BefuddledB
Posts: 53 +0
Hi Broni!
I had a web companion for a while, but recently computer has been running slow and crashing a lot. I'm living under a rock with very limited power and an agonizingly slow internet, so please keep my topic active for as long as it takes -- I will stick around till the end.
Many thanks!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by User (administrator) on USER-PC (Hewlett-Packard HP Pavilion dv6 Notebook PC) (19-11-2019 04:22:34)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.12228.20206\OfficeClickToRun.exe
(PowerISO Computing, Inc.) [File not signed] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-05-08] (Lavasoft Software Canada -> Lavasoft)
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\MountPoints2: {23312558-207b-11e9-8379-ac7289c252c1} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\MountPoints2: {9fb92af0-d822-11e8-aa55-ac7289c252c1} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C28CD7-530A-4953-BCC5-021690371834} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042960 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {296BE3F2-8435-4DBD-A973-3F28464DBF50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {2F3CCCD3-CF46-4DE2-80F6-4AB549C147E9} - System32\Tasks\{3B953E3C-891C-4131-8CD3-0642DB8D2E73} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Downloads\Bluetooth hpdv6\sp61617.exe" -d "C:\Users\User\Downloads\Bluetooth hpdv6"
Task: {32A88FCA-D3B0-4A19-9140-38373B94969B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3F92D4D8-1A15-4D8F-9C39-6C069BB93D5C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2414739685-3642484520-4203288351-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {43348884-4E24-4AF6-8A62-4EE50DCC622C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2151992 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {482F3F6C-8AA8-43AE-920E-DB0270CC26E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-17] (Google Inc -> Google Inc.)
Task: {4874A1D2-177A-4F1E-9E14-BDEB50A96B11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058104 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5935E43C-8797-4372-98D6-C95193B42C61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [135704 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6721BCE8-2C3F-4250-9DB3-44ADDD103508} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {78AE1C7E-9FA3-42BC-82E9-8ED455813A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7BE16C90-4BF1-41B2-A01A-47D9C98FA39D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7C30876A-9D75-4064-AA58-DC8C5E6F9FAC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {800BBF29-4D99-4FAE-B40C-F16C01F7A1C0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [135704 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {96176D95-2445-4C0F-A9EA-3235112F8E9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A3BC7E80-598B-448E-98F9-75E000EA2870} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2151992 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC8BBB27-FCFD-479B-8FDA-D70AE0EF5067} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058104 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B67D3B71-B1D4-4CEB-A0C9-5FD66D25E0E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-17] (Google Inc -> Google Inc.)
Task: {CA2010BA-07CB-4E25-91E1-18AEF6BD304A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042960 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCAD9BA1-CCA4-455B-946C-28F22F7FB096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {DC9FE7DB-0187-4AA1-9E77-08F7018D3338} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {DECDB3C5-2DA8-45B3-BC3E-0B04AE6B6A02} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FBCC263E-A47B-4D42-A58E-99C91F2ECD95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {FE82DD8A-B5DE-4227-83C4-8CAEFC4B7F5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {FFD19AA6-7616-4174-B709-757AC2589C98} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{11E4DE98-3DF0-4B24-8DF3-DC73EEC1F140}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2414739685-3642484520-4203288351-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://gr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180508__yaie&p={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 1ai3eh1c.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default [2019-09-19]
FF Homepage: Mozilla\Firefox\Profiles\1ai3eh1c.default -> search.yahoo.com
FF NewTab: Mozilla\Firefox\Profiles\1ai3eh1c.default -> hxxps://gr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180508__yaff
FF Extension: (anonymoX) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default\Extensions\client@anonymox.net.xpi [2018-12-18]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-08]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.gmail.com/","hxxp://www.bbc.co.uk/","hxxp://www.sudantribune.com/","hxxps://www.lrb.co.uk/"
CHR DefaultSearchKeyword: Default -> google.co.jp_
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.yahoo.com; hxxps://www.reddit.com
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-11-19]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-17]
CHR Extension: (TheFreeDictionary.com Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap [2018-04-26]
CHR Extension: (Ultimate Video Saver) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2019-11-19]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-26]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-26]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-07]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-11-11]
CHR Extension: (Google Calendar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2019-04-04]
CHR Extension: (Kindle Cloud Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2018-04-26]
CHR Extension: (anonymoX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2019-11-07]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-11-07]
CHR Extension: (Plugins) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2018-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-07]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-07]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
S3 DSE_USB; C:\Windows\System32\drivers\DSE_USB.sys [336872 2017-10-24] (Jungo Connectivity Ltd. -> Jungo Connectivity)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [85424 2009-03-15] (Fenghua Lee -> PowerISO Computing, Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-19 04:22 - 2019-11-19 04:23 - 000028581 _____ C:\Users\User\Desktop\FRST.txt
2019-11-19 04:21 - 2019-11-19 04:21 - 000000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2019-11-19 04:20 - 2019-11-19 04:23 - 000000000 ____D C:\FRST
2019-11-19 04:10 - 2019-11-19 04:10 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2019-11-19 04:10 - 2019-11-19 04:10 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2019-11-19 04:09 - 2019-11-19 04:09 - 000001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-11-19 04:09 - 2019-11-19 04:09 - 000001924 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-11-19 04:09 - 2019-11-19 04:09 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-11-19 04:09 - 2019-11-19 04:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-11-19 04:08 - 2019-11-19 04:09 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-19 04:08 - 2019-11-19 04:09 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-19 04:08 - 2019-11-19 04:08 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-19 04:08 - 2019-11-19 04:08 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-19 04:08 - 2019-11-19 04:07 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-19 04:08 - 2019-11-19 04:07 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000276952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-11-19 04:06 - 2019-11-19 04:06 - 000000000 ____D C:\Program Files\AVAST Software
2019-11-19 04:05 - 2019-11-19 04:08 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-19 03:45 - 2019-11-19 03:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-14 15:19 - 2019-11-14 15:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-11-11 14:18 - 2019-11-19 02:34 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForUser.job
2019-11-11 14:18 - 2019-11-19 01:59 - 000003180 _____ C:\Windows\system32\Tasks\HPCeeScheduleForUser
2019-11-07 16:32 - 2019-11-07 16:33 - 000079439 _____ C:\Users\User\Desktop\574991 Updated.pdf
2019-11-07 00:07 - 2019-11-07 00:07 - 000066796 _____ C:\Users\User\Desktop\574991.pdf
2019-10-29 12:26 - 2018-08-23 04:54 - 2198277120 _____ C:\Users\User\Desktop\Hereditary.2018.1080p.WEBRip.x264-[YTS.AM].mp4
2019-10-21 07:13 - 2011-12-02 05:03 - 740870510 _____ C:\Users\User\Desktop\The.Ides.of.March.2011.DVDSCR.XviD-playXD.avi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-19 04:21 - 2019-09-11 11:06 - 002260480 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-11-19 04:01 - 2019-09-11 11:11 - 377177560 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_offline.exe
2019-11-19 03:46 - 2018-05-22 23:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-19 03:39 - 2018-05-22 23:59 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-11-19 02:45 - 2009-07-14 07:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-19 02:45 - 2009-07-14 07:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-19 02:34 - 2018-05-22 23:59 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-11-19 02:34 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-19 01:58 - 2009-07-14 08:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-19 01:58 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2019-11-19 01:47 - 2018-04-29 17:13 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2019-11-19 01:43 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-18 04:42 - 2018-04-13 12:03 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2019-11-11 03:34 - 2019-09-04 16:42 - 2053258667 _____ C:\Users\User\Downloads\The.Pervert's.Guide.To.Ideology.2012.mp4
2019-11-11 01:59 - 2018-05-22 23:59 - 000000000 ____D C:\Users\User\AppData\Local\Dropbox
2019-11-07 15:20 - 2018-04-17 20:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 15:20 - 2018-04-17 20:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-07 15:20 - 2018-04-17 20:49 - 000002185 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-07 01:06 - 2018-07-25 14:14 - 000000000 ____D C:\Users\User\Documents\C
2019-11-06 23:46 - 2018-04-17 20:22 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-06 23:46 - 2018-04-17 20:22 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-06 23:45 - 2018-04-17 20:22 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-22 03:17 - 2018-08-08 01:41 - 000000000 ____D C:\Users\User\AppData\Roaming\5KPlayer
==================== Files in the root of some directories ========
2018-12-23 15:31 - 2018-12-23 15:38 - 024568792 _____ (FrostWire LLC) C:\Users\User\AppData\Roaming\Frostwire_setup.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-11-11 02:58
==================== End of FRST.txt ========================
I had a web companion for a while, but recently computer has been running slow and crashing a lot. I'm living under a rock with very limited power and an agonizingly slow internet, so please keep my topic active for as long as it takes -- I will stick around till the end.
Many thanks!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by User (administrator) on USER-PC (Hewlett-Packard HP Pavilion dv6 Notebook PC) (19-11-2019 04:22:34)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.12228.20206\OfficeClickToRun.exe
(PowerISO Computing, Inc.) [File not signed] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7722600 2018-05-08] (Lavasoft Software Canada -> Lavasoft)
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\MountPoints2: {23312558-207b-11e9-8379-ac7289c252c1} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2414739685-3642484520-4203288351-1000\...\MountPoints2: {9fb92af0-d822-11e8-aa55-ac7289c252c1} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C28CD7-530A-4953-BCC5-021690371834} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042960 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {296BE3F2-8435-4DBD-A973-3F28464DBF50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {2F3CCCD3-CF46-4DE2-80F6-4AB549C147E9} - System32\Tasks\{3B953E3C-891C-4131-8CD3-0642DB8D2E73} => C:\Windows\system32\pcalua.exe -a "C:\Users\User\Downloads\Bluetooth hpdv6\sp61617.exe" -d "C:\Users\User\Downloads\Bluetooth hpdv6"
Task: {32A88FCA-D3B0-4A19-9140-38373B94969B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3F92D4D8-1A15-4D8F-9C39-6C069BB93D5C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2414739685-3642484520-4203288351-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {43348884-4E24-4AF6-8A62-4EE50DCC622C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2151992 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {482F3F6C-8AA8-43AE-920E-DB0270CC26E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-17] (Google Inc -> Google Inc.)
Task: {4874A1D2-177A-4F1E-9E14-BDEB50A96B11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058104 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5935E43C-8797-4372-98D6-C95193B42C61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [135704 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6721BCE8-2C3F-4250-9DB3-44ADDD103508} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {78AE1C7E-9FA3-42BC-82E9-8ED455813A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7BE16C90-4BF1-41B2-A01A-47D9C98FA39D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7C30876A-9D75-4064-AA58-DC8C5E6F9FAC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {800BBF29-4D99-4FAE-B40C-F16C01F7A1C0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [135704 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {96176D95-2445-4C0F-A9EA-3235112F8E9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A3BC7E80-598B-448E-98F9-75E000EA2870} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2151992 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC8BBB27-FCFD-479B-8FDA-D70AE0EF5067} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058104 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B67D3B71-B1D4-4CEB-A0C9-5FD66D25E0E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-17] (Google Inc -> Google Inc.)
Task: {CA2010BA-07CB-4E25-91E1-18AEF6BD304A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042960 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCAD9BA1-CCA4-455B-946C-28F22F7FB096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {DC9FE7DB-0187-4AA1-9E77-08F7018D3338} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {DECDB3C5-2DA8-45B3-BC3E-0B04AE6B6A02} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {FBCC263E-A47B-4D42-A58E-99C91F2ECD95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {FE82DD8A-B5DE-4227-83C4-8CAEFC4B7F5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {FFD19AA6-7616-4174-B709-757AC2589C98} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{11E4DE98-3DF0-4B24-8DF3-DC73EEC1F140}: [DhcpNameServer] 192.168.43.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2414739685-3642484520-4203288351-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://gr.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180508__yaie&p={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 1ai3eh1c.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default [2019-09-19]
FF Homepage: Mozilla\Firefox\Profiles\1ai3eh1c.default -> search.yahoo.com
FF NewTab: Mozilla\Firefox\Profiles\1ai3eh1c.default -> hxxps://gr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180508__yaff
FF Extension: (anonymoX) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default\Extensions\client@anonymox.net.xpi [2018-12-18]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1ai3eh1c.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-08]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-06] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.gmail.com/","hxxp://www.bbc.co.uk/","hxxp://www.sudantribune.com/","hxxps://www.lrb.co.uk/"
CHR DefaultSearchKeyword: Default -> google.co.jp_
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.yahoo.com; hxxps://www.reddit.com
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-11-19]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-17]
CHR Extension: (TheFreeDictionary.com Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap [2018-04-26]
CHR Extension: (Ultimate Video Saver) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2019-11-19]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-26]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-26]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-07]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-11-11]
CHR Extension: (Google Calendar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2019-04-04]
CHR Extension: (Kindle Cloud Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2018-04-26]
CHR Extension: (anonymoX) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2019-11-07]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-11-07]
CHR Extension: (Plugins) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2018-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-07]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-07]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-11-19] (AVAST Software s.r.o. -> AVAST Software)
S3 DSE_USB; C:\Windows\System32\drivers\DSE_USB.sys [336872 2017-10-24] (Jungo Connectivity Ltd. -> Jungo Connectivity)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [85424 2009-03-15] (Fenghua Lee -> PowerISO Computing, Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-19 04:22 - 2019-11-19 04:23 - 000028581 _____ C:\Users\User\Desktop\FRST.txt
2019-11-19 04:21 - 2019-11-19 04:21 - 000000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2019-11-19 04:20 - 2019-11-19 04:23 - 000000000 ____D C:\FRST
2019-11-19 04:10 - 2019-11-19 04:10 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2019-11-19 04:10 - 2019-11-19 04:10 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2019-11-19 04:09 - 2019-11-19 04:09 - 000001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-11-19 04:09 - 2019-11-19 04:09 - 000001924 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-11-19 04:09 - 2019-11-19 04:09 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-11-19 04:09 - 2019-11-19 04:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-11-19 04:08 - 2019-11-19 04:09 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-19 04:08 - 2019-11-19 04:09 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-19 04:08 - 2019-11-19 04:08 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-19 04:08 - 2019-11-19 04:08 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-19 04:08 - 2019-11-19 04:07 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-19 04:08 - 2019-11-19 04:07 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000276952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-11-19 04:08 - 2019-11-19 04:07 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-11-19 04:06 - 2019-11-19 04:06 - 000000000 ____D C:\Program Files\AVAST Software
2019-11-19 04:05 - 2019-11-19 04:08 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-19 03:45 - 2019-11-19 03:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-14 15:19 - 2019-11-14 15:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-11-14 15:19 - 2019-11-14 15:19 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-11-11 14:18 - 2019-11-19 02:34 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForUser.job
2019-11-11 14:18 - 2019-11-19 01:59 - 000003180 _____ C:\Windows\system32\Tasks\HPCeeScheduleForUser
2019-11-07 16:32 - 2019-11-07 16:33 - 000079439 _____ C:\Users\User\Desktop\574991 Updated.pdf
2019-11-07 00:07 - 2019-11-07 00:07 - 000066796 _____ C:\Users\User\Desktop\574991.pdf
2019-10-29 12:26 - 2018-08-23 04:54 - 2198277120 _____ C:\Users\User\Desktop\Hereditary.2018.1080p.WEBRip.x264-[YTS.AM].mp4
2019-10-21 07:13 - 2011-12-02 05:03 - 740870510 _____ C:\Users\User\Desktop\The.Ides.of.March.2011.DVDSCR.XviD-playXD.avi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-19 04:21 - 2019-09-11 11:06 - 002260480 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-11-19 04:01 - 2019-09-11 11:11 - 377177560 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_offline.exe
2019-11-19 03:46 - 2018-05-22 23:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-19 03:39 - 2018-05-22 23:59 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-11-19 02:45 - 2009-07-14 07:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-19 02:45 - 2009-07-14 07:45 - 000017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-19 02:34 - 2018-05-22 23:59 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-11-19 02:34 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-19 01:58 - 2009-07-14 08:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-19 01:58 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2019-11-19 01:47 - 2018-04-29 17:13 - 000000000 ____D C:\Users\User\AppData\Roaming\qBittorrent
2019-11-19 01:43 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-18 04:42 - 2018-04-13 12:03 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2019-11-11 03:34 - 2019-09-04 16:42 - 2053258667 _____ C:\Users\User\Downloads\The.Pervert's.Guide.To.Ideology.2012.mp4
2019-11-11 01:59 - 2018-05-22 23:59 - 000000000 ____D C:\Users\User\AppData\Local\Dropbox
2019-11-07 15:20 - 2018-04-17 20:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 15:20 - 2018-04-17 20:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-07 15:20 - 2018-04-17 20:49 - 000002185 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-07 01:06 - 2018-07-25 14:14 - 000000000 ____D C:\Users\User\Documents\C
2019-11-06 23:46 - 2018-04-17 20:22 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-06 23:46 - 2018-04-17 20:22 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-06 23:45 - 2018-04-17 20:22 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-22 03:17 - 2018-08-08 01:41 - 000000000 ____D C:\Users\User\AppData\Roaming\5KPlayer
==================== Files in the root of some directories ========
2018-12-23 15:31 - 2018-12-23 15:38 - 024568792 _____ (FrostWire LLC) C:\Users\User\AppData\Roaming\Frostwire_setup.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-11-11 02:58
==================== End of FRST.txt ========================