare.exe version 8.30.62.106 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bf0

Start Time: 01d44bd4fdc6ff76

Termination Time: 299

Application Path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe

Report Id: 41e2d661-ba1a-11e8-8bba-001aa0419180


System errors:
=============
Error: (09/10/2018 07:58:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVG Antivirus service.

Error: (09/10/2018 07:56:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The novaPDF 9 Server service hung on starting.

Error: (09/10/2018 04:11:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

Error: (09/07/2018 08:05:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (08/18/2018 04:56:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register with DCOM within the required timeout.

Error: (08/07/2018 09:44:49 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0x000000007ef59000, 0x0000000000000008, 0x000000007ef59000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 080718-33945-01.

Error: (08/07/2018 09:44:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:42:04 AM on ‎8/‎7/‎2018 was unexpected.

Error: (08/07/2018 08:19:34 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16398) (User: NT AUTHORITY)
Description: A new BITS job could not be created. The current job count for the user Dell-PC\Dell (60) is equal to or greater than the job limit (60) specified through group policy. To correct the problem, complete or cancel the BITS jobs that haven't made progress by looking at the error, and restart the BITS service. If this error recurs, contact your system administrator and increate the per-user and per-computer Group Policy job limits.


CodeIntegrity:
===================================

Date: 2018-04-20 13:10:12.846
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:12.120
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:11.422
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:09.617
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:33.942
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:33.251
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:32.098
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:31.339
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) D CPU 3.00GHz
Percentage of memory in use: 62%
Total physical RAM: 4029.61 MB
Available physical RAM: 1524.39 MB
Total Virtual: 8057.41 MB
Available Virtual: 3830.36 MB

==================== Drives ================================

Drive c: (DSK1_VOL1 Coeurl) (Fixed) (Total:465.76 GB) (Free:167.32 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (SECONDARY BACKUP DRIVE) (Fixed) (Total:1863.01 GB) (Free:1700.04 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EC8645A9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 3A8B8C23)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

redtarget.gif
Uninstall following unwanted programs:

Driver Support
Free File Viewer

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
  • Like
Reactions: Kaelkitty
Rogue Killer Log:

RogueKiller V12.13.1.0 (x64) [Sep 17 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dell [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 09/22/2018 12:59:05 (Duration : 01:17:42)
Switches : -refid

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 53 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\AVG Tuneup -> Not selected
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_Administrator_ON_E_3459\Software\AVG Secure Search -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_Administrator_ON_E_3459\Software\Bitberry -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_Administrator_ON_E_3459\Software\AVG Secure Search -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_Administrator_ON_E_3459\Software\Bitberry -> Not selected
[PUP.Auslogics] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Auslogics -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AVG Secure Search -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AVG Security Toolbar -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Bitberry -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\FileTypeAssistant -> Not selected
[PUP.RegCurePro|PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\ParetoLogic -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Softonic -> Not selected
[PUP.SysTweak|PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Systweak -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\YahooPartnerToolbar -> Not selected
[PUP.Auslogics] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Auslogics -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AVG Secure Search -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AVG Security Toolbar -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Bitberry -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\FileTypeAssistant -> Not selected
[PUP.RegCurePro|PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\ParetoLogic -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Softonic -> Not selected
[PUP.SysTweak|PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Systweak -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\YahooPartnerToolbar -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Bitberry -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\SlimWare Utilities Inc -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Bitberry -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\SlimWare Utilities Inc -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AppDataLow\Software\AVG Security Toolbar -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\AppDataLow\Software\AVG Security Toolbar -> Not selected
[PUP.Slimware] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Driver Updater -> Not selected
[PUP.Slimware] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012} -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Trusted Software Assistant_is1 -> Not selected
[PUP.Gen1] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C547F361-5750-4CD1-9FB6-BC93827CB6C1} -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Trusted Software Assistant_is1 -> Not selected
[PUP.Gen1] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C547F361-5750-4CD1-9FB6-BC93827CB6C1} -> Not selected
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_Software_ON_E_386D\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} | Exec : %windir%\Network Diagnostic\xpnetdiag.exe [x] -> Not selected
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\RK_Software_ON_E_386D\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} | Exec : %windir%\Network Diagnostic\xpnetdiag.exe [x] -> Not selected
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Microsoft\Windows\CurrentVersion\Run | 7 Taskbar Tweaker : "C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd [-] -> Not selected
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Microsoft\Windows\CurrentVersion\Run | 7 Taskbar Tweaker : "C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd [-] -> Not selected
[PUP.Gen0|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet001\Services\AVG Security Toolbar Service (C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe) -> Not selected
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet001\Services\scan (%SystemRoot%\System32\svchost.exe -k bdx) -> Not selected
[PUP.Gen0|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet003\Services\AVG Security Toolbar Service (C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe) -> Not selected
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet003\Services\scan (%SystemRoot%\System32\svchost.exe -k bdx) -> Not selected
[PUM.Proxy] (X64) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigURL : http://proxy.kodak.com:81/proxy.pac -> Not selected
[PUM.Proxy] (X86) HKEY_USERS\RK_User_2_ON_E_85AE\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigURL : http://proxy.kodak.com:81/proxy.pac -> Not selected
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://proxy.kodak.com:81/proxy.pac -> Not selected
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_E_C313\ControlSet003\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://proxy.kodak.com:81/proxy.pac -> Not selected
[PUP.Gen1|PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://mysearch.avg.com/?cid={CFCF...04-21 16:22:28&v=4.2.9.726&pid=wtu&sg=&sap=hp -> Not selected
[PUP.Gen1|PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1400945040-2960571981-3055813832-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://mysearch.avg.com/?cid={CFCF...04-21 16:22:28&v=4.2.9.726&pid=wtu&sg=&sap=hp -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 11 ¤¤¤
[Suspicious.Path][File] C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7+ Taskbar Tweaker.lnk [LNK@] C:\Users\Dell\AppData\Roaming\7_TASK~1\7_TASK~1.EXE -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search\Logger -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Security Toolbar -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Security Toolbar\TBCampaign2013.txt -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Security Toolbar\TBCampaignINSP.txt -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\CrashReport -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FireFoxExt -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FirefoxSaps -> ERROR [5]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt -> ERROR [5]
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\UsersState.json -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\0738313d5bcc0a7d.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\0738313d5bcc0a7d__exp__21-07-2016 18-24-49 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\2f3faf640eb5982c.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\2f3faf640eb5982c__exp__22-09-2018 06-25-03 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\33114848aa2c1526.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\33114848aa2c1526__exp__25-10-2017 05-43-51 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\491c0659b79367ff.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\491c0659b79367ff__exp__06-02-2017 19-57-59 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\6ffe304cdaa5ccfb.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\acb9f87fc4effb1d.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\b789ae5ac37e78c2.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\c1038451b042d56e.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\c1038451b042d56e__exp__16-08-2016 20-22-05 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\d70f5720d8a61ca1.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\d70f5720d8a61ca1__exp__30-09-2016 07-30-20 -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\f1eb1146a8545bfb.fb -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\tmp\6ffe304cdaa5ccfb -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache\tmp -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\cache -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\DNT\dt.dat -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\DNT -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\Firefox -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\ExceptionalDomains.dat -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\SiteSafety.json -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\dbtmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp24BF.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp322F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp33B7.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp3C4E.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp3E8F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp4078.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp4A86.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp4F6.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp52DE.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp54B2.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp573E.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp5B05.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp6F8F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp7712.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp7857.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp825E.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp8284.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp8E8C.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp8F07.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp9633.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp9A9F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmp9FB1.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpA9E6.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpAD44.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpAF06.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpB663.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpC45.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpCD9F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpE05F.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpE6E2.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpEDDF.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpF615.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpF746.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpF9C9.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpFA88.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpFB70.tmp -> Deleted
[PUP.Gen1][File] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp\tmpFD69.tmp -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE\tmp -> Deleted
[PUP.Gen1][Folder] C:\Users\Dell\AppData\Local\AVG Web TuneUp\IE -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Secure Search\Logger\logger.properties -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Secure Search\Logger -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Security Toolbar -> ERROR [3]
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\avgcommx.dll -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\avgdiagex.exe -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\avgdumpx.exe -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\avgsysx.dll -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\CrashReport\crash.avgdx -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\CrashReport -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\FireFoxExt\4.3.9.605\avg@toolbar.xpi -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FireFoxExt\4.3.9.605 -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FireFoxExt -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\FirefoxSaps\4.3.9.605\FireFoxSearchXml.tmp -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FirefoxSaps\4.3.9.605 -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\FirefoxSaps -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.2.9.726 -> ERROR [5]
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.1.831\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.1.831\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.1.831\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.1.831 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.2.18\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.2.18\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.2.18\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.2.18 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.4.122\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.4.122\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.4.122\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.4.122 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.5.160\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.5.160\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.5.160\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.5.160 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.6.255\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.6.255\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.6.255\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.6.255 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.7.452\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.7.452\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.7.452\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.7.452 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.510\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.510\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.510\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.510 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.566\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.566\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.566\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.8.566 -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.9.605\inflate.js -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.9.605\init.html -> Deleted
[PUP.Gen1][File] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.9.605\LocalStorage.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt\4.3.9.605 -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\AVG Web TuneUp\IeExt -> Removed at reboot [91]
[PUP.Slimware][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater -> Deleted
[PUP.Slimware][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater\AVG Driver Updater Help.lnk -> Deleted
[PUP.Slimware][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater\AVG Driver Updater.lnk -> Deleted
[PUP.Slimware][Folder] C:\Program Files (x86)\AVG Driver Updater -> Deleted
[PUP.Slimware][File] C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe -> Deleted
[PUP.Slimware][File] C:\Program Files (x86)\AVG Driver Updater\Open-Source Licenses.txt -> Deleted
[PUP.Slimware][File] C:\Program Files (x86)\AVG Driver Updater\UnifiedLogger.dll -> Deleted
[PUP.Slimware][File] C:\Program Files (x86)\AVG Driver Updater\UninstallStub.exe -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.2.9.726 -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.4.122\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.4.122\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.4.122 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.510\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.510\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.510 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.8.566 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\install.ini -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605 -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\AVG Web TuneUp -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\BundleInstall -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\BundleInstall.exe -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\BundleInstaller.ini -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\buttonicon.ico -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChConfirmHelperRes -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChromeGuardRes -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\ChromeRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\configuration.xml -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\crash.avgdx -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\data.zip -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\DSPDlg_IE -> ERROR [5]
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\EnableHelperRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\favicon.ico -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\FireFoxSearchXml.tmp -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\icudt.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeDspHelperRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\ie_dsp.html -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\arrow-up.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\logo-white-background.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\arrow-up.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\arrow.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\avg_logo.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\box-bottom-small.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\box-bottom.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\box-middle.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\box-top-small.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\box-top.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\gradient-background.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\text-box.png -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old\up-arrow1.png -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\old -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\Thumbs.db -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images\up-arrow-new.png -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source\gradient-background.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source\logo-white-background.xcf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source\text-box.psd -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source\up-arrow-new.xcf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source\up-arrow.xcf -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\images-source -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\scripts\ie_dsp.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\scripts\jquery-1.8.1.min.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\scripts\translation.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\scripts\utils.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\scripts -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\base.css -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Black.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Black.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Black.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Black.woff -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Bold.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Bold.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Bold.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Bold.woff -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Book.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Book.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Book.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Book.woff -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Light.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Light.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Light.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Light.woff -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Medium.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Medium.svg -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Medium.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\AVGSans-Medium.woff -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\Webtuneup.eot -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\Webtuneup.ttf -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts\Webtuneup.woff -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\fonts.css -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets\ie_dsp.css -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\stylesheets -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\index.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\changes.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\columns.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\coverage.html -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\from.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\index.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\parser.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\stringifier.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\to.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc\transformer.md -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\doc -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\lib\index.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\lib -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\Makefile -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\README.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\samples\callback.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\samples\pipe.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\samples\stream.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\samples -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\src\index.coffee.md -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv\src -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\lib\index.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\lib -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\README.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\samples\callback.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\samples\pipe.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\samples\stream.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate\samples -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-generate -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\lib\index.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\lib\sync.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\lib -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\README.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\callback.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\columns-discovery.in -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\columns-discovery.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\comment.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\fs_read.csv -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\fs_read.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\objname.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\pipe.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\stream.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\sync.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples\tsv.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse\samples -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-parse -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\lib\index.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\lib -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\README.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\samples\api.callback.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\samples\api.pipe.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\samples\api.stream.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\samples\options.header.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify\samples -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\csv-stringify -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\lib\index.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\lib -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\LICENSE -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\README.md -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\samples\asynchronous.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\samples\callback.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\samples\stream.js -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\samples\synchronous.js -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform\samples -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules\stream-transform -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\node_modules -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\package.json -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\translation sources\April 2016 - bunch 2.xlsx -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\translation sources\April_2016_-_bunch_2_translated.xlsx -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\translation sources\README.MD -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\translation sources -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder\translation.csv -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes\translation-builder -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IeProtectedDspHelperRes -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\IERes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\libcef.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\Licenses -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\lip.exe -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\locales -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\remote_configuration.xml -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\setup.bmp -> Deleted
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\TBRDialog -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\Uninstall.exe -> Deleted
[PUP.Gen1][Folder] C:\Program Files (x86)\AVG Web TuneUp\UninstallRes -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe -> ERROR [5]
[PUP.Gen1][File] C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -> Removed at reboot [5]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.SearchEngine][Firefox:Config] 3e4h8dlg.old : user_pref("browser.search.selectedEngine", "Wikipedia (en)"); -> Not selected
[PUM.SearchEngine][Firefox:Config] 3e4h8dlg.old : user_pref("browser.search.defaultenginename", "Wikipedia (en)"); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3500418AS ATA Device +++++
--- User ---
[MBR] 749fc4c8c0e0f46e43d05912a6f3e66b
[BSP] 842aac27b11aef0520b1e80a0baaabd1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Ext HDD 1021 USB Device +++++
--- User ---
[MBR] a40d55a975974db955325155352ea45a
[BSP] 4c88c99087430d93a66b0b16d9fa5229 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907726 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

A Couple of Points:

I need 7+ Taskbar Tweaker.exe to run at Startup so I can see the seconds in my tray clock, amongst other things.

During the life of this computer, it has been in the shop fo a couple of upgrades: When I first got it I was always User_2, but somewhere along the way I became just User, so I think anything with User_2 in the path is probably redundant.

The Report said, In a few places: " Removed at reboot" - Does that mean I should reboot the system before proceeding to the Malwarebytes and AdwCleaner scans?

I'll check back in a few hours as see what you have to say,
Ciao, KK.
 
Malware Bytes Report Part One:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/22/18
Scan Time: 6:52 PM
Log File: 13bb3262-be49-11e8-a0f5-001aa0419180.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.6957
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dell-PC\Dell

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 254856
Threats Detected: 320
Threats Quarantined: 320
Time Elapsed: 18 min, 1 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE, Quarantined, [7062], [246128],1.0.6957
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE, Quarantined, [7062], [246128],1.0.6957

Registry Value: 2
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE|DEBUGGER, Quarantined, [7062], [246128],1.0.6957
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE|DEBUGGER, Quarantined, [7062], [246128],1.0.6957

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 45
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\USERS\DELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3E4H8DLG.OLD\conduit, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\cachedIcons, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\USERS\DELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3E4H8DLG.OLD\conduitCommon, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarUntrustedAppsApprovalDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\Images, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppApprovalDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppPendingDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAddedAppDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\EngineFirstTimeDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DetectedAppDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UninstallDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AddedAppDialog, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DefualtImages, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\MyStuffComponents, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\apps, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\USERS\DELL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3E4H8DLG.OLD\CT2438727, Quarantined, [1521], [443542],1.0.6957

File: 271
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\arrow-left.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\arrow-right.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\alertapi.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\main.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\DialogsAPI.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\PIE.htc, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\settings.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\Dialogs\version.txt, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alert\servicesMap.json, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_634047717512341250.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_634047717845935000.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_Blank.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_ConnectionError.gif, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_7_176_CT1764407_Images_634219899986281250.gif, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\cachedIcons\http___storage_conduit_com_images_skins_zynga_seperator.gif, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduit\alertDB.sqlite, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\close.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\Next.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\powered-by.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\Prev.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\dark\settings.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\close.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\Next.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\Next_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\powered-by.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\Prev.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\Prev_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\settings.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\light\Thumbs.db, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\main.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\DialogsAPI.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\PIE.htc, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\settings.js, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\Dialogs\version.txt, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\alert\servicesMap.json, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_Blank.png, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Chat.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\DataStructures.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\EBEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\ExternalLibraryLoader.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\HTTP.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\IO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Log.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\MainSingleton.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\MD5.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Notifications.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\ObserversAndEvents.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Prefs.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\SearchProtector.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\SearchSuggestIO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\String.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\TEAEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Timer.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Twitter.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\URL.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\Windows.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.10.0.1\XML.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Chat.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\DataStructures.jsm, Quarantined, [1521], [443541],1.0.6957
 
Malware Bytes Report Part Two:

PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\EBEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\ExternalLibraryLoader.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\HTTP.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\IO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Log.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\MainSingleton.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\MD5.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Notifications.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\ObserversAndEvents.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Prefs.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\SearchProtector.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\SearchSuggestIO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\String.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\TEAEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Timer.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Twitter.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\URL.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\WebProgress.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\Windows.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.12.2.3\XML.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Chat.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\DataStructures.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\EBEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\ExternalLibraryLoader.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\HTTP.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\IO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Log.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\MainSingleton.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\MD5.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Notifications.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\ObserversAndEvents.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Prefs.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\SearchProtector.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\SearchSuggestIO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\String.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\TEAEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Timer.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Twitter.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\URL.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\WebProgress.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\Windows.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.13.0.6\XML.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Chat.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\DataStructures.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\EBEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\HTTP.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\IO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Log.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\MainSingleton.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\MD5.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Notifications.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\ObserversAndEvents.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Prefs.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\SearchProtector.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\SearchSuggestIO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\String.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\TEAEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Timer.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Twitter.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\URL.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\Windows.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.7.0.6\XML.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Chat.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\DataStructures.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\EBEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\ExternalLibraryLoader.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\HTTP.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\IO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Log.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\MainSingleton.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\MD5.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Notifications.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\ObserversAndEvents.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Prefs.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\SearchProtector.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\SearchSuggestIO.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\String.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\TEAEncryption.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Timer.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Twitter.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\URL.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\Windows.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\modules\3.9.0.3\XML.jsm, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\conduitCommon\notificationDB.sqlite, Quarantined, [1521], [443541],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\apps\list.json, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AddedAppDialog\app-added.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AddedAppDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DefualtImages\icon.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DetectedAppDialog\app-2go.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DetectedAppDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\EngineFirstTimeDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\EngineFirstTimeDialog\right-click.gif, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\images\ok-button.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\images\separation-line.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\images\warning.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\SearchProtector.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\NewSearchProtectorDialog\SearchProtector.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images\information.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\bubble.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\bubble.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorBubbleDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\Images\info.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\Images\ok-on.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\Images\ok.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\SearchProtector.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorDialog\SearchProtector.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\divider.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAddedAppDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppApprovalDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppPendingDialog\main.html, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\DialogsAPI.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\excanvas.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\generalDialogStyle.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\PIE.htc, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\RoundedCorners.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\RoundedCornersIE9.css, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\settings.js, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\Dialogs\version.txt, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\appsMetaData.json, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\getAppsContextMenu.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\languagePack.json, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\LanguagePack.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\LocalSettings.txt, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\postAppsContextMenu.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\searchInNewTabData.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\search_history.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\ServiceMap.json, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\ThirdPartyComponents.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\toolbarContextMenu.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\unsharedAppsContextMenu.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.Conduit.Generic, C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\3e4h8dlg.old\CT2438727\UserAdditionalComponents.xml, Quarantined, [1521], [443542],1.0.6957
PUP.Optional.DriverSupport, C:\USERS\DELL\APPDATA\LOCAL\TEMP\~NSU.TMP\AU_.EXE, Quarantined, [5663], [484547],1.0.6957
PUP.Optional.DriverSupport, C:\USERS\DELL\APPDATA\LOCAL\TEMP\~NSUA.TMP\UN_A.EXE, Quarantined, [5663], [486292],1.0.6957
PUP.Optional.DriverSupport, C:\USERS\DELL\DESKTOP\DriverSupport.exe - Shortcut.lnk, Quarantined, [5663], [486292],1.0.6957
PUP.Optional.DriverSupport, C:\USERS\DELL\DESKTOP\PROGRAM SETUPS\DRIVERSUPPORT.EXE, Quarantined, [5663], [486292],1.0.6957

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
AdwCleaner Log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-23-2018
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Cleaned: 24
# Failed: 0


***** [ Services ] *****

Deleted WtuSystemSupport

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\Common Files\AVG Secure Search

***** [ Files ] *****

Deleted C:\Windows\SysWOW64\rnd_chunk.bin

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKCU\Software\Bitberry
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Ask
Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3133 octets] - [23/09/2018 09:35:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
  • Like
Reactions: Kaelkitty
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Dell (administrator) on DELL-PC (23-09-2018 10:28:25)
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(RaMMicHaeL) C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(CrispyBytes Software) C:\Program Files (x86)\DateInTray\DateInTray.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Eastman Kodak Company) C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
(Facebook) C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Duality Software) C:\Program Files (x86)\DS Clock\dsetime.exe
(Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(The CefSharp Authors) C:\Users\Dell\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-07-13] (Apple Inc.)
HKLM-x32\...\Run: [WMUAgent.exe] => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe [592384 2007-02-15] (highspheres.com)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [7 Taskbar Tweaker] => C:\Users\Dell\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [447488 2018-05-20] (RaMMicHaeL)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [DateInTray] => C:\Program Files (x86)\DateInTray\DateInTray.exe [95744 2010-03-05] (CrispyBytes Software)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2018-09-21] (Siber Systems)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472 2018-09-10] (Adobe Systems Incorporated)
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: {bc61dcd2-7345-11e7-8872-001aa0419180} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
IFEO\g2minstaller.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pcchrono.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sidebar.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wakemeup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk [2016-06-14]
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DateInTray.lnk [2017-07-29]
ShortcutTarget: DateInTray.lnk -> C:\Program Files (x86)\DateInTray\DateInTray.exe (CrispyBytes Software)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-03-21]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Dell\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare.lnk [2017-07-29]
ShortcutTarget: Kodak EasyShare.lnk -> C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk [2016-05-03]
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5DBC6179-CB64-4C52-822A-0DEEBFEDCFE4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-09-21] (Siber Systems Inc.)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2018-09-10] (Oracle Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-09-21] (Siber Systems Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2018-09-21] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2018-09-21] (Siber Systems Inc.)

FireFox:
========
FF DefaultProfile: oi853qa9.default
FF ProfilePath: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default [2018-09-23]
FF user.js: detected! => C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\user.js [2017-07-28]
FF Session Restore: Mozilla\Firefox\Profiles\oi853qa9.default -> is enabled.
FF Extension: (About sessionstore) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\aboutsessionstore@dt.xpi [2016-10-10] [Legacy]
FF Extension: (Classic Theme Restorer) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-08-04] [Legacy]
FF Extension: (Colour That Site!) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\ColourThatSite@einspeiser.de.xpi [2016-06-08] [Legacy]
FF Extension: (English (Australian) Dictionary) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\en-AU@dictionaries.addons.mozilla.org [2016-04-28] [Legacy] [not signed]
FF Extension: (Pinterest Save Button) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-07-25]
FF Extension: (RoboForm Password Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\rf-firefox@siber.com.xpi [2018-07-27]
FF Extension: (SQLite Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-28] [Legacy]
FF Extension: (Tab Groups) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\tabgroups@quicksaver.xpi [2017-01-28] [Legacy]
FF Extension: (Session Manager) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy]
FF Extension: (FEBE) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-17] [Legacy]
FF Extension: (ScrapBook) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2016-09-01] [Legacy]
FF Extension: (NoUn Buttons) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{99f30549-35d4-11d9-8a2a-396c6e707e82}.xpi [2016-04-28] [Legacy]
FF Extension: (ReminderFox) - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\oi853qa9.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2018-05-30] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-10] ()
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2018-09-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2018-09-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1400945040-2960571981-3055813832-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dell\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-05-09] (Citrix Online)

Chrome:
=======
CHR Profile: C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default [2018-06-27]
CHR Extension: (Slides) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-26]
CHR Extension: (Google Docs) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-27]
CHR Extension: (Google Drive) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-27]
CHR Extension: (YouTube) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-27]
CHR Extension: (Google Sheets) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-27]
CHR Extension: (Gmail) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [432592 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Technologies CZ, s.r.o.)
R2 DSClockSyncTime; C:\Program Files (x86)\DS Clock\dsetime.exe [62264 2009-11-19] (Duality Software)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [52664 2018-07-18] (Microsoft)
S4 svcWMU; C:\Program Files (x86)\WakeMeUp\WMUSvc.exe [808448 2007-02-15] (Highspheres.com) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6593536 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48640 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [41472 2018-07-26] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [192104 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [222288 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [194224 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [339048 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51952 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [155664 2018-09-12] (AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-01-03] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [653928 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [104256 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78864 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [459624 2018-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208216 2018-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-23 10:28 - 2018-09-23 10:31 - 000019118 _____ C:\Users\Dell\Desktop\FRST.txt
2018-09-23 10:10 - 2018-09-23 10:10 - 000002877 _____ C:\Users\Dell\Desktop\AdwCleaner[C00].txt
2018-09-23 09:30 - 2018-09-23 09:50 - 000000000 ____D C:\AdwCleaner
2018-09-22 19:44 - 2018-09-23 09:08 - 000061451 _____ C:\Users\Dell\Desktop\Malwarebytes Report.txt
2018-09-22 18:52 - 2018-09-22 18:52 - 000000000 ____D C:\Users\Dell\AppData\Local\mbam
2018-09-22 18:51 - 2018-09-22 18:51 - 000000000 ____D C:\Users\Dell\AppData\Local\mbamtray
2018-09-22 18:50 - 2018-09-22 18:50 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-22 18:50 - 2018-09-22 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-22 18:50 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-22 18:49 - 2018-09-22 18:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-22 18:49 - 2018-09-22 18:49 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-22 15:51 - 2018-09-22 15:51 - 000091854 _____ C:\Users\Dell\Desktop\rk_FBFB.tmp.txt
2018-09-22 12:59 - 2018-09-22 12:59 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-09-22 12:44 - 2018-09-22 15:52 - 000000000 ____D C:\ProgramData\RogueKiller
2018-09-22 12:44 - 2018-09-22 12:44 - 000000874 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-09-22 12:44 - 2018-09-22 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-09-22 12:44 - 2018-09-22 12:44 - 000000000 ____D C:\Program Files\RogueKiller
2018-09-22 12:40 - 2018-09-22 12:40 - 007567568 _____ (Malwarebytes) C:\Users\Dell\Desktop\AdwCleaner.exe
2018-09-22 12:36 - 2018-09-22 12:38 - 080150032 _____ (Malwarebytes ) C:\Users\Dell\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.6945.exe
2018-09-22 11:12 - 2018-09-22 11:45 - 000002486 _____ C:\Users\Dell\Desktop\Exiftool Photo Fix Notes.txt
2018-09-22 11:11 - 2018-09-23 09:49 - 000008232 _____ C:\Users\Dell\Desktop\Virus Cleaning Notes - September 2018.txt
2018-09-22 11:03 - 2018-09-22 11:04 - 036868304 _____ (Adlice Software ) C:\Users\Dell\Desktop\RogueKiller_setup_ref3.exe
2018-09-22 02:46 - 2018-09-22 02:50 - 000042924 _____ C:\Users\Dell\Desktop\Addition 1 (1).txt
2018-09-22 02:42 - 2018-09-22 02:50 - 000031766 _____ C:\Users\Dell\Desktop\Addition 1 (2).txt
2018-09-22 02:38 - 2018-09-22 02:38 - 002404864 _____ (Farbar) C:\Users\Dell\Desktop\FRST64.exe
2018-09-21 13:51 - 2018-09-21 13:51 - 000012962 _____ C:\Users\Dell\Downloads\This computer is BLOCKED
2018-09-20 18:27 - 2018-09-20 18:27 - 000000000 ____D C:\Users\Dell\Desktop\PHOTO FOLDERS (OLD) - Copy
2018-09-17 12:10 - 2018-09-17 12:11 - 000011874 _____ C:\Users\Dell\Downloads\Income Statement
2018-09-15 01:10 - 2018-09-15 01:10 - 000000000 _____ C:\Users\Dell\Desktop\exiftool
2018-09-10 17:42 - 2018-09-10 17:42 - 000000000 ____D C:\Users\Dell\AppData\Roaming\Sun
2018-09-10 17:41 - 2018-09-22 18:18 - 000003668 _____ C:\Windows\System32\Tasks\JavaUpdateSched
2018-09-10 17:40 - 2018-09-10 17:40 - 000145272 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-09-10 17:40 - 2018-09-10 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-09-10 17:38 - 2018-09-10 17:38 - 000000000 ____D C:\Program Files\Java
2018-09-10 16:34 - 2018-09-10 16:36 - 105455992 _____ (Oracle Corporation) C:\Users\Dell\Downloads\jre-10.0.2_windows-x64_bin.exe
2018-09-10 16:07 - 2018-09-10 16:07 - 000001444 _____ C:\Users\Public\Desktop\LibreOffice 6.0.lnk
2018-09-10 16:07 - 2018-09-10 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
2018-09-10 16:06 - 2018-09-10 16:07 - 000000000 ____D C:\Program Files\LibreOffice
2018-09-10 13:47 - 2018-09-10 13:57 - 274317312 _____ C:\Users\Dell\Downloads\LibreOffice_6.0.6_Win_x64.msi
2018-09-10 13:45 - 2018-09-10 13:46 - 000018999 _____ C:\Users\Dell\Downloads\LibreOffice_6.0.6_Win_x64_helppack_en-GB.msi.torrent
2018-09-10 13:01 - 2018-09-10 13:01 - 001211216 _____ (Oracle Corporation) C:\Users\Dell\Downloads\JavaUninstallTool.exe
2018-09-10 12:54 - 2018-09-22 18:19 - 000003144 _____ C:\Windows\System32\Tasks\{9034CCE8-0529-402D-83F5-07AA22336ADA}
2018-09-10 12:51 - 2018-09-10 12:51 - 000001995 _____ C:\Users\Dell\Desktop\7+ Taskbar Tweaker.lnk
2018-08-31 04:56 - 2018-08-31 04:54 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-23 10:28 - 2017-12-19 12:34 - 000000000 ____D C:\FRST
2018-09-23 10:03 - 2009-07-14 14:15 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-23 10:03 - 2009-07-14 14:15 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-23 09:51 - 2016-04-21 15:37 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-23 09:51 - 2009-07-14 14:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-23 03:44 - 2017-06-19 18:13 - 000000000 ____D C:\ProgramData\TEMP
2018-09-22 19:14 - 2016-05-03 06:35 - 000000000 ____D C:\Users\Dell\Desktop\PROGRAM SETUPS
2018-09-22 18:32 - 2016-05-21 02:52 - 254389248 ____R C:\Users\Public\Documents\ESBK.mb
2018-09-22 18:32 - 2016-05-21 02:52 - 212474880 ____R C:\Users\Public\Documents\ESBK.mbb
2018-09-22 18:19 - 2018-05-16 13:30 - 000004310 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2018-09-22 18:19 - 2017-12-20 06:01 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-09-22 18:19 - 2017-07-27 22:02 - 000002962 _____ C:\Windows\System32\Tasks\{0E59508C-BE36-4B2B-A14A-00D56A47BAC3}
2018-09-22 18:19 - 2017-01-02 15:03 - 000003132 _____ C:\Windows\System32\Tasks\{29D149EF-EC65-40D7-B7D7-2190A79A460C}
2018-09-22 18:19 - 2016-06-12 14:59 - 000003002 _____ C:\Windows\System32\Tasks\{CEDEAF75-B7F1-419A-9967-BC6FE3751283}
2018-09-22 18:19 - 2016-06-12 14:28 - 000003002 _____ C:\Windows\System32\Tasks\{0469D58A-F4AC-4FFE-87C3-63DE0C613505}
2018-09-22 18:19 - 2016-06-12 14:27 - 000003002 _____ C:\Windows\System32\Tasks\{E8293F52-06BD-4F09-A0BE-35F2B8AAB023}
2018-09-22 18:19 - 2016-05-21 02:01 - 000003134 _____ C:\Windows\System32\Tasks\{45FBBD5F-F88A-49D4-A283-B4F373E77EB0}
2018-09-22 18:19 - 2016-05-05 16:51 - 000003124 _____ C:\Windows\System32\Tasks\{122501A7-1579-4F3C-9980-D73CC72456D6}
2018-09-22 18:19 - 2016-04-29 10:06 - 000003696 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2018-09-22 18:19 - 2016-04-28 11:42 - 000003222 _____ C:\Windows\System32\Tasks\{3F1240AA-27E5-491C-8839-0A7C8598CF0A}
2018-09-22 18:18 - 2018-08-18 17:07 - 000003560 _____ C:\Windows\System32\Tasks\doPDF 9 Update
2018-09-22 18:18 - 2018-08-18 17:07 - 000003540 _____ C:\Windows\System32\Tasks\doPDF 9 Telemetry
2018-09-22 18:18 - 2018-05-19 16:05 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-22 18:18 - 2018-01-14 10:13 - 000003214 _____ C:\Windows\System32\Tasks\klcp_update
2018-09-22 18:18 - 2017-04-25 08:11 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-09-22 18:18 - 2016-04-21 16:37 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-22 17:11 - 2016-09-21 00:28 - 000003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2018-09-22 11:09 - 2007-09-21 15:02 - 000000000 ____D C:\Users\Dell\Desktop\PLANTS
2018-09-21 10:38 - 2016-04-29 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2018-09-20 01:03 - 2016-04-21 16:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-19 03:47 - 2016-04-21 14:56 - 000000000 ____D C:\Users\Dell
2018-09-19 03:44 - 2017-06-18 11:46 - 000000000 ____D C:\Program Files\Recuva
2018-09-19 00:26 - 2017-07-08 07:45 - 000000000 ___RD C:\Users\Dell\Desktop\2013 PHOTOS
2018-09-18 16:35 - 2016-05-06 12:33 - 000000000 ____D C:\Users\Dell\AppData\Roaming\MailWasherPro
2018-09-13 04:57 - 2017-04-25 08:11 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-09-12 00:57 - 2017-04-25 08:11 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-09-10 20:01 - 2016-04-29 14:56 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-10 20:01 - 2016-04-29 14:56 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-10 20:01 - 2016-04-29 14:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-10 20:01 - 2016-04-29 14:56 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-10 20:01 - 2016-04-29 14:55 - 000000000 ____D C:\Users\Dell\AppData\Local\Adobe
2018-09-10 19:58 - 2016-04-22 15:46 - 000094584 _____ C:\Users\Dell\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-10 19:54 - 2017-07-28 13:05 - 000416576 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-10 17:26 - 2009-07-14 12:50 - 000000000 ____D C:\Windows\system32\NDF
2018-09-10 16:55 - 2009-07-14 12:50 - 000000000 ____D C:\Windows\inf
2018-09-10 16:45 - 2016-05-03 06:31 - 000000000 ____D C:\Users\Dell\Desktop\OLD PROGRAM SETUPS
2018-09-10 16:20 - 2017-10-13 12:07 - 000000000 ____D C:\Users\Dell\AppData\Local\RoboForm
2018-09-10 16:17 - 2017-06-07 12:58 - 000000000 ____D C:\Users\Dell\Desktop\COLES POINTS
2018-09-10 16:16 - 2018-02-21 07:53 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-10 13:03 - 2016-04-21 16:24 - 000000000 ____D C:\ProgramData\Oracle
2018-09-10 12:29 - 2008-07-24 03:11 - 000000000 ____D C:\Users\Dell\Desktop\BANK AND FINANCIAL
2018-09-05 00:57 - 2017-04-25 08:11 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-08-31 04:58 - 2017-04-25 08:11 - 000078864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-08-31 04:54 - 2017-11-28 18:00 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-08-31 04:54 - 2017-04-25 08:11 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-08-31 04:53 - 2018-01-03 11:28 - 000653928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2018-08-31 04:53 - 2017-04-25 08:11 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-08-31 04:52 - 2017-04-25 08:11 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys

==================== Files in the root of some directories =======

2017-12-17 16:19 - 2017-12-17 16:19 - 000000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2016-07-30 09:31 - 2016-07-30 09:31 - 000000022 _____ () C:\Users\Dell\AppData\Local\kodakpcd.ini
2016-05-07 13:13 - 2017-07-27 23:34 - 000007608 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-09-22 12:44 - 2017-09-14 01:01 - 001732864 _____ (Microsoft Corporation) C:\Users\Dell\AppData\Local\Temp\dllnt_dump.dll
2018-09-10 12:41 - 2018-09-10 12:41 - 001906040 _____ (Oracle Corporation) C:\Users\Dell\AppData\Local\Temp\jre-8u181-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-15 07:46

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Dell (23-09-2018 10:32:38)
Running from C:\Users\Dell\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-04-21 05:26:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1400945040-2960571981-3055813832-500 - Administrator - Disabled)
Dell (S-1-5-21-1400945040-2960571981-3055813832-1000 - Administrator - Enabled) => C:\Users\Dell
Guest (S-1-5-21-1400945040-2960571981-3055813832-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {FD3E91FB-7C15-3254-D603-FC5F31625538}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Duplicate Finder (Remove only) (HKLM-x32\...\1-abc.net Duplicate Finder) (Version: - )
7+ Taskbar Tweaker v5.5 (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\7 Taskbar Tweaker) (Version: 5.5 - RaMMicHaeL)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Attribute Changer 8.20a (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 8.20 - Romain Petges)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.3.0 - AVG Netherlands B.V)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{F0A7F6FC-97BC-4D27-B33B-6E1EFE1BB42D}) (Version: 16.78.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.78.3.33194 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CardRecovery 6.10 (HKLM-x32\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CCScore (HKLM-x32\...\{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
DateInTray 1.6 (HKLM-x32\...\DateInTray) (Version: 1.6 - CrispyBytes Software)
Desktop Icon Position Saver (64-bit) (HKLM-x32\...\dips64) (Version: - )
Desktop Restore version 1.6.4 (HKLM\...\{DBD4F07A-7607-4A4F-A46C-6AA399E06E38}_is1) (Version: 1.6.4 - Jamie O'Connell)
doPDF (HKLM\...\{F80F7F88-4DD9-4674-8F84-AB97F3C594F0}) (Version: 9.4.241 - Softland) Hidden
doPDF 9 (HKLM-x32\...\{338841ea-b7de-412c-8a44-2bd4fb9d761a}) (Version: 9.4.241 - Softland)
doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{CA14C18F-8F65-4258-A1CF-ECFB17891B59}) (Version: 9.1.232 - Softland)
doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{93476622-206D-4957-B751-1B9E7E5A9324}) (Version: 9.1.232 - Softland)
doPDF 9 Printer Driver (HKLM\...\{8339CCC0-9EAE-43E2-90C9-487EE55403FA}) (Version: 9.4.241 - Softland)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.60.000 - Runtime Software)
DS Clock (HKLM-x32\...\DS Clock_is1) (Version: 2.6.3 - Duality Software)
ESSBrwr (HKLM-x32\...\{643EAE81-920C-4931-9F0B-4B343B225CA6}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (HKLM-x32\...\{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (HKLM-x32\...\{42938595-0D83-404D-9F73-F8177FDD531A}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (HKLM-x32\...\{91517631-A9F3-4B7C-B482-43E0068FD55A}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (HKLM-x32\...\{8E92D746-CD9F-4B90-9668-42B74C14F765}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (HKLM-x32\...\{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (HKLM-x32\...\{8A502E38-29C9-49FA-BCFA-D727CA062589}) (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (HKLM-x32\...\{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}) (Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Eudora (HKLM-x32\...\{6BCDFA1F-A5AC-4C01-8448-1D70FC79329A}) (Version: 7.0 - )
EXIF Date Changer v3.3.6 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: - Rellik Software)
Express Uninstaller v3.0 (HKLM-x32\...\Express Uninstaller_is1) (Version: 3.0 - Smart PC Solutions)
Facebook Gameroom 1.20.6618.42311 (HKLM-x32\...\{CF2C7CB9-1009-4EAA-9033-317F4C4C9DA2}) (Version: 1.20.6618.42311 - Facebook)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
fflink (HKLM-x32\...\{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}) (Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
Flip Words (HKLM-x32\...\BFG-Flip Words) (Version: - )
Flip Words v2.3 (HKLM-x32\...\Flip Words_is1) (Version: - HipSoft LLC)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\{22773B3E-818C-3DE5-8CBD-2FF73D97A2F4}) (Version: 63.0.3239.132 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoToMeeting 8.19.0.8126 (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\GoToMeeting) (Version: 8.19.0.8126 - LogMeIn, Inc.)
Gummy Drop! (HKLM-x32\...\BFG-Gummy Drop!) (Version: - )
Icon Restore 1.0 (HKLM-x32\...\Icon Restore_is1) (Version: - Tim Taylor)
IconRestorer 2.0.8.1 SR1 (HKLM-x32\...\IconRestorer Supporters Edition_is1) (Version: - FSL - FreeSoftLand)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
K-Lite Codec Pack 13.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
LibreOffice 6.0.6.2 (HKLM\...\{982E3D14-3F50-412B-A1C2-BC9262E8810F}) (Version: 6.0.6.2 - The Document Foundation)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
netbrdg (HKLM-x32\...\{4537EA4B-F603-4181-89FB-2953FC695AB1}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
NirSoft SysExporter (HKLM-x32\...\NirSoft SysExporter) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OfotoXMI (HKLM-x32\...\{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}) (Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RoboForm 8-5-4-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-5-4-4 - Siber Systems)
RogueKiller version 12.13.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.1.0 - Adlice Software)
SFR (HKLM-x32\...\{DB02F716-6275-42E9-B8D2-83BA2BF5100B}) (Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (HKLM-x32\...\{605A4E39-613C-4A12-B56F-DEFBE6757237}) (Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Shorter Oxford English Dictionary (Sixth Edition) (HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\Shorter Oxford English Dictionary (Sixth Edition)) (Version: - )
skin0001 (HKLM-x32\...\{5316DFC9-CE99-4458-9AB3-E8726EDE0210}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (HKLM-x32\...\{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
staticcr (HKLM-x32\...\{8943CE61-53BD-475E-90E1-A580869E98A2}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Super Finder XT 2.6.3.2 (HKLM-x32\...\Super Finder XT Supporters Edition_is1) (Version: - FSL - FreeSoftLand)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Seeds Program (HKLM-x32\...\The Seeds Program) (Version: 3.0 - CyberNiche Software)
Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.10.20.0 - File.org)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VPRINTOL (HKLM-x32\...\{999D43F4-9709-4887-9B1A-83EBB15A8370}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WakeMeUp! (HKLM-x32\...\{DFA8FEE4-109C-43D4-84CF-4AC724AD1D4E}_is1) (Version: 1.8.5.34 - Highspheres.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WIRELESS (HKLM-x32\...\{F9593CFB-D836-49BC-BFF1-0E669A411D9F}) (Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [RmgShellExtModule] -> {EA31839B-63AA-4550-92CD-D9EEDE3127A9} => C:\Program Files (x86)\Microsoft Pro Photo Tools\MSImgShellExt.dll [2008-09-12] (Microsoft Corp.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-04-19] (Romain Petges)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files (x86)\Attribute Changer\acshell.dll [2016-04-19] (Romain Petges)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [DeskMenu] -> {7E74422F-2393-11D4-98E0-444553540000} => C:\Program Files\Desktop Restore\dkticnsr.dll [2014-07-14] (Jamie O'Connell)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers5-x32: [RmgShellExtModule] -> {EA31839B-63AA-4550-92CD-D9EEDE3127A9} => C:\Program Files (x86)\Microsoft Pro Photo Tools\MSImgShellExt.dll [2008-09-12] (Microsoft Corp.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => C:\Windows\SysWOW64\Layout.dll [2001-05-26] (Microsoft)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023876AA-16E7-468C-892C-93B57A54E74C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08F8541E-1C80-41B0-8F4B-41030DF08AE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {09CFF0EE-00D3-471D-96F1-5FAC8A525B33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {0A8C8A8B-98CC-4208-B885-1C18FFAB2A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0B9B42AB-0272-4F5D-A350-4434B19BF628} - System32\Tasks\{0469D58A-F4AC-4FFE-87C3-63DE0C613505} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {0CF4F649-6E06-49CF-BE8E-75FD82CC78A4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-08-31] (AVG Technologies CZ, s.r.o.)
Task: {0E400F79-2C2E-4290-A6C1-4220B234E30F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-07-26] (AVG Technologies CZ, s.r.o.)
Task: {1A9556A6-E49E-4C88-B982-2DB0E4D4C499} - System32\Tasks\{CEDEAF75-B7F1-419A-9967-BC6FE3751283} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {318E1C3F-F925-42C0-9893-3E3FAE3D4706} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMJJJJNJNJNJNJOJOMCNMJJJNMGMCNLMPMGMJJCNGMKMOMNJCNJJJJMJOJNMNJJJLMMMIMGMMJJNJICMHMCNKMCNLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMMMKMPMJNHICMCJFJHJKJLIJNBJCMLLKJDJDJJNKJCMFJOJMJOIJJKJDJGJMIPLGJPINIG (the data entry has 92 more characters).
Task: {381F4ED1-9E38-4CAF-8C7B-4F15895D59B2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {3DBCE8AE-B626-44F8-BE38-3EF7F4EEAB7C} - System32\Tasks\{9034CCE8-0529-402D-83F5-07AA22336ADA} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\jre-8u181-windows-i586.exe -d C:\Users\Dell\Downloads
Task: {3FBA4D60-7925-43EB-AD7C-4B34703BD104} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {58FB34D6-9791-4A56-8ECC-FC3A80F6695E} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-06-27] (Oracle Corporation)
Task: {5C846CDD-B1F0-43C9-8761-8B0CF50077B7} - System32\Tasks\doPDF 9 Telemetry => C:\Program Files\Softland\novaPDF 9\Driver\GoogleAnalytics.exe [2018-07-18] ()
Task: {60858FC5-C8A1-4E5E-808A-043A56F617EC} - System32\Tasks\{29D149EF-EC65-40D7-B7D7-2190A79A460C} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\FacebookGameroom.exe -d C:\Users\Dell\Downloads
Task: {7121162F-BC9E-4C66-9939-294E66F1046A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-10] (Adobe Systems Incorporated)
Task: {7F79AB50-37D5-485E-986E-2EA604E2BBF5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-23] (AVG Technologies CZ, s.r.o.)
Task: {8B80E63A-F386-48FD-96F4-513A960436D6} - System32\Tasks\{0E59508C-BE36-4B2B-A14A-00D56A47BAC3} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {8BAD118F-802F-4D4F-B311-5598C07764F4} - System32\Tasks\{45FBBD5F-F88A-49D4-A283-B4F373E77EB0} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\install_easyshare.exe -d C:\Users\Dell\Downloads
Task: {8D93E98E-BE62-4DFB-8A7A-06EC0F2C1119} - System32\Tasks\{48F7E6B4-D004-47F3-A1BF-4FBBE2604F19} => C:\Program Files (x86)\FireTrust\MailWasher Pro\MailWasher.exe [2010-06-13] (Firetrust Ltd)
Task: {94802374-423E-48FE-AB8E-619E15EADC39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {98B33931-C937-4487-BE2D-695E6FDE9296} - System32\Tasks\{E8293F52-06BD-4F09-A0BE-35F2B8AAB023} => C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe [2011-02-23] (Eastman Kodak Company)
Task: {9C318BB5-D249-4395-BE69-73F60711DBD4} - System32\Tasks\doPDF 9 Update => C:\Program Files\Softland\novaPDF 9\Driver\UpdateApplication.exe [2018-07-18] ()
Task: {9C8C8189-263A-4E6B-9549-2F3E46721281} - System32\Tasks\G2MUploadTask-S-1-5-21-1400945040-2960571981-3055813832-1000 => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupload.exe [2017-12-22] (LogMeIn, Inc.)
Task: {9E1BCBAC-CB55-447D-A114-9378945C3E05} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2018-09-21] (Siber Systems)
Task: {A5303677-8364-495C-A233-C77CD8C645F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {AA59CDD8-00EC-4974-97B3-6D9585222E27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {B36FE3C1-DA28-470A-AAE2-222A800A8B51} - System32\Tasks\{3F1240AA-27E5-491C-8839-0A7C8598CF0A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Dell\Desktop\Old Documents\Desktop\install_easyshare.exe" -d "C:\Users\Dell\Desktop\Old Documents\Desktop"
Task: {BB3AF36A-B5C0-4778-9BEB-16DD52A24803} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8666C15-E88A-4273-8B50-D876575EAC8A} - System32\Tasks\G2MUpdateTask-S-1-5-21-1400945040-2960571981-3055813832-1000 => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupdate.exe [2017-12-22] (LogMeIn, Inc.)
Task: {C87DFB08-C15A-4B00-B91A-8EDB8D33B5A8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-23] (AVG Technologies CZ, s.r.o.)
Task: {D8035EDB-849A-4550-B60A-C428F7C35949} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-12-20] ()
Task: {E4B4DE7B-E12B-4B31-84C8-96D9A97A9EAE} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E7363191-CDA9-4E4D-873D-D264674A949B} - System32\Tasks\{122501A7-1579-4F3C-9980-D73CC72456D6} => C:\Windows\system32\pcalua.exe -a C:\Users\Dell\Downloads\icon_restore.exe -d C:\Users\Dell\Downloads
Task: {F2C035FD-FF3A-436E-833A-E51F9EA1E7DA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F308AE71-BBC5-4D71-8130-344622D6C01E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {F4C3CCB6-DBBE-4D61-A734-C4DC90CD49F0} - System32\Tasks\EasyShare Registration Task => C:\Windows\system32\rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt _RegistrationOffer@16

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EasyShare Registration Task.job => rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1400945040-2960571981-3055813832-1000.job => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1400945040-2960571981-3055813832-1000.job => C:\Users\Dell\AppData\Local\GoToMeeting\8126\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Dell\Desktop\OLD UNUSED DESKTOP SHORTCUTS\CrossLoop.lnk -> E:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop) -> -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.CrossLoop.com -startup=server
ShortcutWithArgument: C:\Users\Dell\Desktop\Old Documents\Desktop\OLD UNUSED DESKTOP SHORTCUTS\CrossLoop.lnk -> E:\Program Files\CrossLoop\CrossLoopConnect.exe (CrossLoop) -> -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.CrossLoop.com -startup=server

==================== Loaded Modules (Whitelisted) ==============

2016-04-21 15:36 - 2015-02-04 11:51 - 000115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-01 10:37 - 2018-01-01 10:37 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-07-18 19:47 - 2018-07-18 19:47 - 000146736 _____ () C:\Program Files\Softland\novaPDF 9\Server\AgileDotNetRT64.dll
2018-08-31 04:54 - 2018-08-31 04:54 - 000700144 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-08-31 04:54 - 2018-08-31 04:54 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-09-22 22:22 - 2018-09-22 22:22 - 005690608 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18092204\algo.dll
2018-08-31 04:54 - 2018-08-31 04:54 - 000897264 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-08-31 04:53 - 2018-08-31 04:53 - 000542448 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-08-31 04:53 - 2018-08-31 04:53 - 000987888 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2016-11-29 00:28 - 2016-11-29 00:28 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-03-13 05:40 - 2018-03-13 05:40 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2011-02-23 17:24 - 2011-02-23 17:24 - 000406016 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\Kfx.dll
2011-02-23 17:23 - 2011-02-23 17:23 - 000264192 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\AppCore.dll
2011-02-23 17:21 - 2011-02-23 17:21 - 000356352 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\Atlas.dll
2011-02-23 17:19 - 2011-02-23 17:19 - 000237568 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SpiffyExt.dll
2011-02-23 17:38 - 2011-02-23 17:38 - 000234496 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VistaControls.esx
2011-02-23 17:15 - 2011-02-23 17:15 - 000090112 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\LocAcqMod.dll
2011-02-23 17:39 - 2011-02-23 17:39 - 000078848 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\DXRawFormatHandler.esx
2011-02-23 17:11 - 2011-02-23 17:11 - 000062464 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\DibLibIP.dll
2006-03-07 10:05 - 2006-03-07 10:05 - 001564672 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\AreaIFDLL.dll
2011-02-23 17:37 - 2011-02-23 17:37 - 000761856 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\ESCliWicMDRW.esx
2011-02-23 17:17 - 2011-02-23 17:17 - 000152576 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\IStorageMediaStore.esx
2011-02-23 18:00 - 2011-02-23 18:00 - 000684032 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\ESEmail.esx
2011-02-23 17:24 - 2011-02-23 17:24 - 000084480 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\keml40.dll
2011-02-23 17:15 - 2011-02-23 17:15 - 000129536 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\kpries40.dll
2011-02-23 18:55 - 2011-02-23 18:55 - 011503616 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\ESSkin.esx
2009-09-28 21:19 - 2009-09-28 21:19 - 000782336 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxImV.dll
2009-09-28 21:19 - 2009-09-28 21:19 - 000868352 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxBaseV.dll
2009-09-28 21:20 - 2009-09-28 21:20 - 000462848 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxFFV.dll
2009-09-28 21:19 - 2009-09-28 21:19 - 000155648 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxZipV.dll
2009-09-28 21:21 - 2009-09-28 21:21 - 000528384 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxProcV.dll
2009-09-28 21:20 - 2009-09-28 21:20 - 002236416 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxCmpV.dll
2009-09-28 21:21 - 2009-09-28 21:21 - 000847872 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxXML2V.dll
2009-09-28 21:21 - 2009-09-28 21:21 - 001396736 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\SkinuxCommonV.dll
2011-02-23 18:04 - 2011-02-23 18:04 - 000171520 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\Pcd.esx
2011-02-23 17:38 - 2011-02-23 17:38 - 000052224 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\KPCDInterface.dll
2011-02-23 17:36 - 2011-02-23 17:36 - 000143360 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
2011-02-23 17:15 - 2011-02-23 17:15 - 000084480 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\UpdateChecker.esx
2011-02-23 15:25 - 2011-02-23 15:25 - 000010240 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\LocUpdateCheck.dll
2011-02-23 19:02 - 2011-02-23 19:02 - 000339968 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VistaAdapter.esx
2011-02-23 18:01 - 2011-02-23 18:01 - 000098304 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VistaCDBackup.esx
2011-02-23 18:05 - 2011-02-23 18:05 - 000315392 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VistaPrintOnline.esx
2011-02-23 17:55 - 2011-02-23 17:55 - 000688128 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\VPrintOnline.dll
2011-02-23 19:00 - 2011-02-23 19:00 - 000471040 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\Escom.dll
2011-02-23 17:16 - 2011-02-23 17:16 - 000044544 _____ () C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\LocCamBack.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 001184256 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.Core.dll
2018-02-13 22:30 - 2018-02-13 22:30 - 071641088 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libcef.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 000774656 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 003149824 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libglesv2.dll
2018-02-11 09:20 - 2018-02-11 09:20 - 000078848 _____ () C:\Users\Dell\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:036B81D9 [184]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA [229]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:04 - 2018-08-09 22:14 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DS Clock => "C:\Program Files (x86)\DS Clock\DSClock.exe"
MSCONFIG\startupreg: GwxControlPanelMonitor => "C:\Users\Dell\Downloads\GWX_control_panel.exe" /traymode
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: WMUAgent.exe => C:\Program Files (x86)\WakeMeUp\WMUAgent.exe
MSCONFIG\startupreg: WMUTray.exe => C:\Program Files (x86)\WakeMeUp\WMUTray.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{61B32523-F297-498A-8C04-76CE04DC04FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{59F98E38-97D5-4F97-91C1-53AFDF238061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{96FB0B6F-6FB7-4B82-8F82-2C399548C899}] => (Allow) C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
FirewallRules: [{397D9B16-0813-4414-AA35-5126032E1A0E}] => (Allow) C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
FirewallRules: [{099D5AA3-A011-4754-9F67-11DFAB6ADDFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97181567-08F6-434D-9599-E546E8B3DA25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4016BB59-E041-4A44-B400-021CD6929D63}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{04C452D4-A6B5-4722-A351-A3B441F62212}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{07E13034-589E-4007-B819-C73F59624A63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B10D4F1-ED72-41F8-90D6-30BAA75D747A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{FB8B430F-9D36-4C98-8B02-C0034304C074}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{06363EBF-C5B1-4963-BC13-2B8C971A7DC9}] => (Allow) LPort=8501
FirewallRules: [{E2D2B596-72F5-47DB-92FE-85A099AC5CA4}] => (Allow) LPort=8501
FirewallRules: [{44C398B5-0A88-406D-A397-757645A90F68}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{4DDBD175-31DB-4445-AF07-02636DDDE76A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe

==================== Restore Points =========================

12-08-2018 15:55:08 Scheduled Checkpoint
18-08-2018 17:00:33 doPDF 9
10-09-2018 13:14:25 Removed Java 8 Update 171
10-09-2018 13:17:33 Removed Java 8 Update 171 (64-bit)
10-09-2018 13:26:17 Removed Java 8 Update 181
10-09-2018 13:27:40 Removed Windows 7 Upgrade Advisor
10-09-2018 15:34:44 Installed LibreOffice 6.0.6.2
10-09-2018 16:15:35 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
10-09-2018 16:54:50 Removed Java 8 Update 181
10-09-2018 17:11:09 Removed Java 8 Update 181
18-09-2018 14:26:49 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2018 12:29:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0768c302
Faulting process id: 0x1250
Faulting application start time: 0x01d450c4e34fbf50
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 73c324d1-be13-11e8-8bba-001aa0419180

Error: (09/22/2018 10:45:39 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/21/2018 01:20:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 56.0.2.6506 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1564

Start Time: 01d45147a8e5f3d9

Termination Time: 1995

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 5710586c-bd51-11e8-8bba-001aa0419180

Error: (09/21/2018 10:37:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RoboTaskBarIcon.exe, version: 8.5.3.3, time stamp: 0x5b969f9a
Faulting module name: RoboForm.DLL, version: 8.5.3.3, time stamp: 0x5b969f8e
Exception code: 0xc0000094
Fault offset: 0x0060a1a7
Faulting process id: 0x934
Faulting application start time: 0x01d44a2471b2e881
Faulting application path: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Faulting module path: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.DLL
Report Id: aed00edf-bd3a-11e8-8bba-001aa0419180

Error: (09/20/2018 06:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0a30ca22
Faulting process id: 0x93c
Faulting application start time: 0x01d450bf0c77eb22
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 65dc793a-bcb2-11e8-8bba-001aa0419180

Error: (09/20/2018 06:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GummyDrop.exe, version: 0.0.0.0, time stamp: 0x5887956d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0763c4ca
Faulting process id: 0x1b58
Faulting application start time: 0x01d44e8a6df88350
Faulting application path: C:\Program Files (x86)\Gummy Drop!\GummyDrop.exe
Faulting module path: unknown
Report Id: 2d5f1239-bcb2-11e8-8bba-001aa0419180

Error: (09/20/2018 05:31:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EasyShare.exe, version: 8.30.62.106, time stamp: 0x4d658608
Faulting module name: ESSkin.esx, version: 8.30.62.106, time stamp: 0x4d659e49
Exception code: 0xc0000005
Fault offset: 0x005c664c
Faulting process id: 0x10d0
Faulting application start time: 0x01d44f605d385709
Faulting application path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe
Faulting module path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\ESSkin.esx
Report Id: 56cd2b3f-bcab-11e8-8bba-001aa0419180

Error: (09/19/2018 12:29:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EasyShare.exe version 8.30.62.106 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1274

Start Time: 01d44e2775c7b45b

Termination Time: 601

Application Path: C:\Program Files (x86)\Koda\Kodak EasyShare software\bin\EasyShare.exe

Report Id: 73aa1a36-bb53-11e8-8bba-001aa0419180


System errors:
=============
Error: (09/23/2018 09:54:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avgbIDSAgent service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/23/2018 09:54:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avgbIDSAgent service to connect.

Error: (09/23/2018 09:53:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avgbIDSAgent service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/23/2018 09:53:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avgbIDSAgent service to connect.

Error: (09/23/2018 09:50:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (09/23/2018 09:50:32 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
The request is not supported.


To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (09/23/2018 09:50:19 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (09/23/2018 09:50:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 250 milliseconds: Restart the service.


CodeIntegrity:
===================================

Date: 2018-04-20 13:10:12.846
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:12.120
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:11.422
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 13:10:09.617
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.19503_none_f075fe9aec894c91\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:33.942
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:33.251
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:32.098
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-20 12:56:31.339
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.23814_none_f0f5cf9005ae1bf1\bcrypt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) D CPU 3.00GHz
Percentage of memory in use: 42%
Total physical RAM: 4029.61 MB
Available physical RAM: 2328.81 MB
Total Virtual: 8057.41 MB
Available Virtual: 5538.06 MB

==================== Drives ================================

Drive c: (DSK1_VOL1 Coeurl) (Fixed) (Total:465.76 GB) (Free:159.73 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (SECONDARY BACKUP DRIVE) (Fixed) (Total:1863.01 GB) (Free:1700.04 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EC8645A9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 3A8B8C23)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    2.5 KB · Views: 2
Fix result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Dell (23-09-2018 11:54:54) Run:1
Running from C:\Users\Dell\Desktop
Loaded Profiles: Dell (Available Profiles: Dell)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\...\MountPoints2: {bc61dcd2-7345-11e7-8872-001aa0419180} - F:\AutoRun.exe
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
2017-12-17 16:19 - 2017-12-17 16:19 - 000000036 _____ () C:\Users\Dell\AppData\Local\housecall.guid.cache
2016-07-30 09:31 - 2016-07-30 09:31 - 000000022 _____ () C:\Users\Dell\AppData\Local\kodakpcd.ini
2016-05-07 13:13 - 2017-07-27 23:34 - 000007608 _____ () C:\Users\Dell\AppData\Local\Resmon.ResmonCfg
2018-09-22 12:44 - 2017-09-14 01:01 - 001732864 _____ (Microsoft Corporation) C:\Users\Dell\AppData\Local\Temp\dllnt_dump.dll
2018-09-10 12:41 - 2018-09-10 12:41 - 001906040 _____ (Oracle Corporation) C:\Users\Dell\AppData\Local\Temp\jre-8u181-windows-au.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {023876AA-16E7-468C-892C-93B57A54E74C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08F8541E-1C80-41B0-8F4B-41030DF08AE3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0A8C8A8B-98CC-4208-B885-1C18FFAB2A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {381F4ED1-9E38-4CAF-8C7B-4F15895D59B2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {3FBA4D60-7925-43EB-AD7C-4B34703BD104} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {94802374-423E-48FE-AB8E-619E15EADC39} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BB3AF36A-B5C0-4778-9BEB-16DD52A24803} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F2C035FD-FF3A-436E-833A-E51F9EA1E7DA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:036B81D9 [184]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:43A31AEA [229]

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
"HKU\S-1-5-21-1400945040-2960571981-3055813832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc61dcd2-7345-11e7-8872-001aa0419180}" => removed successfully
HKLM\Software\Classes\CLSID\{bc61dcd2-7345-11e7-8872-001aa0419180} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => removed successfully
C:\Users\Dell\AppData\Local\housecall.guid.cache => moved successfully
C:\Users\Dell\AppData\Local\kodakpcd.ini => moved successfully
C:\Users\Dell\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\Dell\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Dell\AppData\Local\Temp\jre-8u181-windows-au.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{023876AA-16E7-468C-892C-93B57A54E74C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{023876AA-16E7-468C-892C-93B57A54E74C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08F8541E-1C80-41B0-8F4B-41030DF08AE3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08F8541E-1C80-41B0-8F4B-41030DF08AE3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A8C8A8B-98CC-4208-B885-1C18FFAB2A92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A8C8A8B-98CC-4208-B885-1C18FFAB2A92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{381F4ED1-9E38-4CAF-8C7B-4F15895D59B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{381F4ED1-9E38-4CAF-8C7B-4F15895D59B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FBA4D60-7925-43EB-AD7C-4B34703BD104}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FBA4D60-7925-43EB-AD7C-4B34703BD104}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94802374-423E-48FE-AB8E-619E15EADC39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94802374-423E-48FE-AB8E-619E15EADC39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB3AF36A-B5C0-4778-9BEB-16DD52A24803}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB3AF36A-B5C0-4778-9BEB-16DD52A24803}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2C035FD-FF3A-436E-833A-E51F9EA1E7DA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2C035FD-FF3A-436E-833A-E51F9EA1E7DA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
C:\ProgramData\TEMP => ":036B81D9" ADS removed successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":43A31AEA" ADS removed successfully

==== End of Fixlog 11:55:29 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
  • Like
Reactions: Kaelkitty
Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Malwarebytes
AVG Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
AVG PC TuneUp
AVG Web TuneUp
AVG PC TuneUp
Java version 32-bit out of Date!
Adobe Flash Player 30.0.0.154
Google Chrome (63.0.3239.132)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
AVG Antivirus AVGSvc.exe
AVG Antivirus AVGUI.exe
AVG Antivirus afwServ.exe
AVG Antivirus x64 aswidsagenta.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 27-01-2016
Ran by Dell (administrator) on 23-09-2018 at 12:40:17
Running from "C:\Users\Dell\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
2018-09-23 03:46:14.348 Sophos Virus Removal Tool version 2.7.0
2018-09-23 03:46:14.348 Copyright (c) 2009-2018 Sophos Limited. All rights reserved.

2018-09-23 03:46:14.348 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-09-23 03:46:14.348 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2018-09-23 03:46:14.348 Checking for updates...
2018-09-23 03:46:16.438 Update progress: proxy server not available
2018-09-23 03:46:37.249 Option all = no
2018-09-23 03:46:37.249 Option recurse = yes
2018-09-23 03:46:37.249 Option archive = no
2018-09-23 03:46:37.249 Option service = yes
2018-09-23 03:46:37.249 Option confirm = yes
2018-09-23 03:46:37.249 Option sxl = yes
2018-09-23 03:46:37.264 Option max-data-age = 35
2018-09-23 03:46:37.264 Option vdl-logging = yes
2018-09-23 03:46:37.264 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-09-23 03:46:37.264 Machine ID: e09f6fbf0e85445d839b03ef5e925249
2018-09-23 03:46:37.264 Component SVRTcli.exe version 2.7.0
2018-09-23 03:46:37.264 Component control.dll version 2.7.0
2018-09-23 03:46:37.264 Component SVRTservice.exe version 2.7.0
2018-09-23 03:46:37.264 Component engine\osdp.dll version 1.44.1.2420
2018-09-23 03:46:37.264 Component engine\veex.dll version 3.73.0.2420
2018-09-23 03:46:37.264 Component engine\savi.dll version 9.0.11.2420
2018-09-23 03:46:37.280 Component rkdisk.dll version 1.5.33.1
2018-09-23 03:46:37.280 Version info: Product version 2.7.0
2018-09-23 03:46:37.280 Version info: Detection engine 3.73.0
2018-09-23 03:46:37.280 Version info: Detection data 5.53
2018-09-23 03:46:37.280 Version info: Build date 7/17/2018
2018-09-23 03:46:37.280 Version info: Data files added 409
2018-09-23 03:46:37.280 Version info: Last successful update (not yet updated)
2018-09-23 03:46:42.854 Downloading updates...
2018-09-23 03:46:42.869 Update progress: [I96736] sdds.svrt_v1.5: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.svrt_v1.5: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.svrt_v1.5: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-09-23 03:46:42.869 Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2018-09-23 03:46:42.869 Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2018-09-23 03:46:42.869 Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2018-09-23 03:46:42.869 Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 390 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ad7a41c629456deac0a017d46c1dfa80x000.xml: 3171 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ad7a41c629456deac0a017d46c1dfa80x000.xml: 94 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: fd178c4041d0f30f22ee33c1a1ff5c93x000.xml: 8673 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: fd178c4041d0f30f22ee33c1a1ff5c93x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE558/d840b66a1f69f417079c28fa0aeb1582x000.xml: 590 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE558/d840b66a1f69f417079c28fa0aeb1582x000.xml: 109 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 598 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 93 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE548/107dc245a5689ba1cd4964b62c503aafx000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE548/107dc245a5689ba1cd4964b62c503aafx000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 530 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 94 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 94 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE549/564f40c936555e7bd11a0669b02f9ce5x000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE549/564f40c936555e7bd11a0669b02f9ce5x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE547/7ed7c972ea5728a2f9cd6af0e14d9dadx000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE547/7ed7c972ea5728a2f9cd6af0e14d9dadx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 601 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 110 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE556/c22eba771b8b9cfbe3b0ab21aeff0681x000.xml: 1093 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE556/c22eba771b8b9cfbe3b0ab21aeff0681x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE557/5ca50e29b49aa7311864a65dd07f0b77x000.xml: 10374 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE557/5ca50e29b49aa7311864a65dd07f0b77x000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 586c199c8fd32f42aca22ae347d03d34x000.xml: 615 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 586c199c8fd32f42aca22ae347d03d34x000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 8cd20e1a1b77f00a7e6e232811055fe1x000.xml: 320 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 8cd20e1a1b77f00a7e6e232811055fe1x000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 753 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 46 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 331 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a7f21eb049126d9fab9994032750a2d3x000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a7f21eb049126d9fab9994032750a2d3x000.xml: 1327 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4cc3aa83d62c1f21721018c23a13d341x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4cc3aa83d62c1f21721018c23a13d341x000.xml: 93 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 44df079c17c27192400c73a86d16785fx000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 44df079c17c27192400c73a86d16785fx000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9e72c50dc4507dfba988367b178eda4ax000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9e72c50dc4507dfba988367b178eda4ax000.xml: 515 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 46 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 46e9b0f78df0d20502af43f391ffc506x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 46e9b0f78df0d20502af43f391ffc506x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: eaba289b0a9e187ed96137c42bf85645x000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: eaba289b0a9e187ed96137c42bf85645x000.xml: 484 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4e261308128b5b42bf54c232030ea27x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4e261308128b5b42bf54c232030ea27x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 79cbe55b537a6b0b088266c4f7851a6fx000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 79cbe55b537a6b0b088266c4f7851a6fx000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a3d97ad39c880616c6265d17c501d956x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a3d97ad39c880616c6265d17c501d956x000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 46 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 500 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 65cd522db300e140cf78cb0c5862d7fex000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 65cd522db300e140cf78cb0c5862d7fex000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 07c618a8e6ddca7e5889870b20467f25x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 07c618a8e6ddca7e5889870b20467f25x000.xml: 515 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 65b7509646b00610cf1732a01f49a46fx000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 65b7509646b00610cf1732a01f49a46fx000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f6ec5061dd7e77923111541727311aa2x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f6ec5061dd7e77923111541727311aa2x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1504a1cc397f0523526e52d5a45ca7f1x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1504a1cc397f0523526e52d5a45ca7f1x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4ac63e69e470a7651fc41a5c5a3aed1fx000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4ac63e69e470a7651fc41a5c5a3aed1fx000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ace8e7b646829af68be5b32bbcc82570x000.xml: 338 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ace8e7b646829af68be5b32bbcc82570x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e6a892842be8d0ea04aa0bf23f938a70x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e6a892842be8d0ea04aa0bf23f938a70x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: bbcf356e78e4155c3580d66d9599d64ax000.xml: 320 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: bbcf356e78e4155c3580d66d9599d64ax000.xml: 484 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 70412806072854f093ce442524ee34cex000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 70412806072854f093ce442524ee34cex000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 21825cbdf17fb5b072735f05b35094e3x000.xml: 332 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 21825cbdf17fb5b072735f05b35094e3x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: dd336620d7d410f82d6cb385633989bex000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: dd336620d7d410f82d6cb385633989bex000.xml: 500 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7306fb2f742389e83d37066b3e33b072x000.xml: 332 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7306fb2f742389e83d37066b3e33b072x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c597a87b490ce67c0f38c8dcedc97ac1x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c597a87b490ce67c0f38c8dcedc97ac1x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a409cfb9c55f9198d1f81fabea1b1448x000.xml: 332 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a409cfb9c55f9198d1f81fabea1b1448x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: fcbf06cb7ba4d9510493135c5e2e4959x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: fcbf06cb7ba4d9510493135c5e2e4959x000.xml: 499 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 781961dbba1e31e53e195001c565ce52x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 781961dbba1e31e53e195001c565ce52x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: cc2b3945cca20ce4f560cd0a366d228fx000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: cc2b3945cca20ce4f560cd0a366d228fx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ce691a3f0112a18f24ebe911741d65d0x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ce691a3f0112a18f24ebe911741d65d0x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 02f31b6dadc02434df2299abe0f2490bx000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 02f31b6dadc02434df2299abe0f2490bx000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 51ea87605db3b31378644d7094899248x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 51ea87605db3b31378644d7094899248x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 428d8cfd2ecc0ead43fa17b9abdc25d9x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 428d8cfd2ecc0ead43fa17b9abdc25d9x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 75a98faa06e4e1c1e0497f2e7c5a6919x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 75a98faa06e4e1c1e0497f2e7c5a6919x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 85bdc006fcc19d505d5953c44b4c78bax000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 85bdc006fcc19d505d5953c44b4c78bax000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 03275e66324332ba5cf5e414ae440745x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 03275e66324332ba5cf5e414ae440745x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4cb919ad1236c9b23b9e86ae7e5dd792x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4cb919ad1236c9b23b9e86ae7e5dd792x000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 684680ae1d0776c0b4939f5c20e9ccf3x000.xml: 333 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 684680ae1d0776c0b4939f5c20e9ccf3x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f04b6ececa1ea9ae4a116200df9063eex000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f04b6ececa1ea9ae4a116200df9063eex000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2f9841dd6da63873633151d88aaebbf0x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2f9841dd6da63873633151d88aaebbf0x000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 026680323426163951b7247391656a73x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 026680323426163951b7247391656a73x000.xml: 94 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d0c9ed52c659ed1450c2b59a1d12ef39x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d0c9ed52c659ed1450c2b59a1d12ef39x000.xml: 94 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c395b4d70a2baa0b153ba1fd7b432bcx000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c395b4d70a2baa0b153ba1fd7b432bcx000.xml: 46 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4b98a560388859a824bab3c71ba4d818x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4b98a560388859a824bab3c71ba4d818x000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ab2ee624e37e890d8c4f30781753cd31x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ab2ee624e37e890d8c4f30781753cd31x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4347614a4b0497f36b1529b0e1d49e76x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4347614a4b0497f36b1529b0e1d49e76x000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 980e9082aa31b750d8352da8f9dcdf66x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 980e9082aa31b750d8352da8f9dcdf66x000.xml: 312 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f881635cbb908488a7406d9b372561ebx000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f881635cbb908488a7406d9b372561ebx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3e352b00c675e8114b8e7a2aa1b6b8f6x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3e352b00c675e8114b8e7a2aa1b6b8f6x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0b8bebe3f11bf3bdd7d735025e9f7cdex000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0b8bebe3f11bf3bdd7d735025e9f7cdex000.xml: 78 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 14da43993ebeed3904c4a25c9cde13e3x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 14da43993ebeed3904c4a25c9cde13e3x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f14a2e24362829dd339f0388c2d07f9ax000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f14a2e24362829dd339f0388c2d07f9ax000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 76214e12627438fd9d0cd9ff0188aa27x000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 76214e12627438fd9d0cd9ff0188aa27x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 891361d7f67a4c69ddf2bcc6435498f6x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 891361d7f67a4c69ddf2bcc6435498f6x000.xml: 63 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 76f5ff24635e576f27f83d58f256401bx000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 76f5ff24635e576f27f83d58f256401bx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f6841d2b4e38552e884b66c4af477047x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f6841d2b4e38552e884b66c4af477047x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9e5d554088e99116ac22d385cb55b88fx000.xml: 877 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9e5d554088e99116ac22d385cb55b88fx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7ba9970e5b00d47753d35c8bf5536349x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7ba9970e5b00d47753d35c8bf5536349x000.xml: 47 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0ddf2440703891ed41c74e99d3b53a7fx000.xml: 1027 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0ddf2440703891ed41c74e99d3b53a7fx000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 97f4f16d51c494e9d51f0aa33d756b03x000.xml: 335 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 97f4f16d51c494e9d51f0aa33d756b03x000.xml: 62 ms
2018-09-23 03:46:42.869 Update progress: [I49502] sdds.data0910.xml: found supplement IDE554 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE554 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE554 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I49502] sdds.data0910.xml: found supplement IDE555 LATEST path= baseVersion= [included from product IDE554 LATEST path=]
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE555 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE555 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I49502] sdds.data0910.xml: found supplement IDE556 LATEST path= baseVersion= [included from product IDE555 LATEST path=]
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE556 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE556 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I49502] sdds.data0910.xml: found supplement IDE557 LATEST path= baseVersion= [included from product IDE556 LATEST path=]
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE557 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE557 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I49502] sdds.data0910.xml: found supplement IDE558 LATEST path= baseVersion= [included from product IDE557 LATEST path=]
2018-09-23 03:46:42.869 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE558 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE558 LATEST path=
2018-09-23 03:46:42.869 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-09-23 03:46:42.869 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c6dabdd85381b968bdd8d578bc00d73bx000.xml: 77124 bytes
2018-09-23 03:46:42.869 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c6dabdd85381b968bdd8d578bc00d73bx000.xml: 437 ms
2018-09-23 03:46:42.869 Update progress: [I19463] Product download size 197878933 bytes
2018-09-23 03:47:46.190 Update progress: [I19463] Syncing product IDE554 LATEST path=
2018-09-23 03:47:46.190 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 44e719233d06e680d25d04c651b57516x000.xml: 29483 bytes
2018-09-23 03:47:46.190 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 44e719233d06e680d25d04c651b57516x000.xml: 624 ms
2018-09-23 03:47:46.190 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 66fd184526be9623963ffea093ea3733x000.xml: 397 bytes
2018-09-23 03:47:46.190 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 66fd184526be9623963ffea093ea3733x000.xml: 62 ms
2018-09-23 03:47:46.190 Update progress: [I19463] Product download size 2861558 bytes
2018-09-23 03:47:47.032 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1c11dcbad3f1d7dc8e20079983ce02bdx000.xml: 5456 bytes
2018-09-23 03:47:47.032 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1c11dcbad3f1d7dc8e20079983ce02bdx000.xml: 62 ms
2018-09-23 03:47:47.469 Update progress: [I19463] Syncing product IDE555 LATEST path=
2018-09-23 03:47:47.469 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ed3c31d91cdbe6f4c5b2ad672e432fcbx000.xml: 37688 bytes
2018-09-23 03:47:47.469 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ed3c31d91cdbe6f4c5b2ad672e432fcbx000.xml: 359 ms
2018-09-23 03:47:47.469 Update progress: [I19463] Product download size 3236987 bytes
2018-09-23 03:47:49.029 Update progress: [I19463] Syncing product IDE556 LATEST path=
2018-09-23 03:47:49.029 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7cd4ca4f18730d24c4a6201531d9eaeex000.xml: 29986 bytes
2018-09-23 03:47:49.029 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7cd4ca4f18730d24c4a6201531d9eaeex000.xml: 156 ms
2018-09-23 03:47:49.029 Update progress: [I19463] Product download size 2518599 bytes
2018-09-23 03:47:49.575 Update progress: [I19463] Syncing product IDE557 LATEST path=
2018-09-23 03:47:49.575 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 77a1d735185cd175e0531ba9cd991315x000.xml: 5108 bytes
2018-09-23 03:47:49.575 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 77a1d735185cd175e0531ba9cd991315x000.xml: 62 ms
2018-09-23 03:47:49.575 Update progress: [I19463] Product download size 379663 bytes
2018-09-23 03:47:49.715 Update progress: [I19463] Syncing product IDE558 LATEST path=
2018-09-23 03:47:49.715 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f430c089bf466bb070b959d79391e4c2x000.xml: 124 bytes
2018-09-23 03:47:49.715 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f430c089bf466bb070b959d79391e4c2x000.xml: 47 ms
2018-09-23 03:47:49.809 Installing updates...
2018-09-23 03:47:51.026 Error level 1
2018-09-23 03:48:26.984 Update successful
2018-09-23 03:49:22.863 Option all = no
2018-09-23 03:49:22.863 Option recurse = yes
2018-09-23 03:49:22.863 Option archive = no
2018-09-23 03:49:22.863 Option service = yes
2018-09-23 03:49:22.863 Option confirm = yes
2018-09-23 03:49:22.863 Option sxl = yes
2018-09-23 03:49:22.863 Option max-data-age = 35
2018-09-23 03:49:22.863 Option vdl-logging = yes
2018-09-23 03:49:22.879 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-09-23 03:49:22.879 Machine ID: e09f6fbf0e85445d839b03ef5e925249
2018-09-23 03:49:22.879 Component SVRTcli.exe version 2.7.0
2018-09-23 03:49:22.879 Component control.dll version 2.7.0
2018-09-23 03:49:22.879 Component SVRTservice.exe version 2.7.0
2018-09-23 03:49:22.879 Component engine\osdp.dll version 1.44.1.2420
2018-09-23 03:49:22.879 Component engine\veex.dll version 3.73.0.2420
2018-09-23 03:49:22.879 Component engine\savi.dll version 9.0.11.2420
2018-09-23 03:49:22.879 Component rkdisk.dll version 1.5.33.1
2018-09-23 03:49:22.879 Version info: Product version 2.7.0
2018-09-23 03:49:22.879 Version info: Detection engine 3.73.0
2018-09-23 03:49:22.879 Version info: Detection data 5.53
2018-09-23 03:49:22.879 Version info: Build date 7/17/2018
2018-09-23 03:49:22.879 Version info: Data files added 409
2018-09-23 03:49:22.879 Version info: Last successful update 9/23/2018 1:18:26 PM
 
Part 2:
2018-09-23 04:49:23.071 Could not open C:\Boot\BCD
2018-09-23 04:49:44.318 Could not open C:\hiberfil.sys
2018-09-23 04:57:08.592 Could not open C:\pagefile.sys
2018-09-23 05:18:17.295 Could not open C:\System Volume Information\{36550c4e-a2ab-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.295 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{6eaf0338-b4a8-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{6eaf04e3-b4a8-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{6eaf0ad9-b4a8-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{6eaf0b89-b4a8-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{80cc4fd9-bee0-11e8-b8ff-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{b5d093d6-b4c9-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{b5d097ca-b4c9-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{d1623ff5-bafe-11e8-8bba-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{d58dce81-b4b5-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:18:17.311 Could not open C:\System Volume Information\{d58dd5cf-b4b5-11e8-99d2-001aa0419180}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-09-23 05:24:58.450 Could not open C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Login Data
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file C:\Users\Dell\AppData\Roaming\Qualcomm\Eudora\attach\Image160729909479.zip
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:52:56.811 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file C:\Users\Dell\AppData\Roaming\Qualcomm\Eudora\attach\WBC-View.html
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:53:12.084 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file C:\Users\Dell\AppData\Roaming\Qualcomm\Eudora\Eudora\attach\Image160729909479.zip
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:54:07.339 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:54:07.355 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file C:\Users\Dell\AppData\Roaming\Qualcomm\Eudora\Eudora\attach\WBC-View.html
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 05:54:20.630 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file C:\Users\Dell\Desktop\Old Documents\AppData\Roaming\Qualcomm\Eudora\attach\Image160729909479.zip
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 06:30:59.534 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file C:\Users\Dell\Desktop\Old Documents\AppData\Roaming\Qualcomm\Eudora\attach\WBC-View.html
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 06:31:12.856 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 06:31:12.872 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 06:31:12.872 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 06:31:12.872 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 06:31:12.872 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 07:17:36.948 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2018-09-23 07:17:36.963 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2018-09-23 07:17:46.932 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2018-09-23 07:17:46.932 Could not open C:\Windows\System32\config\RegBack\SAM
2018-09-23 07:17:46.932 Could not open C:\Windows\System32\config\RegBack\SECURITY
2018-09-23 07:17:46.932 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2018-09-23 07:17:46.932 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2018-09-23 08:03:12.635 Could not open LOGICAL:0003:00000000
2018-09-23 08:03:12.650 Could not open D:\
2018-09-23 08:20:59.333 Could not check E:\Program Files\ATI Technologies\ATI HydraVision\HydraHUN.chm\/MagnifyFX.jpg (format not supported)
2018-09-23 08:30:59.436 >>> Virus 'Mal/Generic-S' found in file E:\Program Files\iPrimus\iConnect\nt5dll.dll
2018-09-23 08:30:59.436 >>> Virus 'Mal/Generic-S' found in file E:\Program Files\iPrimus\iConnect\nt5dll.dll
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 08:30:59.452 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 08:42:02.016 Could not open E:\ProgramData\Oracle\Java\javapath\java.exe
2018-09-23 08:42:02.016 Could not open E:\ProgramData\Oracle\Java\javapath\javaw.exe
2018-09-23 08:42:02.016 Could not open E:\ProgramData\Oracle\Java\javapath\javaws.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file E:\Users\User_2\AppData\Roaming\Qualcomm\Eudora\attach\Image160729909479.zip
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 09:37:57.288 >>> Virus 'Mal/DrodZp-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file E:\Users\User_2\AppData\Roaming\Qualcomm\Eudora\attach\WBC-View.html
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wakemeup.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcchrono.exe
2018-09-23 09:38:11.921 >>> Virus 'Mal/Phish-A' found in file HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\g2minstaller.exe
2018-09-23 11:13:56.105 The following items will be cleaned up:
2018-09-23 11:13:56.123 Mal/DrodZp-A
2018-09-23 11:13:56.123 Mal/Phish-A
2018-09-23 11:13:56.123 Mal/Generic-S
 
Whew! The Sophos Scan took a long time!

That was the only time I think the external (E:..) was checked. I have a pair of identical 2 terabyte drives that I use for backups, but only one is ever plugged in at a given time so that one got scanned but the other one is offline. Should I plug the other one in and repeat the Sophos scan? Let me know, OK,
Ciao, KK.
 
You can scans external drives with your AV program and with MBAM if you want.

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) and AdwCleaner weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo App Manager.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

10. Please, let me know, how your computer is doing.
 
Hi,
I ran the second external drive through Malware Bytes and got this:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/24/18
Scan Time: 7:12 AM
Log File: 89057f74-bf79-11e8-bb34-001aa0419180.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.6975
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dell-PC\Dell

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1128768
Threats Detected: 112
Threats Quarantined: 112
Time Elapsed: 6 hr, 53 min, 58 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 112
MachineLearning/Anomalous.97%, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\OLD DATA\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
MachineLearning/Anomalous.97%, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PREVIOUS DATA\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ADBLOCK.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ASO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FASTMAIL.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FFINFO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\APTPLANER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FINDDUPE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\CODEDLL.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\REGOPT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MEDIAFILESORGANIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ICON MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MEMTUNEUP.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\BLOCKPRG.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\REGCLEAN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FILESPLITANDJOIN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESGREYSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESNEWSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\PRIVPROT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MAILNOTIFY.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\BACKUPMANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\STARTUP MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESDLL.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\STICKYNOTES.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FILEENCRYPT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESDEFSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SHELLEXT.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\LOGONSETTINGS.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\WALLPAPER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSINFO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SPYWARE DETECTIVE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESBLUESKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSTEM OPTIMIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ZIPFIX.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\UNINSTALL MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SECUREDELETE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSBACKUP.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSCLEAN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSTWEAK.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\TASKBAR MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\WINDOWS OPTIMIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\AVG\AVG10\PCTUNEUP\DISKCLEANERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\AVG\AVG10\PCTUNEUP\DISKDEFRAGHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\AVG\AVG10\PCTUNEUP\REGISTRYCLEANERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\AVG\AVG10\PCTUNEUP\AXBROWSERS.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAM FILES\AVG\AVG10\PCTUNEUP\RESCUECENTERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\PROGRAMDATA\AVG10\SETUPBACKUP\TUNEUPX.CAB, Quarantined, [3599], [464521],1.0.6975
MachineLearning/Anomalous.97%, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\USERS\ADMINISTRATOR\DESKTOP\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
MachineLearning/Anomalous.97%, E:\JACKIE BACKUP\DSK1_VOL1 COEURL\USERS\USER_2\DESKTOP\E BOOKS & PDF FILES\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
MachineLearning/Anomalous.97%, E:\OLD DATA\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
MachineLearning/Anomalous.97%, E:\PREVIOUS DATA\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, C:\USERS\DELL\DESKTOP\Old Documents\Desktop\Advanced System Optimizer.lnk, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ASO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\APTPLANER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ADBLOCK.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FFINFO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\CODEDLL.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FASTMAIL.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FINDDUPE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ICON MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\BLOCKPRG.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MEMTUNEUP.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MEDIAFILESORGANIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FILESPLITANDJOIN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\PRIVPROT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\MAILNOTIFY.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\REGOPT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESNEWSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESDLL.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\BACKUPMANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\REGCLEAN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESDEFSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\STICKYNOTES.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\FILEENCRYPT.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SHELLEXT.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SPYWARE DETECTIVE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESGREYSKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\RESBLUESKIN.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\LOGONSETTINGS.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSTEM OPTIMIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSINFO.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\STARTUP MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SECUREDELETE.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\WALLPAPER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSCLEAN.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\ZIPFIX.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\TASKBAR MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\UNINSTALL MANAGER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSBACKUP.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\SYSTWEAK.DLL, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AdvancedSystemOptimizer, E:\PROGRAM FILES\ADVANCED SYSTEM OPTIMIZER\WINDOWS OPTIMIZER.EXE, Quarantined, [3457], [108561],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAM FILES\AVG\AVG10\PCTUNEUP\DISKCLEANERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAM FILES\AVG\AVG10\PCTUNEUP\AXBROWSERS.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAM FILES\AVG\AVG10\PCTUNEUP\DISKDEFRAGHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAM FILES\AVG\AVG10\PCTUNEUP\REGISTRYCLEANERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAM FILES\AVG\AVG10\PCTUNEUP\RESCUECENTERHELPER.DLL, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAM FILES\UNIBLUE\REGISTRYBOOSTER\RB_UBM.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAM FILES\UNIBLUE\REGISTRYBOOSTER\RBNOTIFIER.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAM FILES\UNIBLUE\REGISTRYBOOSTER\REGISTRYBOOSTER.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAM FILES\UNIBLUE\REGISTRYBOOSTER\RB_MOVE_SERIAL.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAM FILES\UNIBLUE\REGISTRYBOOSTER\RBMONITOR.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.AuslogicsBoostSpeed, E:\PROGRAMDATA\AVG10\SETUPBACKUP\TUNEUPX.CAB, Quarantined, [3599], [464521],1.0.6975
PUP.Optional.Uniblue, E:\PROGRAMDATA\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\BM_INSTALLER.EXE, Quarantined, [1329], [357774],1.0.6975
MachineLearning/Anomalous.97%, E:\USERS\ADMINISTRATOR\DESKTOP\DESKTOP\E BOOKS\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\DATA\OFFLINE\33E779AF\E9406707\RBMONITOR.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\DATA\OFFLINE\33E779AF\E9406707\RB_MOVE_SERIAL.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\BM_INSTALLER.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\DATA\OFFLINE\33E779AF\E9406707\RB_UBM.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\DATA\OFFLINE\33E779AF\E9406707\RBNOTIFIER.EXE, Quarantined, [1329], [357774],1.0.6975
PUP.Optional.Uniblue, E:\USERS\USER_2\APPDATA\LOCAL\TEMP\MIAA396.TMP\DATA\OFFLINE\33E779AF\E9406707\REGISTRYBOOSTER.EXE, Quarantined, [1329], [357774],1.0.6975
MachineLearning/Anomalous.97%, E:\USERS\USER_2\DESKTOP\E BOOKS & PDF FILES\THIS_EBOOK_WILL_MAKE_YOU_MONEY.EXE, Quarantined, [0], [392687],1.0.6975
Generic.Malware/Suspicious, E:\USERS\USER_2\DESKTOP\PROGRAM SETUPS\MAILWASHER_PRO_640.EXE, Quarantined, [0], [392686],1.0.6975

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

So it looks like that was a good thing to do!
 
Do you think that the external drives are both clean now? I have also run DelFix.exe. It gave me a fright because all my Startup programs disappeared, but they came back when I restarted my machine. I have looked at the rest of your most recent post and I think I am going to need a bit of help to implement your final suggestions.

I have a few things I want to discuss -

1 - Can I re-install Free File Viewer? or could you suggest a suitable alternative? I need it sometimes to look at the contents of damaged files that won't open for any other program.

2 - I cant keep MalwareBytes running all the time in the background - I'm a bit short of RAM on this system and my normal suite of open programs (2 Firefox Windows, EasyShare, 4 Notepads, and 3 Explorer Windows) plus my TSR's are keeping both the RAM and CPU at near full capacity. I also can't run to the $89 purchase price once the free trial lapses on my pension. Again, are there any alternatives?

3 - I'm having a bit of trouble getting Windows Update to work tonight. I think I'll have to stop for the night (it's 2.30 AM!) and try again tomorrow.

Ciao, KK.
 
Your external drives should be fine.
Are the initial issues gone?

1. Go ahead but make sure you run custom installation so no other crap gets installed.
2. When MBAM runs out of free trial (2 weeks, I believe) it becomes a free version and then it doesn't run in real time.
3. What is the exact issue with updates?
 
3 - I still can't get Windows Update to switch on. The message says "you may need to restart" - I've done that twice with no result. I switched WU off when Microsoft were forcing systems to upgrade to Windows 10. I can't cope with 10 as it won't run my important legacy programs (PFFile, Easyshare, Eudora, etc.) the way that Win 7 does.Update Problem.jpg
4 - I've also installed File Hippo, but that's not working either, it just says "Failed to download program definitions" and nothing happens.

I MAY be out of touch for a couple of days sometime soon. I have a couple of medical procedures coming up - I've got an appointment this afternoon, so hopefully I'll know more after that. I'll try to come back every day, but if I can't I will try to let you know.

Ciao, KK.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
786
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni

Latest posts

Back