Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.02.2019Ran by Burnsie (administrator) on ME (13-02-2019 17:17:01)Running from C:\Users\Burnsie\DesktopLoaded Profiles: Burnsie (Available Profiles: Burnsie)Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: FF)Boot Mode: Safe Mode (with Networking)Tutorial for Farbar Recovery Scan Tool: -frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Malwarebytes) C:\Program Files\Systemy\Malwarebytes\MBAMService.exe(Malwarebytes) C:\Program Files\Systemy\Malwarebytes\mbamtray.exe(Microsoft Corporation) C:\Windows\System32\vds.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe==================== Registry (Whitelisted) ===========================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated -> Synaptics Incorporated)HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeHKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\Video\Quicktime\QTTask.exe" -atboottimeHKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation -> Renesas Electronics Corporation)HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation -> Intel Corporation)HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\Systemy\EaseUS Partition Master 12.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2307472 2017-06-30] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)HKLM-x32\...\RunOnce: [D881A0EC-1C57-4CAF-9B50-628A0E22B681] => cmd.exe /C start /D "C:\Users\Burnsie\AppData\Local\Temp\D881A0EC-1C57-4CAF-9B50-628A0E22B681" /B 0790DA48-0DDA-4B2E-8ACC-6D3C47F5029D.exe -accepteula -accepteulaksn -activeimages -postboot Hewlett-Packard Co.)HKU\S-1-5-21-379828563-891033583-2518000098-1000\...\Run: [HughesNetStatusMeter] => "C:\Program Files (x86)\Systemy\HughesNet Status Meter\HughesNet Status Meter.exe"HKU\S-1-5-21-379828563-891033583-2518000098-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1400232 2016-05-05] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)HKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 080019e8-6019-11e3-bd2d-082e5f805e07 - F:\MotoCastSetup.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 3b5aecd5-a6c7-11e3-b504-082e5f805e07 - F:\LaunchU3.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 5ab116ce-6da5-11e4-a225-74e50b1ee6b0 - F:\LaunchU3.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 6fc23f6b-5872-11e3-b7cb-74e50b1ee6b0 - F:\LaunchU3.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 76ad1ee1-482f-11e5-bef6-082e5f805e07 - F:\VerizonWirelessUpgradeAssistantSetup.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 7b4773ef-984f-11e4-832c-082e5f805e07 - F:\DTLplus_Launcher.exeHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: 91b2f3e8-f699-11e6-bb41-082e5f805e07 - F:\VerizonWirelessUpgradeAssistantSetup.exeHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: caeef8de-80f0-11e6-9f1b-082e5f805e07 - F:\VerizonWirelessUpgradeAssistantSetup.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: d1bfd608-0be7-11e3-aefc-74e50b1ee6b0 - F:\MotoCastSetup.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: f6685e55-9ca3-11e3-9203-082e5f805e07 - I:\LaunchU3.exe -aHKU\S-1-5-21-379828563-891033583-2518000098-1000\...\MountPoints2: f8fb48a3-c779-11e5-b5e9-082e5f805e07 - "F:\WD Drive Unlock.exe" autoplay=trueHKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] ()HKLM\...\Drivers32-x32: [VIDC.LWLR] => C:\Windows\SysWOW64\RGBACodec.dll [38960 2013-11-11] ()HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] ()HKLM\...\Drivers32-x32: [vidc.xvid] => xvidvfw.dllHKLM\Software\Microsoft\Active Setup\Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCacheHKLM\Software\Microsoft\Active Setup\Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCacheHKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-levelHKLM\Software\...\Authentication\Credential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1Tcpip\..\Interfaces\18D9577C-8323-444E-B835-D044FD1FA958: [DhcpNameServer] 192.168.42.129Tcpip\..\Interfaces\5C676548-6151-432D-B8D1-B953060FF100: [DhcpNameServer] 192.168.0.1 192.168.0.1Tcpip\..\Interfaces\A47A00AD-5CAF-416B-A462-27DEF06689F0: [DhcpNameServer] 8.8.8.8 8.8.4.4Tcpip\..\Interfaces\D252FB72-1C14-4B9D-8928-67FEF63DCB12: [DhcpNameServer] 192.168.42.129Internet Explorer:==================HKU\S-1-5-21-379828563-891033583-2518000098-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q=searchTerms&src=IE-SearchBox&FORM=IE10SRHKU\S-1-5-21-379828563-891033583-2518000098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/BHO: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-15] ()BHO: PDF Architect 6 Helper -> 9FD094B1-A4BF-415A-82AE-8C2845D0B769 -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)BHO: Office Document Cache Handler -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-15] ()BHO-x32: Groove GFS Browser Helper -> 72853161-30C5-4D22-B7F9-0BBC1D38A37E -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)BHO-x32: PDF Architect 6 Helper -> 9FD094B1-A4BF-415A-82AE-8C2845D0B769 -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)BHO-x32: Office Document Cache Handler -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)Toolbar: HKLM - PDF Architect 6 Toolbar - E8536605-CA24-4DFF-B1BC-316EE27F6DF7 - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - E8536605-CA24-4DFF-B1BC-316EE27F6DF7 - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH -> pdfforge GmbH)DPF: HKLM 73ECB3AA-4717-450C-A2AB-D00DAD9EE203 hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cabDPF: HKLM-x32 166B1BCA-3F9C-11CF-8075-444553540000 hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabFireFox:========FF ProfilePath: C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default [2019-02-13]FF Homepage: Mozilla\Firefox\Profiles\x1fxsq3m.default -> hxxps://www.google.comFF NetworkProxy: Mozilla\Firefox\Profiles\x1fxsq3m.default -> type", 0FF Extension: (All Downloader Professional) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\alldownloader@link64.xpi [2018-04-10]FF Extension: (Turbo Download Manager (v2)) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\jid0-dsq67mf5kjjhiiju2dfb6kk8dfw@jetpack.xpi [2018-09-02]FF Extension: (Avast SafePrice Comparison, deals, coupons) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\sp@avast.com.xpi [2019-02-11]FF Extension: (Avast Online Security) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\wrc@avast.com.xpi [2019-02-11]FF Extension: (Video DownloadHelper) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\b9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2018-08-01]FF Extension: (DownThemAll!) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\Extensions\DDC359D1-844A-42a7-9AA1-88A850A938A8.xpi [2017-09-15] [Legacy]FF Extension: (Telemetry coverage) - C:\Users\Burnsie\AppData\Roaming\Mozilla\Firefox\Profiles\x1fxsq3m.default\features\406e4642-a507-4898-90c7-7203a9efe95f\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-09] [Legacy]FF HKLM\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpiFF Extension: (PDF Architect 6 Creator) - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpi [2018-09-18]FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_6_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 6\creator\plugins\FirefoxAddin\pdf_architect_6_conv_v.2@pdfforge.org.xpiFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-29] ()FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-02-17] (Cuminas Corporation)FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-15] (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-15] (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA1\MICROS2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-29] ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-02-17] (Cuminas Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA2\MICROS1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA2\MICROS1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\Video\VLC\npvlc.dll [2019-01-10] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\Video\VLC\npvlc.dll [2019-01-10] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\Video\VLC\npvlc.dll [2019-01-10] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\Video\VLC\npvlc.dll [2019-01-10] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\Video\VLC\npvlc.dll [2019-01-10] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)FF Plugin HKU\S-1-5-21-379828563-891033583-2518000098-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Burnsie\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)FF Plugin HKU\S-1-5-21-379828563-891033583-2518000098-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Burnsie\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)Chrome:=======CHR HomePage: Default -> hxxp://www.google.comCHR Profile: C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default [2019-02-13]CHR Extension: (Slides) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-04]CHR Extension: (Docs) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-04]CHR Extension: (Google Drive) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-02]CHR Extension: (YouTube) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-02]CHR Extension: (Avast SafePrice Comparison, deals, coupons) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-05]CHR Extension: (Sheets) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-04]CHR Extension: (Google Docs Offline) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]CHR Extension: (Avast Online Security) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-06]CHR Extension: (Chrome Web Store Payments) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-27]CHR Extension: (Gmail) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-02]CHR Extension: (Chrome Media Router) - C:\Users\Burnsie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-05]CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crxCHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx==================== Services (Whitelisted) ====================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)S2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2011-10-01] (Microsoft Windows Hardware Compatibility Publisher -> AMD)S2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.1\bin\lmgrd.exe [1408904 2012-01-05] (Environmental Systems Research Institute -> Flexera Software, Inc.)S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink -> CyberLink)S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [795152 2016-05-05] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company -> Hewlett-Packard Company)S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-08-26] (Realsil Microelectronics Inc.) [File not signed]R2 MBAMService; C:\Program Files\Systemy\Malwarebytes\mbamservice.exe [6234056 2017-11-01] (Malwarebytes Corporation -> Malwarebytes)S2 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1638704 2012-02-24] (Avid Technology, Inc. -> M-Audio)S3 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14241 2013-10-06] () [File not signed]S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] (Intel Corporation-Wireless Connectivity Solutions -> )S3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)S2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)S2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH -> pdfforge GmbH)S2 rtpMIDIService; C:\Program Files (x86)\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [3958240 2017-08-24] (Tobias Erichsen -> Tobias Erichsen)S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [311808 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331632 2017-06-30] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)===================== Drivers (Whitelisted) ======================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43800 2012-04-25] (Hewlett-Packard Company -> Hewlett-Packard Company)S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9981952 2011-10-01] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [310272 2011-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [164832 2013-07-29] (Intel Corporation-Mobile Wireless Group -> Windows Win 7 DDK provider)R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-11] (AVAST Software s.r.o. -> AVAST Software)R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [21704 2013-03-11] (Polyclef Software -> Mobile Stream)S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [30488 2012-04-25] (Hewlett-Packard Company -> Hewlett-Packard Company)S3 intaud_WaveExtensible; C:\Windows\System32\drivers\intelaud.sys [34200 2012-01-26] (Wireless Display -> Intel Corporation)S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12289472 2011-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)R3 iwdbus; C:\Windows\System32\DRIVERS\iwdbus.sys [25496 2012-01-26] (Wireless Display -> Intel Corporation)S3 MADFUMIDISPORT2010; C:\Windows\System32\DRIVERS\MAudioMIDISPORT_DFU.sys [30512 2012-02-24] (Avid Technology, Inc. -> M-Audio)S3 MAUSBMIDISPORT; C:\Windows\System32\DRIVERS\MAudioMIDISPORT.sys [201008 2012-02-24] (Avid Technology, Inc. -> M-Audio)R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2019-02-13] (Malwarebytes Corporation -> Malwarebytes)R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2011-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror64.sys [13120 2012-08-13] (Hewlett-Packard Company -> Windows Win 7 DDK provider)S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)S3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [535552 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)S3 teVirtualMIDI64; C:\Windows\System32\DRIVERS\teVirtualMIDI64.sys [99896 2016-12-27] (Tobias Erichsen -> Tobias Erichsen)U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-02-13] (Adlice -> )S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2017-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)S3 wdkmd; C:\Windows\System32\DRIVERS\WDKMD.sys [42392 2012-01-26] (Wireless Display -> Intel Corporation)S3 ALSysIO; \??\C:\Users\Burnsie\AppData\Local\Temp\ALSysIO64.sys [X] File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\dllhost.exe => File is digitally signedC:\Windows\SysWOW64\dllhost.exe => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signedLastRegBack: 2019-02-06 12:45==================== End of FRST.txt ============================
FULL PDF Architect 6.1.19.842 Pr
2ff7e9595c
Comments