Topic: Pop-up Mania
View Single Post
  #6  
Old December 6th, 2022, 07:23 AM
ThomGuy ThomGuy is offline
Senior Member
 
Join Date: Apr 2004
Posts: 228
Cool Farbar Recovery Texts - FRST Text only

Here are the copies of the two texts you asked me to post in my next response. Please let me know where we go from here...Thanks a TON!

FRST Text:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
Ran by Plyler (administrator) on THOM-GUYS-PUTER (Hewlett-Packard p6633w) (05-12-2022 11:07:44)
Running from C:\Users\Plyler\Downloads
Loaded Profiles: Plyler
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.ex e <2>
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Windows\Temp\OfficeClickToRun.exe.bak ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe <2>
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe <4>
(explorer.exe ->) (DVDFab Software Inc. -> ) C:\Program Files\DVDFab\DVDFab 12\updateTemp\LiveUpdate.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (MiTAC International Corporation -> MiTAC) C:\Users\Plyler\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentM anager.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plantronics Inc -> Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Eastman Kodak Company -> Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\OfficeClickToRun.exe.bak
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(services.exe ->) (Plantronics Inc -> Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Sonic Solutions -> CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MU I.exe [2045440 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1882048 2017-03-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [249080 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe [5417880 2022-10-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MU I.exe [2045440 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw (No File)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 ] (Flexera Software, Inc. -> Flexera Software, Inc.)
HKLM-x32\...\Run: [PLTHub.exe] => C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe [2980096 2022-03-08] (Plantronics Inc -> Plantronics, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\...\Run: [Magellan Update Manager] => C:\Users\Plyler\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\mgnContentM anager.exe [2705672 2016-01-20] (MiTAC International Corporation -> MiTAC)
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\...\Run: [cdloader] => C:\Users\Plyler\AppData\Roaming\mjusbsp\cdloader2. exe [51592 2014-07-04] (magicJack, L.P. -> magicJack L.P.)
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\...\Run: [8a79325d96fa7854028b7313db93c02c] => C:\Program Files (x86)\DVDFab\DVDFab 12\LiveUpdate.exe [4549960 2022-11-25] (DVDFab Software Inc. -> )
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\...\Run: [611dd93a9b5c578be68b17d997792402] => C:\Program Files\DVDFab\DVDFab 12\LiveUpdate.exe [5343048 2022-11-30] (DVDFab Software Inc. -> )
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31314832 2022-05-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1261503980-111145729-2002240722-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\KODAK EASYSHARE All-in-One Printer: C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR .dll [232960 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Windows x64\Print Processors\sugo1PC: C:\Windows\System32\spool\prtprocs\x64\sugo1pc.dll [33792 2007-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\HP 7012 Status Monitor: C:\Windows\system32\hpinksts7012LM.dll [328704 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8620): C:\Windows\system32\HPDiscoPM7012.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\KODAK EASYSHARE All-in-One Printer: C:\Windows\system32\EKIJ5000MON.dll [612352 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Print\Monitors\PDFC: C:\Windows\system32\pdfc_port.dll [19464 2009-10-14] (PDF Complete -> PDF Complete, Inc.)
HKLM\...\Print\Monitors\sugo1 Langmon: C:\Windows\system32\sugo1l6.dll [22016 2007-01-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.123\Ins taller\chrmstp.exe [2022-11-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-09-28] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Plyler\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8620.lnk [2022-11-09]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet Pro 8620.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet Pro 8620\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41CB6116;CONNECTION=USB;MONITOR=1;
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00703FCC-DD14-42EC-8F6C-BEC489BC96E9} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {018B5A55-A707-4186-9CAD-46C53DB775DE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614304 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {033F1EE2-BF99-4581-8948-FB945E8B263E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {051F777E-D044-4C92-892B-BDA05BCD76E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {05646168-5CA0-45BC-8A13-3E80BB0D42B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D23EB7D-D9DC-443B-978E-2BA51462EBB4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160664 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {283FD750-702D-479D-B79A-BA8BB5C7C359} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2013-11-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {2BA81144-FA64-4B6D-B3D7-33B34AC4E967} - System32\Tasks\SoftUpdateLogon => C:\Users\Plyler\AppData\Local\SoftUpdate\SoftUpdat e.exe (No File)
Task: {305232D7-8F4C-46E8-B857-070320759703} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck .log
Task: {4336C17E-EB9B-4304-9F4F-3D8180ED23C1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-25] (Hewlett-Packard Company -> )
Task: {44E0345D-2270-4328-8B1F-471FDD490DD2} - System32\Tasks\{5F63A069-F3F3-4769-9861-1EE2D07D7028} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {483A867D-81A6-4D7F-AF35-777A3E9E9ECA} - System32\Tasks\AVG\AVG Driver Updater Update => C:\Program Files\Common Files\AVG\Icarus\avg-du\icarus.exe [6827776 2022-10-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {48978CB4-CEE0-4B93-8389-B8283D62DE68} - System32\Tasks\AVG\AVG Driver Updater BugReport => C:\Program Files\AVG\Driver Updater\AvBugReport.exe [4738968 2022-10-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 149 --programpath "C:\Program Files\AVG\Driver Updater\Setup\.." --configpath "C:\Program Files\AVG\Driver Updater\Setup" --path "C:\ProgramData\AVG\Driver Updater\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 89dc7883-521e-422d-a5c9-faefd599e237
Task: {4B0A2585-F17A-4814-9187-5892B21382A6} - System32\Tasks\{81E5A1D1-EBB7-4674-B451-17488579F613} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {52616C2E-8076-4B77-8FE8-0331AA34BD4A} - System32\Tasks\{C5BFEF8E-ED6B-46E0-A251-911BFCFAB783} => C:\Windows\system32\pcalua.exe -a E:\polaroid\runsetup.exe -d E:\polaroid
Task: {5631E1A9-9438-459D-A79D-C37043EF788E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6022207F-1359-468F-ABCB-281C9E3A1831} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {649B80E8-90F1-4422-9614-19D7706DC515} - System32\Tasks\{4C52F6D3-FB86-4053-B9E7-AD5088AAB913} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {6F0BBE22-2A22-4CDC-92E2-274AD33143D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [1061752 2018-06-28] (HP Inc. -> HP Inc.)
Task: {7080FE3C-0A24-47AE-B7F0-0EDA8FA63782} - System32\Tasks\HPCeeScheduleForPlyler => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [95800 2011-07-15] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {7B0547E8-4D86-4500-9FF1-E5706B591820} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {7D1664E5-0567-4D82-9E38-24483A07A34B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F39D77A-84D1-4FBB-9545-449F3F8754C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [12344 2014-04-08] (Hewlett-Packard Company -> Microsoft)
Task: {81BEB585-2552-46E2-BED8-5C2DF4711E8F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [720320 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {982358F2-C041-48F1-9D91-111F4C213382} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {A2DFA01F-8CBF-4ECE-BACA-343C2AB0A700} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {A55D13B1-8E20-4EDB-AD8E-8B71E3FAC6FF} - System32\Tasks\SoftUpdateDaily => C:\Users\Plyler\AppData\Local\SoftUpdate\SoftUpdat e.exe (No File)
Task: {AA8C571E-3D04-4CD0-A4C6-83C5B753A108} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614304 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAAA9E48-9488-408E-9896-48F47A6F285C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF929B8F-E7CE-488E-B04E-4C1B23CD1434} - System32\Tasks\{FDBD18DE-21E9-496A-83D8-2A957F6C47BF} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {B3A14C95-A072-4F5B-9BFA-F613D88D0413} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [28048 2022-05-19] (Garmin International, Inc. -> )
Task: {BB6E6AC2-A312-4E8D-9229-A5EE49EABD95} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [1234000 2013-01-17] (AVG Technologies -> )
Task: {BE252804-8073-497C-A1C1-0B416C76FD54} - System32\Tasks\{D3A814CF-C92A-40E8-ABB2-BD9E91A5ECF0} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {C440816D-82A1-47A8-A5B4-55E7BC5404A5} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4973816 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {CB5DB1AB-FD6E-478D-9629-C86D228606B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2013-11-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {CC95B410-8576-4100-9CD8-1EBFF2AB3750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {CE37644F-D006-4237-B026-C4663CC24BC6} - System32\Tasks\0814avtUpdateInfo => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe [2774040 2014-08-19] (AVG Technologies -> )
Task: {D3624055-4B0B-4EAC-A82E-90AD93F9C315} - System32\Tasks\{28091A93-4AAE-43FD-86F7-B769445C390B} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {D69EFD44-4B60-48B8-966A-F79C3B160C68} - System32\Tasks\1015avUpdateInfo => C:\ProgramData\Avg_Update_1015av\1015av_AVG-Secure-Search-Update.exe [2782096 2015-10-11] (AVG Technologies CZ, s.r.o. -> )
Task: {DB253699-1ABF-4BF1-98FF-188B30E90848} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-03-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E34B2CF1-8A10-4291-9826-0101190F05EE} - System32\Tasks\{EAD30B7A-0ADB-43E9-B0BE-4B3C7C869676} => C:\Windows\system32\pcalua.exe -a C:\Users\Plyler\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {EC514F39-6088-4B4D-A4BD-F114D03D9564} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe /c (No File)
Task: {EF4FB8B7-3F6F-4A74-BCED-91D1825FD9B6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-05-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F5A8EB08-1229-4A61-A05D-46222C965221} - System32\Tasks\{5D1012FD-2312-42F7-8F44-0F47E1C9684C} => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (No File)
Task: {F7D28AEB-7294-4557-8611-6AA0C2BF189C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160664 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F80470B8-371F-4C15-B80D-18991BD5CB2A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [720320 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA18EF06-8A64-46FA-B05E-B8D8A73CA1E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584 2014-05-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {FA89BE80-5DB0-4611-B5C4-A4F8815F9E74} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0814avtUpdateInfo.job => C:\ProgramData\Avg_Update_0814avt\0814avt_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1015avUpdateInfo.job => C:\ProgramData\Avg_Update_1015av\1015av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPlyler.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50147;https=127.0.0.1:50147
Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{A4135E6D-F80C-4278-9AEC-01D3729E9F36}: [DhcpNameServer] 192.168.40.1

Edge:
=======
Edge Profile: C:\Users\Plyler\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-29]

FireFox:
========
FF ProfilePath: C:\Users\Plyler\AppData\Roaming\Mozilla\Firefox\Pr ofiles\n2cgeacx.default-1534608051811 [2022-11-30]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfeeŽ WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2022-03-31] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\system32\npdeployJava1.dll [2013-01-19] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1 .dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1261503980-111145729-2002240722-1000: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesk top\instances\0.9.13.1\npHDPlg.dll [] (Hulu -> Hulu LLC)
FF Plugin HKU\S-1-5-21-1261503980-111145729-2002240722-1000: magellangps.com/mgnContentManager -> C:\Users\Plyler\AppData\Roaming\MiTAC Digital Corporation\mgnContentManager\3.0.0.00\npmgnConten tManager.dll [2016-01-20] (MiTAC International Corporation -> MiTAC Digital Corp.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Default [2022-12-05]
CHR Notifications: Default -> hxxps://butterwithasideofbread.com; hxxps://care.siriusxm.com; hxxps://chatsupport.apple.com; hxxps://drfone.wondershare.com; hxxps://en.softonic.com; hxxps://hibid.com; hxxps://internationalliving.com; hxxps://mg.mail.yahoo.com; hxxps://mystore1.store; hxxps://searchmanuals.net; hxxps://us.letgo.com; hxxps://www.allrecipes.com; hxxps://www.bhphotovideo.com; hxxps://www.buycarparts.co.uk; hxxps://www.dvdfab.cn; hxxps://www.facebook.com; hxxps://www.macworld.com; hxxps://www.proozy.com; hxxps://www.reddit.com; hxxps://www.thelegacyreport.com; hxxps://www.thestreet.com; hxxps://www.yahoo.com; hxxps://www2.intelius.com
CHR HomePage: Default -> hxxp://www.yahoo.com/
CHR StartupUrls: Default -> "hxxp://www.yahoo.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US91088G0&p={searchTerms }
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafe e_searchassist&command={searchTerms}
CHR Extension: (Yahoo Partner) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaffhmecfaelkngcbnfdkcckmi llnoki [2020-09-27]
CHR Extension: (Google Docs Offline) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2022-12-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-29]
CHR Profile: C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-02]
CHR Profile: C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-15]
CHR HomePage: Profile 1 -> hxxp://www.yahoo.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.bc3.edu"
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US662G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> mcafee
CHR DefaultSuggestURL: Profile 1 -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafe e_searchassist&command={searchTerms}
CHR Extension: (McAfeeŽ WebAdvisor) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-15]
CHR Extension: (Google Calendar) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-03-20]
CHR Extension: (Save to Google Drive) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2022-02-25]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-10-15]
CHR Extension: (Google Play) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2021-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-20]
CHR Extension: (Office) - C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2021-03-20]
CHR Profile: C:\Users\Plyler\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [628984 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [628984 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8575536 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CinemaNow Service; C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [400368 2010-06-12] (Sonic Solutions -> CinemaNow, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11138952 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\AVG\Driver Updater\DriverUpdSvc.exe [7702424 2022-10-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [972936 2022-03-31] (McAfee, LLC -> McAfee, LLC)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete -> PDF Complete Inc)
R2 PlantronicsUpdateService; C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe [2101504 2022-03-08] (Plantronics Inc -> Plantronics, Inc.)
S3 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1089536 2019-06-30] (Corel Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S2 Avg; "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc [X]
S3 avgm; "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /medsvc [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.lo g" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [42416 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [238288 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [382568 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [306200 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [106520 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [48648 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [276632 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [564416 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2020-06-19] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [114632 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [90120 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [863104 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [672440 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [222120 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [328040 2022-11-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 CSRBC; C:\Windows\System32\Drivers\csrbcx64.sys [38400 2022-03-08] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-10-16] (Corel Corporation -> Corel Corporation)
R0 PxHlpa64; C:\Windows\SysWOW64\drivers\PxHlpa64.sys [64480 2015-09-17] (Corel Corporation -> Corel Corporation)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64A.sys [738328 2012-05-04] (Kworld Computer Co., Ltd. -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64A.sys [1226136 2012-05-04] (Kworld Computer Co., Ltd. -> eMPIA Technology, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-05 11:07 - 2022-12-05 11:09 - 000039254 _____ C:\Users\Plyler\Downloads\FRST.txt
2022-12-05 11:07 - 2022-12-05 11:08 - 000000000 ____D C:\FRST
2022-12-05 11:03 - 2022-12-05 11:03 - 002375680 _____ (Farbar) C:\Users\Plyler\Downloads\FRST64.exe
2022-12-05 03:58 - 2022-12-05 03:58 - 000000000 ____H C:\Users\Plyler\BIT21AB.tmp
2022-11-30 01:14 - 2022-11-30 01:14 - 000000000 ____D C:\Users\Plyler\AppData\Roaming\3216
2022-11-13 00:11 - 2022-11-13 00:11 - 000000000 ____D C:\1Pittsburgh_Casting_photos

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-05 11:08 - 2010-09-01 20:47 - 000000000 ____D C:\ProgramData\PDFC
2022-12-05 10:51 - 2012-08-24 00:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-05 10:33 - 2009-07-13 23:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-05 10:33 - 2009-07-13 23:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-05 03:58 - 2022-03-01 15:57 - 000003192 _____ C:\Windows\system32\Tasks\HPCeeScheduleForPlyler
2022-12-05 03:58 - 2022-03-01 15:57 - 000000336 _____ C:\Windows\Tasks\HPCeeScheduleForPlyler.job
2022-12-05 03:58 - 2010-10-31 21:56 - 000000000 ____D C:\Users\Plyler
2022-12-04 23:09 - 2016-08-01 09:37 - 000000000 ____D C:\Users\Plyler\Documents\DVDFab
2022-12-04 12:25 - 2016-04-04 18:00 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-01 04:04 - 2009-07-14 00:13 - 000006230 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-30 16:52 - 2012-08-24 00:18 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-30 01:13 - 2018-06-17 18:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-11-28 02:01 - 2020-10-14 14:20 - 000000000 ____D C:\1Comics
2022-11-17 21:45 - 2022-06-06 15:54 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2022-11-17 21:45 - 2019-12-18 18:18 - 000003630 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Officejet Pro 8620
2022-11-17 21:45 - 2017-12-19 14:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-11-17 21:45 - 2017-03-17 10:13 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2022-11-17 21:45 - 2016-12-19 09:57 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003852 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2016-12-06 01:04 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-17 21:45 - 2015-11-08 19:00 - 000002460 _____ C:\Windows\system32\Tasks\1015avUpdateInfo
2022-11-17 21:45 - 2015-11-08 19:00 - 000000338 _____ C:\Windows\Tasks\1015avUpdateInfo.job
2022-11-17 21:45 - 2014-12-29 22:54 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-11-17 21:45 - 2014-08-29 08:03 - 000002446 _____ C:\Windows\system32\Tasks\0814avtUpdateInfo
2022-11-17 21:45 - 2014-08-29 08:03 - 000000324 _____ C:\Windows\Tasks\0814avtUpdateInfo.job
2022-11-17 21:45 - 2012-08-24 00:15 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineU A
2022-11-17 21:45 - 2012-08-24 00:15 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-11-17 21:45 - 2010-10-31 22:51 - 000003246 _____ C:\Windows\system32\Tasks\SidebarExecute
2022-11-17 16:51 - 2022-10-13 00:02 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-14 15:15 - 2019-01-17 03:34 - 000382568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2022-11-13 10:32 - 2014-07-28 13:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-13 10:31 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2022-11-13 10:28 - 2016-05-29 01:11 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-13 00:10 - 2016-06-22 07:55 - 001550336 ___SH C:\Users\Plyler\Downloads\Thumbs.db
2022-11-09 09:48 - 2010-11-22 22:14 - 000000000 ____D C:\ProgramData\Kodak
2022-11-09 09:47 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-09 03:15 - 2013-08-14 20:48 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 03:01 - 2010-12-02 22:25 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-11-05 09:31 - 2014-10-15 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-05 09:31 - 2014-10-15 23:04 - 000000000 ____D C:\Program Files (x86)\Java
2022-11-05 09:29 - 2014-10-15 23:04 - 000168096 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories ========

2017-04-21 12:49 - 2017-04-01 11:54 - 000000087 _____ () C:\Users\Plyler\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
2017-12-10 22:40 - 2017-12-10 22:40 - 000000171 _____ () C:\Users\Plyler\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2017-12-10 22:40 - 2018-09-15 11:51 - 000000904 _____ () C:\Users\Plyler\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-05-22 21:15 - 2019-05-22 21:15 - 000000171 _____ () C:\Users\Plyler\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2017-12-10 22:40 - 2017-12-10 22:40 - 000000175 _____ () C:\Users\Plyler\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2016-10-15 10:47 - 2016-10-15 10:47 - 000099384 _____ () C:\Users\Plyler\AppData\Roaming\inst.exe
2016-10-15 10:47 - 2016-10-15 10:47 - 000007859 _____ () C:\Users\Plyler\AppData\Roaming\pcouffin.cat
2016-10-15 10:47 - 2016-10-15 10:47 - 000001167 _____ () C:\Users\Plyler\AppData\Roaming\pcouffin.inf
2016-10-15 10:49 - 2016-10-15 10:49 - 000000034 _____ () C:\Users\Plyler\AppData\Roaming\pcouffin.log
2016-10-15 10:47 - 2016-10-15 10:47 - 000082816 _____ (VSO Software) C:\Users\Plyler\AppData\Roaming\pcouffin.sys
2014-06-07 23:38 - 2014-06-07 23:38 - 000000041 _____ () C:\Users\Plyler\AppData\Roaming\WB.CFG
2014-05-03 21:44 - 2016-03-21 15:41 - 000090572 _____ () C:\Users\Plyler\AppData\Local\installer.log
2019-04-15 11:37 - 2020-11-13 11:19 - 000007619 _____ () C:\Users\Plyler\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-12-03 00:55
==================== End of FRST.txt==================
Reply With Quote