No access to open a Twitter account.

---

[HEADING=1]Malwarebytes AdwCleaner 8.3.1.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 11-18-2021[/HEADING]
[HEADING=1]Database: 2021-12-02.1 (Cloud)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Scan[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 01-19-2022[/HEADING]
[HEADING=1]Duration: 00:00:25[/HEADING]
[HEADING=1]OS: Windows 7 Home Premium[/HEADING]
[HEADING=1]Scanned: 32027[/HEADING]
[HEADING=1]Detected: 70[/HEADING]
***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.LoadMoney C:\ProgramData\Partner
PUP.Optional.AuslogicsBoostSpeed C:\ProgramData\Auslogics\BoostSpeed
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus C:\Users\Julie\AppData\Local\slimware utilities inc
PUP.Optional.SpeeDial C:\Users\Julie\AppData\Roaming\Speedial
PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\L ocal\LavasoftTcpService
Rogue.ForcedExtension C:\ProgramData\apn

***** [ Files ] *****

PUP.Optional.Legacy C:\ProgramData\YouTube Downloader\ytd_installer.exe
PUP.Optional.Legacy C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy C:\Windows\SysWOW64\lavasofttcpservice.dll
PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpService64.dll
PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\AppID{93469602-4134-4012-A6BC-3E73B9855F90}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\AppID{93469602-4134-4012-A6BC-F0AD1C3D66AB}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\Interface{3A3310BE-83DD-4E80-AC51-997CA2BA1080}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\Interface{3CC2E0D5-193C-4192-B8BA-C0B2C19C6B87}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-863B4A40A1A1}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-CBF4ABB4456D}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Auslogics\BoostSpeed
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\AppID{93469602-4134-4012-A6BC-3E73B9855F90}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\AppID{93469602-4134-4012-A6BC-F0AD1C3D66AB}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\Interface{3A3310 BE-83DD-4E80-AC51-997CA2BA1080}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\Interface{3CC2E0 D5-193C-4192-B8BA-C0B2C19C6B87}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-863B4A40A1A1}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-CBF4ABB4456D}
PUP.Optional.DriverUpdate HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{97C97FAC-9153-409E-A9C8-A19AFABE7547}|DisplayName
PUP.Optional.DriverUpdate HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{97C97FAC-9153-409E-A9C8-A19AFABE7547}|Publisher
PUP.Optional.Legacy HKCU\Software\APN PIP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uni nstall\PDF Reader Packages
PUP.Optional.Legacy HKCU\Software\YahooPartnerToolbar
PUP.Optional.Legacy HKLM\Software\Classes\Installer\UpgradeCodes\50D2B AFD096C90345A82B25A790BDF69
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF 69
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
PUP.Optional.WebCompanion HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Di agnosedApplications\WebCompanion.exe
PUP.Optional.WebCompanion HKLM\Software\Classes\AppID{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTc pService.exe
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy Web Search
PUP.Optional.Legacy iZito UK
PUP.Optional.Legacy support.mindspark.com

***** [ Firefox (and derivatives) ] *****

---

[HEADING=1]Malwarebytes AdwCleaner 8.3.1.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 11-18-2021[/HEADING]
[HEADING=1]Database: 2021-12-02.1 (Cloud)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Scan[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 01-19-2022[/HEADING]
[HEADING=1]Duration: 00:00:34[/HEADING]
[HEADING=1]OS: Windows 7 Home Premium[/HEADING]
[HEADING=1]Scanned: 32027[/HEADING]
[HEADING=1]Detected: 70[/HEADING]
***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.LoadMoney C:\ProgramData\Partner
PUP.Optional.AuslogicsBoostSpeed C:\ProgramData\Auslogics\BoostSpeed
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus C:\Users\Julie\AppData\Local\slimware utilities inc
PUP.Optional.SpeeDial C:\Users\Julie\AppData\Roaming\Speedial
PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\L ocal\LavasoftTcpService
Rogue.ForcedExtension C:\ProgramData\apn

***** [ Files ] *****

PUP.Optional.Legacy C:\ProgramData\YouTube Downloader\ytd_installer.exe
PUP.Optional.Legacy C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy C:\Windows\SysWOW64\lavasofttcpservice.dll
PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpService64.dll
PUP.Optional.Legacy C:\Windows\System32\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\AppID{93469602-4134-4012-A6BC-3E73B9855F90}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\AppID{93469602-4134-4012-A6BC-F0AD1C3D66AB}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\Interface{3A3310BE-83DD-4E80-AC51-997CA2BA1080}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\Interface{3CC2E0D5-193C-4192-B8BA-C0B2C19C6B87}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-863B4A40A1A1}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-CBF4ABB4456D}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Auslogics\BoostSpeed
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\AppID{93469602-4134-4012-A6BC-3E73B9855F90}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\AppID{93469602-4134-4012-A6BC-F0AD1C3D66AB}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\Interface{3A3310 BE-83DD-4E80-AC51-997CA2BA1080}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\Interface{3CC2E0 D5-193C-4192-B8BA-C0B2C19C6B87}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-863B4A40A1A1}
PUP.Optional.AuslogicsBoostSpeed HKLM\Software\Wow6432Node\Classes\TypeLib{F2C6F7D1-ED32-49E5-9919-CBF4ABB4456D}
PUP.Optional.DriverUpdate HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{97C97FAC-9153-409E-A9C8-A19AFABE7547}|DisplayName
PUP.Optional.DriverUpdate HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{97C97FAC-9153-409E-A9C8-A19AFABE7547}|Publisher
PUP.Optional.Legacy HKCU\Software\APN PIP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uni nstall\PDF Reader Packages
PUP.Optional.Legacy HKCU\Software\YahooPartnerToolbar
PUP.Optional.Legacy HKLM\Software\Classes\Installer\UpgradeCodes\50D2B AFD096C90345A82B25A790BDF69
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF 69
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{EE171732-BEB4-4576-887D-CB62727F01CA}
PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
PUP.Optional.WebCompanion HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\Di agnosedApplications\WebCompanion.exe
PUP.Optional.WebCompanion HKLM\Software\Classes\AppID{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTc pService.exe
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy MyStart Search
PUP.Optional.Legacy Web Search
PUP.Optional.Legacy iZito UK
PUP.Optional.Legacy support.mindspark.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\Identity Card
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT
Preinstalled.AcerPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run |Acer ePower Management
Preinstalled.AcerRegistration Folder C:\Program Files (x86)\ACER\REGISTRATION
Preinstalled.AcerRegistration Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\Acer Registration
Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.GatewayMyBackup Folder C:\Program Files (x86)\NEWTECH INFOSYSTEMS
Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Run|BackupManagerTray
Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{72B776E5-4530-4C4B-9453-751DF87D9D93}
Preinstalled.GatewayWelcomeCenter File C:\Users\Julie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{3DB0448D-AD82-4923-B305-D001E521A964}

AdwCleaner[S00].txt - [8124 octets] - [19/01/2022 16:48:53]
AdwCleaner[S01].txt - [8185 octets] - [19/01/2022 16:52:13]
AdwCleaner[S02].txt - [8246 octets] - [19/01/2022 18:38:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
THATS IT MAL AND THANKS…Bren

Post FRST logs/

Reset Internet Settings.

Download and unzip internet Flush.zip to your desktop right click it run as Administrator. Reboot the machine to apply the settings.

Hit enter after each command below.

1. Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator
2. Once Command Prompt has started enter the following command. nbtstat -R
3. Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -RR
   4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown -r

Have you tried a different browser or in safe mode as suggested? I moved your thread since you declined the malware tools.

Mal’, I’m back Iv’e got my courage finger working again. Iv’e just scanned with FRST and have lots of worrying info (logs). Shall I post these logs? I was tempted to download firefox but can I use a link to Twitter on my google toolbar that I have gained with firefox ? If so that could be a cowards way out for me. OH, and thanks for your help Mal’.

You can download Firefox . Just to see if it works with Twitter. This is just for testing purposes you can delete it later if you want.

Also. It’s your choice to post the Frst and Addition.txt logs. I am only trying to help you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by Julie (administrator) on JULIE-PC (Acer Aspire 5742Z) (21-01-2022 12:40:19)
Running from C:\Users\Julie\Desktop
Loaded Profiles: Julie
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. → Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. → Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Apple Inc. → Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCra shHandler.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCra shHandler64.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\aswEngSrv.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\aswToolsSvc.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe <4>
(Avast Software s.r.o. → AVAST Software) C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe
(Dritek System Inc. → Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Google Inc → Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC → Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler. exe
(Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler6 4.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation → Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation → Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation → Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation → Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation → Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation → Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Windows → Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oracle America, Inc. → Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd → Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation → SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SEIKO EPSON CORPORATION → Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated → Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated → Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tenorshare Co.,Ltd. → Tenorshare Co,Ltd) C:\Users\Julie\AppData\Roaming\Tenorshare\Service\ configs\TenorshareWinAdService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated → Synaptics Incorporated)
HKLM...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [157464 2021-12-22] (Avast Software s.r.o. → AVAST Software)
HKLM-x32...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation → Intel Corporation)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. → Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1015958238-104019070-1073425079-1001...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd → Piriform Software Ltd)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. → Adobe Systems Incorporated)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001...\Run: [EPSDNMON] => “” (No File)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001...\MountPoints2: {b93eeb5b-d911-11e2-afed-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1015958238-104019070-1073425079-1001...\MountPoints2: {b93eeb78-d911-11e2-afed-1c7508075e16} - E:\AutoRun.exe
HKLM...\Windows x64\Print Processors\Epson Inkjet: C:\Windows\System32\spool\prtprocs\x64\EP0NPP01.DL L [38912 2009-07-14] (Microsoft Windows → SEIKO EPSON CORPORATION)
HKLM...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows → SEIKO EPSON CORPORATION)
HKLM...\Print\Monitors\EPSON SX235 Series 64MonitorBE: C:\Windows\system32\E_ILMHLE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION → SEIKO EPSON CORPORATION)
HKLM...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-09] (SEIKO EPSON CORPORATION) [File not signed]
HKLM...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] → C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Insta ller\chrmstp.exe [2022-01-18] (Google LLC → Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] → C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Instal ler\chrmstp.exe [2021-12-16] (Avast Software s.r.o. → AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → “C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Inst aller\chrmstp.exe” --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. → Adobe Systems, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] → “C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installe r\chrmstp.exe” --configure-user-settings --verbose-logging --system-level
HKLM\Software...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation → Microsoft Corp.)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [162816 2014-06-25] (Google) [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0117885C-F471-481B-AF24-E7A390BA4C5F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [4969240 2021-12-22] (Avast Software s.r.o. → AVAST Software)
Task: {04F69B74-EC96-4B74-B681-5399DAE61C1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001UA => C:\Users\Julie\AppData\Local\Facebook\Update\Faceb ookUpdate.exe [138096 2013-05-24] (Facebook, Inc. → Facebook Inc.)
Task: {07214C40-FC58-43DF-A351-6DDC8717ECA6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (No File)
Task: {0B2442AC-2FEC-4EAB-9DD5-01EBD83A9842} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd → Piriform)
Task: {1B1FA68B-191A-46CF-B891-BC2F5427832D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. → Avast Software)
Task: {1F080B6A-4EA4-4F74-AEA7-9A2CBFB25B23} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. → Adobe)
Task: {24ED96C9-6732-4F79-8D73-3750E7B7C9AE} - System32\Tasks\GoogleUpdateTaskMachineCore1d1b446f 8176a70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {2B38A6C0-82A4-4BCD-AAAA-7841390C2332} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. → Adobe Inc.)
Task: {2DCF0360-7FCF-4BE1-A737-ED5090D8D66C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck (No File)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotificatio n → No File <==== ATTENTION
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe → /Change /TN “\Adobe Acrobat Update Task” /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe → /Change /TN “\Adobe Flash Player NPAPI Notifier” /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe → /Change /TN “\CCleaner Update” /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe → /Change /TN “\CCleanerSkipUAC - Julie” /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe → /Change /TN “\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}” /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe → /Change /TN “\AVAST Software\Gaming mode Task Scheduler recovery” /DISABLE
Task: {3FBA77F7-AB69-4054-8BBD-F0E659D66043} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-09-11] (Adobe Inc. → Adobe)
Task: {46E71975-9FEC-48C1-A351-BC45105DB10F} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e436747 67ea7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {5FCC383F-FCE0-4B1E-A227-FB7520A83905} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {62D509A6-7C13-4716-9D9A-BDE99C9C844F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e4367 4326fc8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {696B7F7C-B698-4766-8829-D9ED7AF5ED2C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline → No File <==== ATTENTION
Task: {6F557987-C4C1-4B35-8574-D80B5D49D5B7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask → No File <==== ATTENTION
Task: {714A14CC-6769-4518-B9C1-F3D6C8FBB7B4} - System32\Tasks{E1505612-22B8-451D-8486-6592F09545BE} => E:\v-safe100vista.exe (No File)
Task: {73761025-E098-4440-BAEF-8614A295DCA1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. → AVAST Software)
Task: {742A29B3-FAC0-436E-9051-3C4D11FC30AB} - System32\Tasks\EPSON XP-243 245 247 Series Update {DC991F4C-5C81-462F-BB66-060684119797} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.E XE [690536 2013-11-22] (SEIKO EPSON CORPORATION → SEIKO EPSON CORPORATION)
Task: {7DB17E19-484E-4769-9340-BC9D82D29201} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001Core => C:\Users\Julie\AppData\Local\Facebook\Update\Faceb ookUpdate.exe [138096 2013-05-24] (Facebook, Inc. → Facebook Inc.)
Task: {89B2FB60-383B-496A-B1B1-D29A4A38B5E4} - System32\Tasks\GoogleUpdateTaskMachineUA1d1b446f8e b44e8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {8CB243B3-D59B-4CA4-96ED-F3DA690CE313} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. → AVAST Software)
Task: {92B472B9-89DD-4307-9EAC-D506A61DFBBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {92FF7EB3-1493-4092-816F-20BB6262495C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck (No File)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation (No File)
Task: {9B1D34AD-7EF6-4AF6-9224-A3DF4AA4FE5F} - System32\Tasks\CCleanerSkipUAC - Julie => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd → Piriform Software Ltd)
Task: {A0C6C617-AA0E-41E8-9E9F-91B29EB14591} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. → AVAST Software)
Task: {A1A4A082-740A-46EA-8D9B-4D3D0447B5FB} - System32\Tasks{AA8603A6-8832-4AB7-807D-38690D27054B} => E:\v-safe100vista.exe (No File)
Task: {A47B4D50-87A9-4843-BDA1-7BE98A75A02D} - System32\Tasks\avastBCLRestartS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifica tions => C:\Windows\System32\LocationNotificationWindows.ex e (No File)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent → No File <==== ATTENTION
Task: {BEB57C8B-6FAA-4E7F-A7C2-5ED5D22CCC3D} - System32\Tasks\RealDownloaderRealUpgradeScheduledT askS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck (No File)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDete ctor → No File <==== ATTENTION
Task: {DABF5233-2AB0-4045-B648-81B76672BF1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc → Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectio nPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {F0BA7721-470D-4D3E-8907-CC6ABA035850} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. → AVAST Software)
Task: {F62D6AE0-E573-46AE-B050-FE9C4B159D5C} - System32\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.E XE [690536 2013-11-22] (SEIKO EPSON CORPORATION → SEIKO EPSON CORPORATION)
Task: {F782550E-1425-4981-9AE5-2DECBC174AF1} - System32\Tasks{C9F8E299-BEF1-4F23-BD7E-F6BF00D8DBF1} => E:\v-safe100vista.exe (No File)
Task: {F9DEB8D1-CC12-486B-9966-93173D486AFC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionF ailureDetector → No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.E XE:/EXE:{CBE7393D-3042-462F-BE76-DF15FEA518E1} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {DC991F4C-5C81-462F-BB66-060684119797}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.E XE:/EXE:{DC991F4C-5C81-462F-BB66-060684119797} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001Core.job => C:\Users\Julie\AppData\Local\Facebook\Update\Faceb ookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001UA.job => C:\Users\Julie\AppData\Local\Facebook\Update\Faceb ookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e43 674326fc8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e4367 4767ea7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation → Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation → Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. → Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation → Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation → Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. → Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{8E80C6D0-8488-4DDD-987D-7FCE39713730}: [DhcpNameServer] 192.168.0.1
[HEADING=1]FireFox:[/HEADING]
FF HKLM-x32...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\Browser Plugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_ 255.dll [2019-09-11] (Adobe Inc. → )
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_ 255.dll [2019-09-11] (Adobe Inc. → )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 → C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc → Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 → C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserU pdate3.dll [2020-11-01] (Avast Software s.r.o. → AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 → C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserU pdate3.dll [2020-11-01] (Avast Software s.r.o. → AVAST Software)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. → Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default [2022-01-21]
CHR Notifications: Default → hxxps://www.youtube.com
CHR HomePage: Default → hxxp://www.ighome.com/
CHR RestoreOnStartup: Default → “hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSdAxaAF8TQxhGclwLTA1DRwwOIQALV BQXE1ZHdQFcBwxJEVcFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE 8WGJKLl1XFg==”
CHR StartupUrls: Default → “hxxp://www.ighome.com/”
CHR DefaultSearchURL: Default → hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7
CHR DefaultSearchKeyword: Default → google.com_
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmn hjmhfn [2015-03-11]
CHR Extension: (YouTube) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-26]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihc jkigck [2021-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-22]
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-14]
CHR HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [fkkcgfbgohboipdhliafmacjnhjbhmim]
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx
CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. → Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-09-11] (Adobe Inc. → Adobe)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [8480848 2021-12-22] (Avast Software s.r.o. → AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. → AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [452888 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R2 avast! Tools; C:\Program Files\Alwil Software\Avast5\aswToolsSvc.exe [452888 2021-12-22] (Avast Software s.r.o. → AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. → AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevat ion_service.exe [1721904 2021-12-15] (Avast Software s.r.o. → AVAST Software)
R2 AvastWscReporter; C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe [56912 2021-06-26] (Avast Software s.r.o. → AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe [90776 2014-03-20] (Microsoft Corporation → Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe [128648 2017-04-21] (Microsoft Dynamic Code Publisher → Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION → Seiko Epson Corporation)
S3 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopManager.exe [81408 2014-06-25] (Google) [File not signed]
R2 TenorshareWinAdService; C:\Users\Julie\AppData\Roaming\Tenorshare\Service\ configs\TenorshareWinAdService.exe [53472 2020-03-26] (Tenorshare Co.,Ltd. → Tenorshare Co,Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows → Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation → Microsoft Corp.)
S2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
S2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. → AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-22] (Avast Software s.r.o. → AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-22] (Avast Software s.r.o. → AVAST Software)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corp → Realtek Semiconductor Corporation)
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-21 12:40 - 2022-01-21 12:41 - 000031750 _____ C:\Users\Julie\Desktop\FRST.txt
2022-01-21 12:38 - 2022-01-21 12:40 - 000000000 ____D C:\FRST
2022-01-21 12:37 - 2022-01-21 12:37 - 002311680 _____ (Farbar) C:\Users\Julie\Desktop\FRST64.exe
2022-01-19 16:47 - 2022-01-19 19:21 - 000000000 ____D C:\AdwCleaner
2021-12-22 21:16 - 2021-12-22 21:16 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-22 21:16 - 2021-12-22 21:16 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-21 12:30 - 2010-07-13 11:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-21 12:24 - 2016-05-22 16:28 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineU A1d1b446f8eb44e8
2022-01-21 12:24 - 2016-05-22 16:28 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineC ore1d1b446f8176a70
2022-01-21 12:05 - 2021-11-08 16:59 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Julie
2022-01-21 12:05 - 2018-04-01 10:21 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2022-01-21 12:05 - 2018-03-29 07:08 - 000003872 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-21 12:05 - 2017-03-02 11:43 - 000003980 _____ C:\Windows\system32\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}
2022-01-21 12:05 - 2017-03-02 11:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}.job
2022-01-21 12:05 - 2015-12-03 12:58 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-01-21 12:05 - 2014-12-26 10:51 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-01-21 12:03 - 2012-08-27 02:02 - 000000000 ____D C:\Program Files\CCleaner
2022-01-21 11:15 - 2009-07-14 04:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-21 11:15 - 2009-07-14 04:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-20 21:29 - 2017-03-19 17:57 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-01-20 11:18 - 2018-10-27 14:26 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-01-20 11:18 - 2011-02-23 12:50 - 000000000 ____D C:\Users\Julie
2022-01-20 11:18 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-20 11:13 - 2010-07-13 11:54 - 000000000 ____D C:\Program Files (x86)\Acer
2022-01-20 11:13 - 2010-07-13 11:52 - 000000000 ____D C:\ProgramData\Acer
2022-01-20 11:12 - 2010-07-13 11:55 - 000000000 ____D C:\Program Files\Acer
2022-01-20 10:34 - 2012-08-27 02:05 - 000000000 ___RD C:\Users\Julie\Desktop\TOOLS
2022-01-20 10:33 - 2013-11-21 12:19 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-19 19:22 - 2016-02-28 18:04 - 000000000 ____D C:\ProgramData\Auslogics
2022-01-19 19:21 - 2011-10-12 14:51 - 000000000 ____D C:\ProgramData\YouTube Downloader
2022-01-18 11:19 - 2012-02-25 07:58 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-18 11:19 - 2012-02-25 07:58 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-14 14:03 - 2018-04-06 10:28 - 000000000 ____D C:\Windows\Minidump
2022-01-12 12:44 - 2018-04-01 20:24 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-12-22 21:16 - 2020-10-18 12:33 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-22 21:16 - 2020-04-15 14:35 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-22 21:16 - 2019-01-07 08:46 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-22 21:16 - 2019-01-07 08:46 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-22 21:16 - 2016-05-04 08:24 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-22 21:16 - 2013-03-14 07:45 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-22 21:16 - 2013-03-14 07:45 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-22 21:16 - 2012-02-25 07:52 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-22 21:16 - 2011-02-23 15:46 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-22 21:15 - 2019-01-14 14:52 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-22 21:15 - 2019-01-07 08:46 - 000036784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-22 21:15 - 2017-11-16 15:41 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-22 21:15 - 2011-02-23 16:05 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories ========

2014-06-02 18:07 - 2015-03-20 20:35 - 000000131 _____ () C:\Users\Julie\AppData\Roaming\WB.CFG
2021-03-26 14:30 - 2021-03-26 14:32 - 000004608 _____ () C:\Users\Julie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-20 20:35 - 2015-03-20 20:35 - 000274045 _____ () C:\Users\Julie\AppData\Local\dsi1.dat
2015-03-20 20:35 - 2015-03-20 20:35 - 000161916 _____ () C:\Users\Julie\AppData\Local\dsi2.dat
2014-06-25 09:54 - 2014-06-25 09:54 - 000000093 _____ () C:\Users\Julie\AppData\Local\fusioncache.dat
2015-08-26 19:23 - 2015-08-26 19:23 - 000000017 _____ () C:\Users\Julie\AppData\Local\resmon.resmoncfg
2017-04-12 16:28 - 2017-04-12 16:28 - 000000000 _____ () C:\Users\Julie\AppData\Local{42E35D5C-20E3-468E-B8B2-FCC807588D73}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2016-02-08 10:05
==================== End of FRST.txt ========================

Thanks Mal’ I’m sorry to a pest !

ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.

1. Once you have started the program, you will need to click the scanner button.
   
   Code:

    [IMG alt="EgsT69u.png"]http://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png

The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.

[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

After you run the Fixlist, I need to see two fresh logs from FRST, this time…[COLOR=rgb(184, 49, 47)]do not modify[COLOR=rgb(184, 49, 47)] them. [/COLOR][/COLOR]

Thanks Mal’ I am at the moment waiting…I have just clicked the repair button.

Mal’ I am waiting for the program to say something, nothing seems to be happening. Along the bottom of the system ‘box’ it offers Assist Blog Free Forum Cluf/Eula Paypal I’m stuck…

You must scan, allowing it close your browser. Click clean after the scan, allowing it to close browser if open. Then reboot when required.

OK I think I’ve just done that PC has just started up again…will look for report on Dsk top

~ ZHPCleaner v2022.1.21.8 by Nicolas Coolman (2022/01/21)
~ Run by Julie (Administrator) (22/01/2022 12:26:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : ZHP
~ State version :
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Julie\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Julie\AppData\Roaming\ZHP\ZHPCleaner_Reg. txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

—\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

—\ Services (0)
~ No malicious or unnecessary items found. (Service)

—\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

—\ Hosts file (1)
~ The hosts file is legitimate (35)

—\ Scheduled automatic tasks. (2)
DELETED task: [Adobe Flash Player NPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_255_Plugin.exe] =>Riskware.FlashPlayer
DELETED task: [Adobe Flash Player Updater] [C:\Windows\Tasks\Adobe Flash Player Updater.job (Not File) ] =>Riskware.FlashPlayer

—\ Explorer ( File, Folder) (6)
MOVED file: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job =>Riskware.FlashPlayer
MOVED folder: C:\Program Files (x86)\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\Windows\System32\config\systemprofile\AppData\R oaming{90140011-0066-0409-0000-0000000FF1CE} =>Heuristic.Suspect

—\ Registry ( Key, Value, Data) (19)
DELETED key^: HKLM\SOFTWARE\Auslogics\ATPopups [AdditionalScan 407] =>SUP.Optional.AuslogicsBoostSpeed
DELETED key*: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 573] =>.SUP.FirefoxRestriction
DELETED key*: [X64] HKLM\SOFTWARE\Classes\BinkilandHTML.CZ2E2KAGLCH6L2 CVVLCP5DMTD [Binkiland HTML Document] =>PUP.Optional.Binkiland
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogic s =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Auslogics =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\Adobe Flash Player ActiveX [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\Adobe Flash Player NPAPI [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 [Auslogics Labs Pty Ltd] =>SUP.Optional.Auslogics
DELETED value: HKLM64\Software\Classes.htm\OpenWithProgIDs\Binkil andHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes.html\OpenWithProgIDs\Binki landHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes.shtml\OpenWithProgIDs\Bink ilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes.webp\OpenWithProgIDs\Binki landHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes.xht\OpenWithProgIDs\Binkil andHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD =>PUP.Optional.Binkiland

—\ Summary of the elements found (8)
Zone Anti-Malware - ZAM =>Riskware.FlashPlayer
Zone Anti-Malware - ZAM =>Préférences Chromium
Zone Anti-Malware - ZAM =>SUP.Optional.Auslogics
Zone Anti-Malware - ZAM =>Heuristic.Suspect
Zone Anti-Malware - ZAM =>SUP.Optional.AuslogicsBoostSpeed
Zone Anti-Malware - ZAM =>.SUP.FirefoxRestriction
Zone Anti-Malware - ZAM =>PUP.Optional.Binkiland
Zone Anti-Malware - ZAM =>Adware.BProtector

—\ Other deletions. (10)
~ Registry Keys Tracing deleted (10)
~ Remove the old reports ZHPCleaner. (0)

—\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ The system has been restarted.

—\ Statistics
~ Items scanned : 1536
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

—\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn53s

—\ Reports (2)
ZHPCleaner--22012022-12_03_18.txt
ZHPCleaner-[R]-22012022-12_27_43.txt