flashh4

Moderator
  • Content Count

    2868
  • Joined

  • Last visited

Posts posted by flashh4


  1. Yes reboot ! one more program

     Ok lets do some cleaning of tools/programs we used cleaning !

    Clean up of Malware Removal Tools

    Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

        Download Delfix to your desktop and double click it to start the program here https://www.bleepingcomputer.com/download/delfix/         
        Ensure Remove disinfection tools is ticked
        Also tick:
        o Create registry backup
        o Purge system restore
        o Reset system settings

        o Click Run
        The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

    You can delete any log files left on your desktop as these are no longer needed.


  2. Cammy,

    We need to Run an OTL fix !!
    Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

    Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

        * Double-click OTL.exe to start the program.
        * Copy and Paste the following code below .........  Start with and include the colon plus  :OTL
    Copy everything in RED and Paste into the box in the OTL program !!

    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
    http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
    http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
    http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\
    CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\
     O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O18 - Protocol\Handler\ms-help - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    @ Alternate Data Stream - 260 bytes -> C:\Users\Cam my\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRoo tIdentity

     

    :Commands

    [emptyjava]
    [emptyflash]
    [EMPTYTEMP]
    [RESETHOSTS]
    [CREATERESTOREPOINT]
    [Reboot]


    # Then click the Run Fix button at the top.
    # Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
    Remember to enable your real time protection.

    Post that log next !
    Thanks
    Chuck


  3.  Reddog, got that thanks for refreshing my memory ! Haven't worked or seen a Windows7 log in years !
    This should take care of your problems !!!!!
    We need to Run an OTL fix !!
    Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

    Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

        * Double-click OTL.exe to start the program.
        * Copy and Paste the following code into the http://img.photobucket.com/albums/v317/flashh4/Paste OTL script here.png text box of the OTL tool/program ! Start with and include the colon plus  :OTL
    Copy everything in RED and Paste into the box in the OTL program !!

    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
    http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
    http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll File not found
    [2014/06/21 10:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Extensions
    [2017/11/16 04:15:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\SystemExtensionsDev
    [2019/02/20 07:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\6e85j8dd.default-nightly\extensions
    [2019/02/19 18:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\6e85j8dd.default-nightly\storage\default\moz-extension+++5480134d-53cc-4cce-8067-ea59ccaaa8e9^userContextId=4294967295
    [2019/02/20 03:43:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\6e85j8dd.default-nightly\storage\default\moz-extension+++5480134d-53cc-4cce-8067-ea59ccaaa8e9^userContextId=4294967295\idb
    [2019/02/04 06:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2017/04/22 14:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}
    [2019/02/04 06:21:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2019/02/20 09:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2019/02/19 16:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2016/11/28 15:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2018/09/18 10:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2018/01/01 15:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2018/08/18 21:40:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2017/05/14 03:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\browser-extension-data\[email protected]
    [2016/11/28 15:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extension-data
    [2019/02/16 17:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions
    [2016/02/17 21:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\jetpack\[email protected]
    [2016/02/17 21:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\jetpack\[email protected]\simple-storage
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++878b4117-ee23-407d-a907-ebc73190d394^userContextId=4294967295
    [2019/02/20 07:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++878b4117-ee23-407d-a907-ebc73190d394^userContextId=4294967295\idb
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++ddf873fd-a0e7-4eaa-af29-6fc97d31ca14^userContextId=4294967295
    [2019/02/20 07:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++ddf873fd-a0e7-4eaa-af29-6fc97d31ca14^userContextId=4294967295\idb
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++e0f9627a-d23d-4122-822a-44818910c708^userContextId=4294967295
    [2019/02/20 07:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++e0f9627a-d23d-4122-822a-44818910c708^userContextId=4294967295\idb
    [2018/08/18 18:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++f9130f18-f76c-4c3a-b7c5-287d66ea4177^userContextId=4294967295
    [2019/02/20 07:50:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\storage\default\moz-extension+++f9130f18-f76c-4c3a-b7c5-287d66ea4177^userContextId=4294967295\idb
    [2018/06/22 11:56:43 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\6e85j8dd.default-nightly\extensions\[email protected]
    [2019/02/06 19:17:43 | 004,280,918 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2018/12/15 09:30:04 | 001,783,495 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2019/02/04 17:16:35 | 007,528,085 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2018/07/19 04:37:06 | 003,186,262 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2017/10/03 22:51:36 | 000,077,629 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2018/06/22 02:31:31 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2018/06/22 11:56:43 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\[email protected]
    [2019/02/16 17:11:36 | 000,826,050 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
    [2017/12/03 09:23:31 | 001,331,450 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{489e0c4d-1b32-44eb-bbbf-616b6dfc359f}.xpi
    [2017/12/03 09:23:48 | 000,032,348 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{4e51e6cb-3aa6-4f93-ab88-b55c627add60}.xpi
    [2019/02/04 06:21:30 | 000,486,698 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
    [2016/11/29 06:50:08 | 000,077,280 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{9aba569a-d0cc-427d-bd2a-27bfd7ce544c}.xpi
    [2018/06/27 11:26:37 | 001,297,889 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi
    [2019/02/13 13:12:49 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\features\{0bb2e747-4138-4688-a52b-fe05a201d712}\[email protected]
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_1\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.518_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.209_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.30.6_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.32.3_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
    CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\
     O4 - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001..\Run: [uTorrent] C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    O1364bit: - gopher Prefix: missing
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720


     :Commands

    [emptyjava]
    [emptyflash]
    [EMPTYTEMP]
    [RESETHOSTS]
    [CREATERESTOREPOINT]
    [Reboot]


    # Then click the Run Fix button at the top.
    # Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
    Remember to enable your real time protection.

    Post that log next !
    Thanks
    Chuck


  4. Dog, if you still can't get OTL to run try this program it is a sister to OTL which means they will tell me the things i need !!

    Download DDS and save it to your Desktop.  >>> [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS[/url]


        Double click dds.scr to run the tool.
        If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
        DDS will now scan your computer.
        When the scan is complete, DDS will open two (2) logs:
            DDS.txt
            Attach.txt
        If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
        Please note it is important that you post BOTH logs in your topic.


    Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


    Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com

     

    Chuck


  5. Dog, not sure how to advise you ! XP is also no longer supported by MS so a matter of time before it will stop working !

    Do you not like W10 or have you tried it ??

    What do you mean W10 is inaccessible ??

    Not sure on what updates you are getting !!

    Are you using the new Quantum by FireFox ??

     

    Chuck


  6. OK .... cool ! One more scan then i will write up a fix to clean everything in the registery !!

    This is the correct site Cammy ..... so sorry !!

    This must be run using FireFox Browser !!

    Download OldTimer to your desk top !
    Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr 

    http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
     
    If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

    * Double click OTL.exe to launch the program.
    * Check the following.

    o Scan all users.
    o Standard Output. o Lop check.
    o Purity check. oExtra Registry > Use SafeList  

    * Under Extra Registry section, select Use SafeList
    * Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
    * When finished it will produce two logs.

    o OTL.txt (open on your desktop).
    o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

    * Please post me both logs. This may have to be broken into more than one post !   

     

     


  7. Dog, i just noticed you are using an old old old Operating system !! Why haven't you updated to Windows10 ??? That may be why you are having such problems, microsoft is stopping support for these older systems like yours, that means some programs will no longer work & may shut down !!

    If you can get the OTL program to run & the logs posted i can clean this all up !!

    Chuck


  8. Howdy Cammy and welcome to BestTechie !!!  

    My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

    Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

    If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

    Perform all actions in the order given.

    Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

    Do Not Remove anything or run any tools/programs until advised to do so !


    Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

    If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  

     

    ===================================

     

    Run these programs & post the logs for me !!

     

    " AdwCleaner " - Fix Mode

        * Download AdwCleaner and move it to your Desktop  >>>  https://redirect.viglink.com/?format=go&jsonp=vglnk_153499349896414&key=bf4adfcbb328b51c165afd7f95bfc060&libId=jl5zbctz010000j1000DL5lh1777x&loc=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D131542&v=1&out=http%3A%2F%2Fwww.bleepingcomputer.com%2Fdownload%2Fadwcleaner%2Fdl%2F125%2F&ref=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3Dad4ec49e3bd2fd3367a33c901a13c3c6%26showforum%3D27&title=Potentially Infected%3F Targeted by an Email Scam - Virus%2C Spyware %26 Malware Removal&txt=<strong>AdwCleaner<%2Fstrong> <<<
       *  Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
       *  Accept the EULA (I accept), then click on Scan
       *  Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
       *  Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
        * After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

     

    ===============================

     


    " Malwarebytes Anti-Malware "

    * Please download the Malwarebytes Anti-Malware  >>> https://www.malwarebytes.com/mwb-download/thankyou/  <<<  setup file to your Desktop.  

          OR from this location Here >>>> https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

     
     *  Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
       
    *  Windows Vista, Windows 7 , 8, 8.1 and 10 : Right click and select "Run as Administrator"
       
    *  After the installation IS complete let it update if it asks.

    *  Under SETTINGS.....APPLICATIONS leave everything at default

    *  Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on.

    *  Then go to the Dashboard and click on SCAN NOW

     * Then on the Dashboard click on Scan

     *  Make sure to select THREAT SCAN
     
    * Then click on Scan
        Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.

    *  If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
    *  Upon completion of the scan (or after the reboot), click the Reports tab.
    *  Double-click the Scan Log.
    *  At the bottom click Export and choose Text file.

    Save the file to your desktop and include its content in your next reply.

     

    Thanks

    Chuck

     


  9. Dog, thanks for the logs, are you still getting the notification of "Found Trojan Boaxxe ????

    Also i want to clean that thing up a bit so run me a OTL Scan please !

    Download OldTimer to your desk top !
    Links: https://www.bleepingcomputer.com/download/otl/
     
    If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

    * Double click OTL.exe to launch the program.
    * Check the following.

    o Scan all users.
    o Standard Output. o Lop check.
    o Purity check. oExtra Registry > Use SafeList  

    * Under Extra Registry section, select Use SafeList
    * Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
    * When finished it will produce two logs.

    o OTL.txt (open on your desktop).
    o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

    * Please post me both logs. This may have to be broken into more than one post !   

     

    Thanks

    Chuck


  10. Dog, after you post me the  run these 2 programs & post the logs !!


    " AdwCleaner " - Fix Mode

        * Download AdwCleaner and move it to your Desktop  >>>  https://redirect.viglink.com/?format=go&jsonp=vglnk_153499349896414&key=bf4adfcbb328b51c165afd7f95bfc060&libId=jl5zbctz010000j1000DL5lh1777x&loc=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D131542&v=1&out=http%3A%2F%2Fwww.bleepingcomputer.com%2Fdownload%2Fadwcleaner%2Fdl%2F125%2F&ref=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3Dad4ec49e3bd2fd3367a33c901a13c3c6%26showforum%3D27&title=Potentially Infected%3F Targeted by an Email Scam - Virus%2C Spyware %26 Malware Removal&txt=<strong>AdwCleaner<%2Fstrong> <<<
       *  Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
       *  Accept the EULA (I accept), then click on Scan
       *  Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
       *  Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
        * After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

    ===============================


    " Malwarebytes Anti-Malware "

    * Please download the Malwarebytes Anti-Malware  >>> https://www.malwarebytes.com/mwb-download/thankyou/  <<<  setup file to your Desktop.  

          OR from this location Here >>>> https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

     
     *  Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
       
    Windows Vista, Windows 7 , 8, 8.1 and 10 : Right click and select "Run as Administrator"
       
    *  After the installation IS complete let it update if it asks.

    *  Under SETTINGS.....APPLICATIONS leave everything at default

    *  Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on.

    *  Then go to the Dashboard and click on SCAN NOW

     * Then on the Dashboard click on Scan

     *  Make sure to select THREAT SCAN
     
    * Then click on Scan
        Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.

    *  If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
    *  Upon completion of the scan (or after the reboot), click the Reports tab.
    *  Double-click the Scan Log.
    *  At the bottom click Export and choose Text file.

    Save the file to your desktop and include its content in your next reply.

     

    Thanks

    Chuck


  11. RogueKiller Anti-Malware V13.1.5.0 (x64) [Feb 18 2019] (Free) by Adlice Software
    mail : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
    Started in : Normal mode
    User : Redog [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Signatures : 20190204_072850, Driver : Loaded
    Mode : Standard Scan, Scan -- Date : 2019/02/18 19:34:58 (Duration : 00:11:39)

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    [Suspicious.Path (Potentially Malicious)] (Microsoft Windows) \{C25E3EA9-6D90-410B-B1BE-327DB50560D9} -- C:\Windows\system32\pcalua.exe [-a C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe] -> Found

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    >>>>>> XX - Software
      [PUP.Auslogics (Potentially Malicious)] (X64) HKEY_USERS\.DEFAULT\Software\Auslogics -- N/A -> Found
      [PUP.Auslogics (Potentially Malicious)] (X86) HKEY_USERS\.DEFAULT\Software\Auslogics -- N/A -> Found
      [PUP.Auslogics (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Auslogics -- N/A -> Found
      [PUP.Auslogics (Potentially Malicious)] (X86) HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Auslogics -- N/A -> Found
      [PUP.Auslogics (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-18\Software\Auslogics -- N/A -> Found
      [PUP.Auslogics (Potentially Malicious)] (X86) HKEY_USERS\S-1-5-18\Software\Auslogics -- N/A -> Found
    >>>>>> O87 - Firewall
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{510F28D2-D215-406E-BD94-FDE67FAFE6AC}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe|Name=starwindserviceae.exe|Desc=starwindserviceae.exe|Defer=User| (C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{09D6E20D-231C-4A3F-A590-6FBC014E0394}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe|Name=starwindserviceae.exe|Desc=starwindserviceae.exe|Defer=User| (C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4EA9D09E-7199-4DFF-8414-718072D596E4} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe|Name=??????| (C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe) (missing) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BAD99DAA-0BDF-4244-B106-C45FBB321790} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe|Name=??????| (C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe) (missing) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{510F28D2-D215-406E-BD94-FDE67FAFE6AC}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe|Name=starwindserviceae.exe|Desc=starwindserviceae.exe|Defer=User| (C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{09D6E20D-231C-4A3F-A590-6FBC014E0394}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe|Name=starwindserviceae.exe|Desc=starwindserviceae.exe|Defer=User| (C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4EA9D09E-7199-4DFF-8414-718072D596E4} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe|Name=??????| (C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe) (missing) -> Found
      [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BAD99DAA-0BDF-4244-B106-C45FBB321790} -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe|Name=??????| (C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe) (missing) -> Found
    >>>>>> XX - Explorer Advanced
      [PUM.StartMenu (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -- 0 -> Found
      [PUM.StartMenu (Potentially Malicious)] (X86) HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -- 0 -> Found

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    >>>>>> Firefox Config
      [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\zlom7mr0.default-1455759492844\prefs.js) -- Bing® -> Found
    >>>>>> Chrome Config
      [PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- duckduckgo.com -> Found
      [PUM.SearchPage (Potentially Malicious)] default_search_provider_data.template_url_data.url (C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- https://duckduckgo.com/?q={searchTerms} -> Found


  12. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.02.2019
    Ran by Redog (18-02-2019 19:25:59)
    Running from C:\Users\Redog\Desktop\BestTechie 2 18 2019
    Windows 7 Professional Service Pack 1 (X64) (2011-02-15 07:24:28)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1659189456-1754463573-1767136624-500 - Administrator - Disabled)
    Guest (S-1-5-21-1659189456-1754463573-1767136624-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1659189456-1754463573-1767136624-1002 - Limited - Enabled)
    Redog (S-1-5-21-1659189456-1754463573-1767136624-1001 - Administrator - Enabled) => C:\Users\Redog

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    1Click DVD Copy Pro 4.2.7.9 (HKLM-x32\...\1Click DVD Copy Pro_is1) (Version:  - LG Software Innovations)
    7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
    Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
    Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
    ATI Catalyst Install Manager (HKLM\...\{C5970161-E13E-6661-BBDA-A08268313C83}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
    CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
    Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.9.1.0 - 8pecxstudios)
    CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
    CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6420 - CyberLink Corp.)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2911 - CyberLink Corp.)
    CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
    CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
    CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3708 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3624.52 - CyberLink Corp.)
    CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2820 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 66.4.84 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
    DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
    DVD43 Plug-in v1.0.0.5 (HKLM-x32\...\DVD43 Plug-in_is1) (Version:  - )
    EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - )
    eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    FW LiveUpdate (HKLM-x32\...\{11F5D779-7BD9-465A-BBC4-10701386BCB9}) (Version: 2.0.6.2 - SAMSUNG)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
    Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
    Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
    JHelioviewer (HKLM\...\JHelioviewer) (Version: 2.10.6.7902 - European Space Agency)
    LightScribe System Software (HKLM-x32\...\{A8F1CA85-C713-4B1F-B3B4-B2B7A6824146}) (Version: 1.18.14.1 - LightScribe)
    Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
    Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Streets & Trips 2010 (HKLM-x32\...\{C82185E8-C27B-4EF4-2010-4444BC2C2B6D}) (Version: 17.0.18.2200 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Mozilla Firefox 65.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.1 (x64 en-US)) (Version: 65.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0a1 - Mozilla)
    MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nightly 67.0a1 (x64 en-US) (HKLM\...\Nightly 67.0a1 (x64 en-US)) (Version: 67.0a1 - Mozilla)
    NVIDIA PhysX v8.10.13 (HKLM-x32\...\{AC54E544-3E42-443C-A91D-A00A6974C592}) (Version: 8.10.13 - NVIDIA Corporation)
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
    Opera Stable 58.0.3135.65 (HKLM-x32\...\Opera 58.0.3135.65) (Version: 58.0.3135.65 - Opera Software)
    PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.)
    Quantum of Solace(TM) 1.1 Patch (HKLM-x32\...\{A1644527-B0FF-485B-8412-3C7504A2F188}) (Version: 1.1 - Activision) Hidden
    Quantum of Solace(TM) 1.1 Patch (HKLM-x32\...\InstallShield_{A1644527-B0FF-485B-8412-3C7504A2F188}) (Version:  - ) Hidden
    RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
    Roxio Creator 2011 Pro (HKLM-x32\...\{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}) (Version: 13.0 - Roxio)
    SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
    Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    SecuROM Diagnostic Tool (HKLM-x32\...\SecuROM Diagnostic Tool) (Version:  - Sony DADC Austria)
    SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
    SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
    SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.) Hidden
    SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
    SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
    Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.47 - Creative Island Media, LLC) <==== ATTENTION
    USPS® meter label solution (HKLM-x32\...\{15C77FC3-8137-4A5E-8F81-F559045DD6B0}) (Version: 4.1.801.0 - United States Postal Service)
    VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1659189456-1754463573-1767136624-1001_Classes\CLSID\{4D766FD3-B880-49D3-B7BD-6CF925221E04}\InprocServer32 -> C:\Program Files\Roxio 2011\Virtual Drive 10\DC_ShellExt64.dll (Sonic Solutions -> Sonic Solutions)
    ShellIconOverlayIdentifiers: [            IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers4: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-05] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
    ContextMenuHandlers1_S-1-5-21-1659189456-1754463573-1767136624-1001: [RXDCExtSvr] -> {4D766FD3-B880-49D3-B7BD-6CF925221E04} => C:\Program Files\Roxio 2011\Virtual Drive 10\DC_ShellExt64.dll [2010-07-14] (Sonic Solutions -> Sonic Solutions)
    ContextMenuHandlers2_S-1-5-21-1659189456-1754463573-1767136624-1001: [RXDCExtSvr] -> {4D766FD3-B880-49D3-B7BD-6CF925221E04} => C:\Program Files\Roxio 2011\Virtual Drive 10\DC_ShellExt64.dll [2010-07-14] (Sonic Solutions -> Sonic Solutions)
    ContextMenuHandlers6_S-1-5-21-1659189456-1754463573-1767136624-1001: [RXDCExtSvr] -> {4D766FD3-B880-49D3-B7BD-6CF925221E04} => C:\Program Files\Roxio 2011\Virtual Drive 10\DC_ShellExt64.dll [2010-07-14] (Sonic Solutions -> Sonic Solutions)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {1E5B6A67-9B39-4284-9722-B0E8E6B9CE4B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {2657DCB3-7579-4CFC-B00C-14C008F4D901} - System32\Tasks\Opera scheduled Autoupdate 1472172179 => C:\Program Files (x86)\Opera\launcher.exe (Opera Software AS -> Opera Software)
    Task: {2710E5BB-AF63-4788-AA3B-737A6DB10342} - System32\Tasks\{C25E3EA9-6D90-410B-B1BE-327DB50560D9} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe
    Task: {3837302E-5BBA-4E80-BF59-94F2A7E87B64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
    Task: {3D5BF185-E6A6-459B-8FF6-5C38BE5ABD38} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
    Task: {41950F6C-4D4C-4330-95A8-EE1DFB26F078} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {4651C573-B50A-40D8-BD8C-5B0167A0CA20} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    Task: {529730FA-EDFA-4CAC-9A20-9C528645AE08} - System32\Tasks\SafeZone scheduled Autoupdate 1493273045 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
    Task: {7F2BDFD7-6B08-49BD-9DC3-A55BC4848509} - System32\Tasks\{B8DCE99A-57B2-4562-AC9D-E9EB4E3CAFA1} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
    Task: {7F65631E-6366-407E-BA89-2D894E0F0855} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
    Task: {94D2C0E0-6D9E-4E92-9AA8-4317F897FD5A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
    Task: {B6F9B548-6A71-49ED-AAD0-7C89E653C6E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {BE52FD0B-C39F-4D1C-A4FB-033574800DDF} - System32\Tasks\0 => c:\program files (x86)\internet explorer\iexplore.exe  <==== ATTENTION
    Task: {BFB8F009-B8F7-42B8-90BA-73F87FE16F68} - \AVG_SYS_TASK_0414b -> No File <==== ATTENTION
    Task: {C331862E-2DAD-4CD2-B01E-EA094632A215} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
    Task: {E309D37A-16DC-4BB9-B93F-8E22DBB64110} - System32\Tasks\{8B108E89-F2D8-4470-ADE8-2E7C6E783BB9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/8190
    Task: {F50C117B-40EB-41BE-A628-28C104E57E54} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Redog\Desktop\JHelioviewer.lnk -> C:\Program Files\JHelioviewer\JHelioviewer.bat ()

    ==================== Loaded Modules (Whitelisted) ==============

    2019-02-08 14:22 - 2019-02-08 14:22 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
    2019-02-08 14:22 - 2019-02-08 14:22 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
    2019-02-08 14:22 - 2019-02-08 14:22 - 000556936 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
    2019-02-08 14:22 - 2019-02-08 14:22 - 001174920 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
    2019-02-08 14:22 - 2019-02-08 14:22 - 002024840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
    2019-02-18 18:59 - 2019-02-18 18:59 - 006885008 _____ () C:\Program Files\AVAST Software\Avast\defs\19021804\algo64.dll
    2019-01-04 08:40 - 2019-01-04 08:40 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:373E1720 [126]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\...\localhost -> localhost

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2019-01-04 03:08 - 000000342 _____ C:\Windows\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\DLLShared\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Windows Live\Shared
    HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Redog\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
    FirewallRules: [{39A30931-A93D-473F-AF83-01C55377BFD1}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe No File
    FirewallRules: [{D0D40518-9ADD-445A-B603-F669F0985347}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe No File
    FirewallRules: [{4CB32928-0BB2-450C-A6A8-70F239654456}] => (Allow) E:\setup.exe No File
    FirewallRules: [{1B476FE1-4742-4FF4-B6CF-FE9D1DBEC2BD}] => (Allow) E:\setup.exe No File
    FirewallRules: [{3E53F0C1-EB7C-4596-A86C-14F00EB707D7}] => (Allow) E:\setup.exe No File
    FirewallRules: [{0E8C9104-6797-4A55-AD18-4660070EA52E}] => (Allow) E:\setup.exe No File
    FirewallRules: [{21ED90B9-E419-4E48-8EDE-228115BF8AFB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
    FirewallRules: [TCP Query User{A464F377-C0A3-431A-9683-937AC86543DA}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe No File
    FirewallRules: [UDP Query User{87B7AB44-FECF-4780-8113-D134AC80F0F9}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe No File
    FirewallRules: [{34C39806-BD5B-4C8C-A281-8EC80726386D}] => (Allow) J:\JB 007 Quantum of Solace\JB_LiveEngine_s.exe No File
    FirewallRules: [{6491292C-838C-42C2-88D6-34F7EA4EA979}] => (Allow) J:\JB 007 Quantum of Solace\JB_LiveEngine_s.exe No File
    FirewallRules: [{A4926CAA-5CD7-4BEC-B4AF-BDC09A458CFF}] => (Allow) J:\Damnation\Binaries\DamnGame.exe No File
    FirewallRules: [{AD2D2204-0A64-45DB-A36A-0302968C1F71}] => (Allow) J:\Damnation\Binaries\DamnGame.exe No File
    FirewallRules: [{49C7137B-EABF-4C46-8158-F3228A8C6354}] => (Allow) J:\Moto GP 2008\Launcher.exe No File
    FirewallRules: [{7673FEE9-5B5C-45E0-80E4-4A83E944EBED}] => (Allow) J:\Moto GP 2008\Launcher.exe No File
    FirewallRules: [{815630A0-3CE3-4EFB-AA3A-B71912240BEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\just cause 2\JustCause2.exe No File
    FirewallRules: [{15AF5C7C-B557-41C4-9E7D-29EAE4EC53F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\just cause 2\JustCause2.exe No File
    FirewallRules: [TCP Query User{D7BA6984-D06E-427C-8EE4-665E537713C5}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File
    FirewallRules: [UDP Query User{B35207AA-1DDC-44B7-A383-C5C231330A46}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File
    FirewallRules: [TCP Query User{510F28D2-D215-406E-BD94-FDE67FAFE6AC}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe] => (Allow) C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe ()
    FirewallRules: [UDP Query User{09D6E20D-231C-4A3F-A590-6FBC014E0394}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe] => (Allow) C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@[email protected]\alcohol soft\alcohol 120\starwind\starwindserviceae.exe ()
    FirewallRules: [{FD1EF11E-725D-4C7C-A5F1-1F2F83916F85}] => (Allow) C:\Users\Redog\AppData\Local\Temp\7zS4FC9\hppiw.exe No File
    FirewallRules: [{03036419-1D69-4ECF-8FFE-227AA3ABBC03}] => (Allow) C:\Users\Redog\AppData\Local\Temp\7zS4FC9\hppiw.exe No File
    FirewallRules: [{C122D3D4-47DD-4B21-8955-A057262B23A4}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe No File
    FirewallRules: [{0A08B9F6-4019-4C37-AF17-9C1B10C25773}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe No File
    FirewallRules: [{248C1BEF-DA77-485B-BB62-F9F98856DFB9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
    FirewallRules: [{EF482911-3BCD-4F91-BAEE-1BDE66316942}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
    FirewallRules: [TCP Query User{4A1AE217-FED2-4EC2-83AF-563082038C60}D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe] => (Allow) D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe No File
    FirewallRules: [UDP Query User{15218D78-AE8B-4639-8960-29C060C9D9C0}D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe] => (Allow) D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe No File
    FirewallRules: [{D8E4DB77-BD9E-43D6-BB1B-FE18B759DA76}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{54E28ACF-3236-4370-9D13-AF59014F0603}] => (Allow) LPort=2869
    FirewallRules: [{8D492331-79F5-4C04-944F-B0BAFBBA1DEC}] => (Allow) LPort=1900
    FirewallRules: [{42F7C94A-9733-4DBC-8935-0947FB735F11}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe No File
    FirewallRules: [{CD8030C8-6CF4-4716-92CF-A64FD3CD952B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe No File
    FirewallRules: [{7928B7C7-A23B-46C9-A403-51DC939C7A5C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe No File
    FirewallRules: [{80479EA6-278A-4217-85CE-02E95D0FD693}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe No File
    FirewallRules: [PotPlayer(PotPlayerMini64.exe)] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
    FirewallRules: [{569B3BEA-B8A4-495E-A33E-51C085C6309C}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
    FirewallRules: [TCP Query User{DF0A2401-66B5-4EF5-A9FC-E456238BEFED}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{82A0E11B-E82E-4DAE-B5FF-940E911AA066}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{AA97D4A4-3EF2-4ABE-BBBF-F09EBFFF59D1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{ECB22D2C-68B9-4DBE-B76B-ED4E00BD4114}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe No File
    FirewallRules: [{678DDA5A-F32A-4F8A-99C2-2A1B9DD67DDE}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
    FirewallRules: [{23B62E0F-5CBC-4176-B7A3-60D07C25B5E2}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
    FirewallRules: [{B154FA9B-580F-4547-9B7C-5FD24AD543A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{7840EA81-0B26-4B73-BAC9-EFFB9384E125}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{0D8FC32B-6B35-4DAB-90F1-1AEB2FCF5E46}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{CBDB8B04-789B-4A25-94E2-BD039C9337BA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{4EA9D09E-7199-4DFF-8414-718072D596E4}] => (Allow) C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe No File
    FirewallRules: [{BAD99DAA-0BDF-4244-B106-C45FBB321790}] => (Allow) C:\Users\Redog\AppData\Local\Temp\recinstalldl\RecInst.exe No File
    FirewallRules: [{EF0879A4-D89E-4867-ACED-9B90851F27A0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{0AF7A107-74A7-414B-9132-3354C757A068}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
    FirewallRules: [{1F555AF4-FCBB-4396-9A6E-4740FC529E46}] => (Allow) C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    FirewallRules: [{73927D02-2FC7-4FF2-B053-FF2D137CF997}] => (Allow) C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    FirewallRules: [{621C7B98-E52C-4B9C-A7AB-CB73781A7A81}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
    FirewallRules: [{56BDB50E-9C59-4D9B-BA42-0239C722323C}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{70B2DDFD-B510-4D9C-B42C-091B9C4C8DF2}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{A0A8A8DE-53A0-49CD-A492-7954C94122BA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
    FirewallRules: [{D0913EDE-2422-450E-9E48-FA2F3DDAA8E2}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{97805A04-1016-46AC-BD9E-16AA907B5F8C}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{8E78FCC5-F64E-4833-9EBA-58CF5D8B1458}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{BED7D7E1-4AE5-4C52-BD8F-1D21F36DD11D}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{3D5FB996-DABA-4051-93ED-429003CCA1ED}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [UDP Query User{17D0FAEC-29EC-4500-8F9A-609C215F09F1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [{6E5F3983-CDD5-41AA-863E-2B5AAFF07BCB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
    FirewallRules: [{99C37D8B-B579-4877-B901-9F9E64217AA3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{4B406149-7D00-40B5-891E-1CFC91B98E81}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{1F3B5CDA-A5BF-4F9D-9482-3698BC40FF08}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{5643CDDE-D615-497E-84C0-E60FB1494437}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
    FirewallRules: [{CCB542C8-830C-4B34-9D72-A8B96A6698E5}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.65\opera.exe (Opera Software AS -> Opera Software)

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============

    Name: Standard PS/2 Keyboard
    Description: Standard PS/2 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/12/2019 05:43:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program iexplore.exe version 11.0.9600.19236 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 15e4

    Start Time: 01d4c2bf37b4f506

    Termination Time: 8

    Application Path: C:\Program Files\Internet Explorer\iexplore.exe

    Report Id: 152089fd-2eb3-11e9-ac5d-001e8c308f89

    Error: (02/06/2019 10:18:11 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (02/06/2019 10:18:11 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

    Error: (02/05/2019 08:56:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program iexplore.exe version 11.0.9600.19236 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 52c

    Start Time: 01d4bd574fdeae4b

    Termination Time: 15

    Application Path: C:\Program Files\Internet Explorer\iexplore.exe

    Report Id: e58f68c6-294d-11e9-b743-001e8c308f89

    Error: (02/04/2019 04:51:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: uTorrent.exe, version: 3.4.7.42330, time stamp: 0x5728e5d9
    Faulting module name: uTorrent.exe, version: 3.4.7.42330, time stamp: 0x5728e5d9
    Exception code: 0xc0000005
    Fault offset: 0x0000a80f
    Faulting process id: 0x1c60
    Faulting application start time: 0x01d4bcbfc3a3bedd
    Faulting application path: C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe
    Faulting module path: C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe
    Report Id: 09f3c553-28c7-11e9-b743-001e8c308f89

    Error: (02/04/2019 04:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: uTorrent.exe, version: 3.4.7.42330, time stamp: 0x5728e5d9
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x00000000
    Faulting process id: 0x1c60
    Faulting application start time: 0x01d4bcbfc3a3bedd
    Faulting application path: C:\Users\Redog\AppData\Roaming\uTorrent\uTorrent.exe
    Faulting module path: unknown
    Report Id: 06659adc-28c5-11e9-b743-001e8c308f89

    Error: (02/04/2019 09:32:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program iexplore.exe version 11.0.9600.19236 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 15b8

    Start Time: 01d4bc953169117f

    Termination Time: 0

    Application Path: C:\Program Files\Internet Explorer\iexplore.exe

    Report Id: 9c4c0758-2889-11e9-b743-001e8c308f89

    Error: (02/03/2019 09:00:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.19236 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1b78

    Start Time: 01d4bc2d2f857702

    Termination Time: 20

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:


    System errors:
    =============
    Error: (02/18/2019 06:27:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (02/18/2019 06:27:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

    Error: (02/18/2019 06:27:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (02/18/2019 06:27:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.  It has done this 1 time(s).

    Error: (02/18/2019 06:27:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (02/18/2019 06:27:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The DbxSvc service terminated unexpectedly.  It has done this 1 time(s).

    Error: (02/18/2019 06:27:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The BOT4Service service terminated unexpectedly.  It has done this 1 time(s).

    Error: (02/18/2019 06:27:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
    Percentage of memory in use: 46%
    Total physical RAM: 6143.12 MB
    Available physical RAM: 3285.24 MB
    Total Virtual: 12284.38 MB
    Available Virtual: 9570.25 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:78.53 GB) (Free:7.17 GB) NTFS
    Drive d: () (Fixed) (Total:33.16 GB) (Free:15.97 GB) NTFS
    Drive g: (GG) (Fixed) (Total:25.26 GB) (Free:8.61 GB) NTFS
    Drive h: (HH) (Fixed) (Total:906.24 GB) (Free:200.93 GB) NTFS
    Drive j: (J) (Fixed) (Total:635.25 GB) (Free:170.85 GB) NTFS
    Drive k: (K) (Fixed) (Total:296.13 GB) (Free:122.47 GB) NTFS

    \\?\Volume{233a019b-38ec-11e0-bd54-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EFB24870)
    Partition 1: (Not Active) - (Size=25.3 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=906.2 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 931.5 GB) (Disk ID: 38925EEF)

    Partition: GPT.

    ========================================================
    Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 3955CCBF)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=78.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=33.2 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================