• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved No access to open a Twitter account.

Status
Not open for further replies.
Mal', I'm back Iv'e got my courage finger working again. Iv'e just scanned with FRST and have lots of worrying info (logs). Shall I post these logs? I was tempted to download firefox but can I use a link to Twitter on my google toolbar that I have gained with firefox ? If so that could be a cowards way out for me. OH, and thanks for your help Mal'.
 
You can download Firefox . Just to see if it works with Twitter. This is just for testing purposes you can delete it later if you want.

Also. It’s your choice to post the Frst and Addition.txt logs. I am only trying to help you.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by Julie (administrator) on JULIE-PC (Acer Aspire 5742Z) (21-01-2022 12:40:19)
Running from C:\Users\Julie\Desktop
Loaded Profiles: Julie
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Tenorshare Co.,Ltd. -> Tenorshare Co,Ltd) C:\Users\Julie\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [157464 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\...\Run: [EPSDNMON] => "" (No File)
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\...\MountPoints2: {b93eeb5b-d911-11e2-afed-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\...\MountPoints2: {b93eeb78-d911-11e2-afed-1c7508075e16} - E:\AutoRun.exe
HKLM\...\Windows x64\Print Processors\Epson Inkjet: C:\Windows\System32\spool\prtprocs\x64\EP0NPP01.DLL [38912 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON SX235 Series 64MonitorBE: C:\Windows\system32\E_ILMHLE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-09] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2021-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [162816 2014-06-25] (Google) [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0117885C-F471-481B-AF24-E7A390BA4C5F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [4969240 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
Task: {04F69B74-EC96-4B74-B681-5399DAE61C1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001UA => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-24] (Facebook, Inc. -> Facebook Inc.)
Task: {07214C40-FC58-43DF-A351-6DDC8717ECA6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (No File)
Task: {0B2442AC-2FEC-4EAB-9DD5-01EBD83A9842} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {1B1FA68B-191A-46CF-B891-BC2F5427832D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {1F080B6A-4EA4-4F74-AEA7-9A2CBFB25B23} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
Task: {24ED96C9-6732-4F79-8D73-3750E7B7C9AE} - System32\Tasks\GoogleUpdateTaskMachineCore1d1b446f8176a70 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {2B38A6C0-82A4-4BCD-AAAA-7841390C2332} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {2DCF0360-7FCF-4BE1-A737-ED5090D8D66C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck (No File)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Julie" /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}" /ENABLE
Task: {3E954F7C-0E63-43BA-B721-BE28C4A556F9} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {3FBA77F7-AB69-4054-8BBD-F0E659D66043} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {46E71975-9FEC-48C1-A351-BC45105DB10F} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e43674767ea7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {5FCC383F-FCE0-4B1E-A227-FB7520A83905} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {62D509A6-7C13-4716-9D9A-BDE99C9C844F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e43674326fc8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {696B7F7C-B698-4766-8829-D9ED7AF5ED2C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {6F557987-C4C1-4B35-8574-D80B5D49D5B7} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {714A14CC-6769-4518-B9C1-F3D6C8FBB7B4} - System32\Tasks\{E1505612-22B8-451D-8486-6592F09545BE} => E:\v-safe100vista.exe (No File)
Task: {73761025-E098-4440-BAEF-8614A295DCA1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {742A29B3-FAC0-436E-9051-3C4D11FC30AB} - System32\Tasks\EPSON XP-243 245 247 Series Update {DC991F4C-5C81-462F-BB66-060684119797} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {7DB17E19-484E-4769-9340-BC9D82D29201} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001Core => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-24] (Facebook, Inc. -> Facebook Inc.)
Task: {89B2FB60-383B-496A-B1B1-D29A4A38B5E4} - System32\Tasks\GoogleUpdateTaskMachineUA1d1b446f8eb44e8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {8CB243B3-D59B-4CA4-96ED-F3DA690CE313} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {92B472B9-89DD-4307-9EAC-D506A61DFBBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {92FF7EB3-1493-4092-816F-20BB6262495C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck (No File)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation (No File)
Task: {9B1D34AD-7EF6-4AF6-9224-A3DF4AA4FE5F} - System32\Tasks\CCleanerSkipUAC - Julie => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A0C6C617-AA0E-41E8-9E9F-91B29EB14591} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {A1A4A082-740A-46EA-8D9B-4D3D0447B5FB} - System32\Tasks\{AA8603A6-8832-4AB7-807D-38690D27054B} => E:\v-safe100vista.exe (No File)
Task: {A47B4D50-87A9-4843-BDA1-7BE98A75A02D} - System32\Tasks\avastBCLRestartS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe (No File)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BEB57C8B-6FAA-4E7F-A7C2-5ED5D22CCC3D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1015958238-104019070-1073425079-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck (No File)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {DABF5233-2AB0-4045-B648-81B76672BF1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {F0BA7721-470D-4D3E-8907-CC6ABA035850} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {F62D6AE0-E573-46AE-B050-FE9C4B159D5C} - System32\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {F782550E-1425-4981-9AE5-2DECBC174AF1} - System32\Tasks\{C9F8E299-BEF1-4F23-BD7E-F6BF00D8DBF1} => E:\v-safe100vista.exe (No File)
Task: {F9DEB8D1-CC12-486B-9966-93173D486AFC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{CBE7393D-3042-462F-BE76-DF15FEA518E1} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {DC991F4C-5C81-462F-BB66-060684119797}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{DC991F4C-5C81-462F-BB66-060684119797} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001Core.job => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1015958238-104019070-1073425079-1001UA.job => C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e43674326fc8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e43674767ea7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8E80C6D0-8488-4DDD-987D-7FCE39713730}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default [2022-01-21]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSdAxaAF8TQxhGclwLTA1DRwwOIQALVBQXE1ZHdQFcBwxJEVcFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlE8WGJKLl1XFg=="
CHR StartupUrls: Default -> "hxxp://www.ighome.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-11]
CHR Extension: (YouTube) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-14]
CHR HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-1015958238-104019070-1073425079-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [8480848 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Alwil Software\Avast5\aswToolsSvc.exe [452888 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-01] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe [56912 2021-06-26] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [128648 2017-04-21] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopManager.exe [81408 2014-06-25] (Google) [File not signed]
R2 TenorshareWinAdService; C:\Users\Julie\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe [53472 2020-03-26] (Tenorshare Co.,Ltd. -> Tenorshare Co,Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
S2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [X]
S2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [X]
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [X]
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-22] (Avast Software s.r.o. -> AVAST Software)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-21 12:40 - 2022-01-21 12:41 - 000031750 _____ C:\Users\Julie\Desktop\FRST.txt
2022-01-21 12:38 - 2022-01-21 12:40 - 000000000 ____D C:\FRST
2022-01-21 12:37 - 2022-01-21 12:37 - 002311680 _____ (Farbar) C:\Users\Julie\Desktop\FRST64.exe
2022-01-19 16:47 - 2022-01-19 19:21 - 000000000 ____D C:\AdwCleaner
2021-12-22 21:16 - 2021-12-22 21:16 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-22 21:16 - 2021-12-22 21:16 - 000215432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-21 12:30 - 2010-07-13 11:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-21 12:24 - 2016-05-22 16:28 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d1b446f8eb44e8
2022-01-21 12:24 - 2016-05-22 16:28 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d1b446f8176a70
2022-01-21 12:05 - 2021-11-08 16:59 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Julie
2022-01-21 12:05 - 2018-04-01 10:21 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2022-01-21 12:05 - 2018-03-29 07:08 - 000003872 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-21 12:05 - 2017-03-02 11:43 - 000003980 _____ C:\Windows\system32\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}
2022-01-21 12:05 - 2017-03-02 11:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {CBE7393D-3042-462F-BE76-DF15FEA518E1}.job
2022-01-21 12:05 - 2015-12-03 12:58 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-01-21 12:05 - 2014-12-26 10:51 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-01-21 12:03 - 2012-08-27 02:02 - 000000000 ____D C:\Program Files\CCleaner
2022-01-21 11:15 - 2009-07-14 04:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-21 11:15 - 2009-07-14 04:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-20 21:29 - 2017-03-19 17:57 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-01-20 11:18 - 2018-10-27 14:26 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-01-20 11:18 - 2011-02-23 12:50 - 000000000 ____D C:\Users\Julie
2022-01-20 11:18 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-20 11:13 - 2010-07-13 11:54 - 000000000 ____D C:\Program Files (x86)\Acer
2022-01-20 11:13 - 2010-07-13 11:52 - 000000000 ____D C:\ProgramData\Acer
2022-01-20 11:12 - 2010-07-13 11:55 - 000000000 ____D C:\Program Files\Acer
2022-01-20 10:34 - 2012-08-27 02:05 - 000000000 ___RD C:\Users\Julie\Desktop\TOOLS
2022-01-20 10:33 - 2013-11-21 12:19 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-19 19:22 - 2016-02-28 18:04 - 000000000 ____D C:\ProgramData\Auslogics
2022-01-19 19:21 - 2011-10-12 14:51 - 000000000 ____D C:\ProgramData\YouTube Downloader
2022-01-18 11:19 - 2012-02-25 07:58 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-18 11:19 - 2012-02-25 07:58 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-14 14:03 - 2018-04-06 10:28 - 000000000 ____D C:\Windows\Minidump
2022-01-12 12:44 - 2018-04-01 20:24 - 000002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-12-22 21:16 - 2020-10-18 12:33 - 000186280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-22 21:16 - 2020-04-15 14:35 - 000540056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-22 21:16 - 2019-01-07 08:46 - 000252992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-22 21:16 - 2019-01-07 08:46 - 000100416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-22 21:16 - 2016-05-04 08:24 - 000042416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-22 21:16 - 2013-03-14 07:45 - 000318760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-22 21:16 - 2013-03-14 07:45 - 000083976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-22 21:16 - 2012-02-25 07:52 - 000108912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-22 21:16 - 2011-02-23 15:46 - 000545176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-22 21:15 - 2019-01-14 14:52 - 000369216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-22 21:15 - 2019-01-07 08:46 - 000036784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-22 21:15 - 2017-11-16 15:41 - 000223176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-22 21:15 - 2011-02-23 16:05 - 000853800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories ========

2014-06-02 18:07 - 2015-03-20 20:35 - 000000131 _____ () C:\Users\Julie\AppData\Roaming\WB.CFG
2021-03-26 14:30 - 2021-03-26 14:32 - 000004608 _____ () C:\Users\Julie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-20 20:35 - 2015-03-20 20:35 - 000274045 _____ () C:\Users\Julie\AppData\Local\dsi1.dat
2015-03-20 20:35 - 2015-03-20 20:35 - 000161916 _____ () C:\Users\Julie\AppData\Local\dsi2.dat
2014-06-25 09:54 - 2014-06-25 09:54 - 000000093 _____ () C:\Users\Julie\AppData\Local\fusioncache.dat
2015-08-26 19:23 - 2015-08-26 19:23 - 000000017 _____ () C:\Users\Julie\AppData\Local\resmon.resmoncfg
2017-04-12 16:28 - 2017-04-12 16:28 - 000000000 _____ () C:\Users\Julie\AppData\Local\{42E35D5C-20E3-468E-B8B2-FCC807588D73}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2016-02-08 10:05
==================== End of FRST.txt ========================

Thanks Mal' I'm sorry to a pest !
 
ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.






2. Once you have started the program, you will need to click the scanner button.



EgsT69u.png




The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.



At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.







Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    6.8 KB · Views: 22
Last edited:
Mal' I am waiting for the program to say something, nothing seems to be happening. Along the bottom of the system 'box' it offers Assist Blog Free Forum Cluf/Eula Paypal I'm stuck....
 
~ ZHPCleaner v2022.1.21.8 by Nicolas Coolman (2022/01/21)
~ Run by Julie (Administrator) (22/01/2022 12:26:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Certificate ZHPCleaner: Legal
~ Type : Repair
~ Report : C:\Users\Julie\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Julie\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found. (ADS)

---\ Services (0)
~ No malicious or unnecessary items found. (Service)

---\ Browser internet (0)
~ No malicious or unnecessary items found. (Browser)

---\ Hosts file (1)
~ The hosts file is legitimate (35)

---\ Scheduled automatic tasks. (2)
DELETED task: [Adobe Flash Player NPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe] =>Riskware.FlashPlayer
DELETED task: [Adobe Flash Player Updater] [C:\Windows\Tasks\Adobe Flash Player Updater.job (Not File) ] =>Riskware.FlashPlayer

---\ Explorer ( File, Folder) (6)
MOVED file: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job =>Riskware.FlashPlayer
MOVED folder: C:\Program Files (x86)\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\Windows\System32\config\systemprofile\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE} =>Heuristic.Suspect

---\ Registry ( Key, Value, Data) (19)
DELETED key^: HKLM\SOFTWARE\Auslogics\ATPopups [AdditionalScan 407] =>SUP.Optional.AuslogicsBoostSpeed
DELETED key*: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 573] =>.SUP.FirefoxRestriction
DELETED key*: [X64] HKLM\SOFTWARE\Classes\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [Binkiland HTML Document] =>PUP.Optional.Binkiland
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier [] =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater [] =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics [] =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Auslogics [] =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 [Auslogics Labs Pty Ltd] =>SUP.Optional.Auslogics
DELETED value: HKLM64\Software\Classes\.htm\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.html\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.shtml\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.webp\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.xht\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland

---\ Summary of the elements found (8)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/ =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/auslogics-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Auslogics
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2019/05/04/sup-auslogics-boostspeed/ =>SUP.Optional.AuslogicsBoostSpeed
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.FirefoxRestriction
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.Binkiland
https://nicolascoolman.eu/2017/04/12/adware-bprotector/ =>Adware.BProtector

---\ Other deletions. (10)
~ Registry Keys Tracing deleted (10)
~ Remove the old reports ZHPCleaner. (0)

---\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ The system has been restarted.

---\ Statistics
~ Items scanned : 1536
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17

---\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn53s

---\ Reports (2)
ZHPCleaner--22012022-12_03_18.txt
ZHPCleaner-[R]-22012022-12_27_43.txt
 
There seems to
~ ZHPCleaner v2022.1.21.8 by Nicolas Coolman (2022/01/21)
~ Run by Julie (Administrator) (22/01/2022 12:26:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Repair
~ Report : C:\Users\Julie\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Julie\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (0)
~ No malicious or unnecessary items found.


---\\ Hosts file (1)
~ The hosts file is legitimate (35)


---\\ Scheduled automatic tasks. (2)
DELETED task: [Adobe Flash Player NPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe] =>Riskware.FlashPlayer
DELETED task: [Adobe Flash Player Updater] [C:\Windows\Tasks\Adobe Flash Player Updater.job (Not File) ] =>Riskware.FlashPlayer


---\\ Explorer ( File, Folder) (6)
MOVED file: C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job =>Riskware.FlashPlayer
MOVED folder: C:\Program Files (x86)\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>SUP.Optional.Auslogics
MOVED folder: C:\Windows\System32\config\systemprofile\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE} =>Heuristic.Suspect


---\\ Registry ( Key, Value, Data) (19)
DELETED key^: HKLM\SOFTWARE\Auslogics\ATPopups [AdditionalScan 407] =>SUP.Optional.AuslogicsBoostSpeed
DELETED key*: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [AdditionalScan 573] =>.SUP.FirefoxRestriction
DELETED key*: [X64] HKLM\SOFTWARE\Classes\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [Binkiland HTML Document] =>PUP.Optional.Binkiland
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1 [Protector Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib [ProtectorLib Class] =>Adware.BProtector
DELETED key*: [X64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1 [ProtectorLib Class] =>Adware.BProtector
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier [] =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater [] =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics [] =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Auslogics [] =>SUP.Optional.Auslogics
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 [Auslogics Labs Pty Ltd] =>SUP.Optional.Auslogics
DELETED value: HKLM64\Software\Classes\.htm\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.html\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.shtml\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.webp\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland
DELETED value: HKLM64\Software\Classes\.xht\OpenWithProgIDs\\BinkilandHTML.CZ2E2KAGLCH6L2CVVLCP5DMTD [] =>PUP.Optional.Binkiland


---\\ Summary of the elements found (8)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/ =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/auslogics-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Auslogics
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2019/05/04/sup-auslogics-boostspeed/ =>SUP.Optional.AuslogicsBoostSpeed
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.FirefoxRestriction
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.Binkiland
https://nicolascoolman.eu/2017/04/12/adware-bprotector/ =>Adware.BProtector


---\\ Other deletions. (10)
~ Registry Keys Tracing deleted (10)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 1536
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed





~ End of clean in 00h00mn53s

---\\ Reports (2)
ZHPCleaner--22012022-12_03_18.txt
ZHPCleaner-[R]-22012022-12_27_43.txt

be two on DSKtop......
 
Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.



 
Mal' Sorry I've been away so long after I found and clicked fix, I was rebooted and went straight onto Twitter Great, and my laptop is much sharper.
Thanks again Mal. Is there anything else that I should do now or am I finished ?
 
  • Like
Reactions: Malnutrition
Status
Not open for further replies.