Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #1  
Old May 26th, 2021, 03:13 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
virus

My computer keeps saying everyday several times a day and has for months that I have a virus sometimes it says trojan and always that I need to renew mckafee to get rid of it. Not sure that I ever had that anyway or not sure that I have a virus and I have no idea as how to get rid of this, can you help, thanks
I am running win 10
Reply With Quote


  #2  
Old May 30th, 2021, 12:39 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Hi littleone,

Let's take a look.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Reply With Quote
  #3  
Old May 30th, 2021, 04:08 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
not open

It says windows defender will mot let me open?
Reply With Quote
  #4  
Old May 30th, 2021, 04:29 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Disable Windows Defender. You do not know how tell me I'll give you a link.
Reply With Quote
  #5  
Old May 31st, 2021, 01:25 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Defender should have been disable when McAfee installed, but here are the steps. Be sure to disable McAfee too.
Reply With Quote
  #6  
Old June 1st, 2021, 04:02 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
mcaffee

I do not have McAffee,,the message Im getting says ti renew the sub but I dont have one.
And I dont see real time protection??

Last edited by littleone; June 1st, 2021 at 04:14 PM.
Reply With Quote
  #7  
Old June 1st, 2021, 04:57 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Let me check on that.
Reply With Quote
  #8  
Old June 1st, 2021, 07:29 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
first

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2021 01
Ran by Debbie (administrator) on DESKTOP-ELI7VR8 (Dell Inc. OptiPlex 790) (01-06-2021 11:26:59)
Running from C:\Users\Debbie\Downloads
Loaded Profiles: Debbie
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: English (United States)
Default browser: "C:\Users\Debbie\Wavesor Software\WaveBrowser\wavebrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\instup.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.e xe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64 .exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Debbie\AppData\Local\Microsoft\OneDrive\O neDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRu ntime.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YARNPAE. EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPAE. EXE
(Wavesor Software -> Wavesor Software) C:\Users\Debbie\Wavesor Software\WaveBrowser\wavebrowser.exe <10>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-09-25] (Corel Corporation -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPAE. EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\Run: [Wavesor SWUpdater] => C:\Users\Debbie\Wavesor Software\SWUpdater\1.3.107.0\SWUpdaterCore.exe [210008 2021-04-08] (Wavesor Software -> Wavesor Software)
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Debbie\AppData\Local\Microsoft\OneDrive\ Update\OneDriveSetup.exe"
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Debbie\AppData\Local\Microsoft\OneDrive\ StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\RunOnce: [Uninstall 21.073.0411.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Debbie\AppData\Local\Microsoft\OneDrive\ 21.073.0411.0002\amd64"
HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\RunOnce: [Uninstall 21.073.0411.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Debbie\AppData\Local\Microsoft\OneDrive\ 21.073.0411.0002"
HKLM\...\Print\Monitors\EPSON XP-430 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBPAE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Inst aller\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-04-06]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C3A446-5C9F-4B64-8C4B-8A74992976FB} - System32\Tasks\EPSON XP-430 Series Update {4096E76B-F21C-4D1E-96D3-5B18C92C0122} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPAE.E XE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {11BC88AB-253F-463C-9839-BFC664239DAA} - System32\Tasks\WavesorSWUpdaterTaskUserS-1-5-21-3358373597-1690568811-3966139131-1001Core => C:\Users\Debbie\Wavesor Software\SWUpdater\SWUpdater.exe [107608 2021-04-06] (Wavesor Software -> Wavesor Software)
Task: {14F842F3-E167-40CF-9A23-6CBFAF7C3EDA} - System32\Tasks\WavesorSWUpdaterTaskUserS-1-5-21-3358373597-1690568811-3966139131-1001UA => C:\Users\Debbie\Wavesor Software\SWUpdater\SWUpdater.exe [107608 2021-04-06] (Wavesor Software -> Wavesor Software)
Task: {22F11743-5FE8-4611-A5C2-12B8F6F58F38} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
Task: {27A0CE13-F160-45C2-95CD-5E94CAAF909E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-12] (Google Inc -> Google LLC)
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\BA Scheduler" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\EPSON XP-430 Series Update {4096E76B-F21C-4D1E-96D3-5B18C92C0122}" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3358373597-1690568811-3966139131-1001" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Quick Driver Updater skipuac" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{46199E18-599D-4060-9554-AECE3B7CD090}" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\WavesorSWUpdaterTaskUserS-1-5-21-3358373597-1690568811-3966139131-1001Core" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\WavesorSWUpdaterTaskUserS-1-5-21-3358373597-1690568811-3966139131-1001UA" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\WinZip Update Notifier 1" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\WinZip Update Notifier 2" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\WinZip Update Notifier 3" /ENABLE
Task: {466FBBDA-4669-4445-BAB1-208487E85BDD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {49281A4F-475D-43B9-803B-4EA453285A8D} - System32\Tasks\Quick Driver Updater skipuac => C:\Program Files\Quick Driver Updater\qdu.exe [4183136 2020-05-11] (DIGITAL PROTECTION SERVICES S.R.L. -> Digital Protection Services S.R.L)
Task: {49DD1152-6D58-4665-AAF1-7124533E4282} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
Task: {4B238893-8C9F-4EE3-8ED0-1D15A0A6FEF9} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
Task: {52DF8A8D-DAD3-4131-B6E8-F8D220C9AB2A} - System32\Tasks\BA Scheduler => powershell.exe -WindowStyle Hidden -ExecutionPolicy bypass -c "$env:COMPLUS_version='v4.0.30319';&powershell{$w= "$env:APPDATA"+'\Browser Assistant\';[Reflection.Assembly]::Load([System.IO.File]::ReadAllBytes($w+'Updater.dll'));$i=new-object u.U;$i.ST()}" <==== ATTENTION
Task: {5BE3E93F-D035-437F-A554-BE93865CE7B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-12] (Google Inc -> Google LLC)
Task: {8166F735-585E-49C0-89AD-658E2F0F9A2D} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
Task: {98BA4037-E5F0-42A5-84DA-9121BD81A3D8} - System32\Tasks\Wavesor Software_S-1-5-21-3358373597-1690568811-3966139131-1001\WaveBrowser-StartAtLogin => C:\Users\Debbie\Wavesor Software\WaveBrowser\wavebrowser.exe [2125912 2021-05-07] (Wavesor Software -> Wavesor Software)
Task: {9F9FDCA7-65F7-4D42-8AEA-9E303D59C312} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {A6DE2D4C-BD7A-4611-8C7A-72FB8D7256F1} - System32\Tasks\NCH Software\InventoriaSchedBackup => C:\Program Files (x86)\NCH Software\Inventoria\Inventoria.exe [1771592 2020-05-15] (NCH Software, Inc. -> NCH Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-430 Series Update {4096E76B-F21C-4D1E-96D3-5B18C92C0122}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPAE.E XE:/EXE:{4096E76B-F21C-4D1E-96D3-5B18C92C0122} /F:UpdateWORKGROUP\DESKTOP-ELI7VR8$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{ef7a85fb-3144-4027-9b39-96105a998004}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Debbie\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-01]

FireFox:
========
FF DefaultProfile: 4oh45ttj.default
FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Pr ofiles\4oh45ttj.default [2021-03-22]
FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Pr ofiles\jtavwzjp.default-release [2021-03-22]

Chrome:
=======
CHR Profile: C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default [2021-06-01]
CHR Notifications: Default -> hxxps://captcha-sourcecenter.com; hxxps://mountairy-nc.geebo.com; hxxps://www.charlotteobserver.com; hxxps://www.everyjobforme.com; hxxps://www.facebook.com; hxxps://www.madamglam.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR Extension: (Docs) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2019-09-12]
CHR Extension: (Google Drive) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2019-09-12]
CHR Extension: (Sheets) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2019-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2021-05-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-02-09]
CHR Extension: (Gmail) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2021-05-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 InventoriaService; C:\Program Files (x86)\NCH Software\Inventoria\inventoria.exe [1771592 2020-05-15] (NCH Software, Inc. -> NCH Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7265328 2020-10-31] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522936 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217600 2020-10-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-31] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-01 11:26 - 2021-06-01 11:29 - 000022196 _____ C:\Users\Debbie\Downloads\FRST.txt
2021-06-01 11:26 - 2021-06-01 11:28 - 000000000 ____D C:\FRST
2021-06-01 11:24 - 2021-06-01 11:24 - 002012672 _____ (Farbar) C:\Users\Debbie\Downloads\FRST (3).exe
2021-06-01 11:22 - 2021-06-01 11:22 - 000001509 _____ C:\Users\Debbie\Desktop\FRST (2) - Shortcut.lnk
2021-06-01 11:20 - 2021-06-01 11:20 - 002012672 _____ (Farbar) C:\Users\Debbie\Downloads\FRST (2).exe
2021-05-30 11:11 - 2021-05-30 11:11 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (9).exe
2021-05-30 11:10 - 2021-05-30 11:10 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (8).exe
2021-05-30 11:09 - 2021-05-30 11:09 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (7).exe
2021-05-30 11:07 - 2021-05-30 11:07 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (6).exe
2021-05-30 11:05 - 2021-05-30 11:06 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (5).exe
2021-05-30 11:04 - 2021-05-30 11:04 - 002012672 _____ (Farbar) C:\Users\Debbie\Downloads\FRST (1).exe
2021-05-30 11:03 - 2021-05-30 11:03 - 002299904 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64 (4).exe
2021-05-27 11:27 - 2021-05-27 11:54 - 000000000 ____D C:\Users\Debbie\Documents\2020 tax pdf
2021-05-27 09:04 - 2021-05-27 11:27 - 000000000 ____D C:\Users\Debbie\Documents\3 mt statements
2021-05-25 20:37 - 2021-05-25 20:37 - 002012672 _____ (Farbar) C:\Users\Debbie\Downloads\FRST.exe
2021-05-25 13:53 - 2021-05-25 14:13 - 000000000 ____D C:\Users\Debbie\Desktop\2019 pdf
2021-05-25 13:04 - 2021-05-25 13:04 - 001786247 _____ C:\Users\Debbie\Documents\Scan_20210525.pdf
2021-05-24 14:56 - 2021-05-24 14:56 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-05-12 07:46 - 2021-05-12 07:46 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 07:45 - 2021-05-12 07:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 07:45 - 2021-05-12 07:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 07:45 - 2021-05-12 07:45 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 07:45 - 2021-05-12 07:45 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 07:45 - 2021-05-12 07:45 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 07:44 - 2021-05-12 07:44 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 07:44 - 2021-05-12 07:44 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 07:44 - 2021-05-12 07:44 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 07:44 - 2021-05-12 07:44 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 07:43 - 2021-05-12 07:43 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 07:43 - 2021-05-12 07:43 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter. exe
2021-05-11 18:32 - 2021-05-27 08:46 - 000000836 _____ C:\Users\Debbie\Desktop\3 bs - Shortcut.lnk
2021-05-11 18:32 - 2021-05-11 18:32 - 000000000 ____D C:\Users\Debbie\Documents\3 bs
2021-05-11 18:14 - 2021-05-27 08:46 - 000000000 ____D C:\Users\Debbie\Desktop\3 bs
2021-05-11 17:04 - 2021-05-11 17:04 - 000000000 ____D C:\Users\Debbie\Documents\2020 taxes
2021-05-08 11:48 - 2021-05-08 11:48 - 000020083 _____ C:\Users\Debbie\Downloads\HybridCalculationCalcula tor-RRF.xlsx
2021-05-05 12:26 - 2021-05-05 12:26 - 000009034 _____ C:\Users\Debbie\Downloads\NCABCC_Permit_Search_202 1_5_5_12_20_21_769.xlsx
2021-05-05 12:26 - 2021-05-05 12:26 - 000009034 _____ C:\Users\Debbie\Downloads\NCABCC_Permit_Search_202 1_5_5_12_20_21_769 (1).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-01 11:21 - 2021-04-06 12:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Wavesor Software_S-1-5-21-3358373597-1690568811-3966139131-1001
2021-06-01 11:20 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-01 11:01 - 2020-08-27 17:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-01 05:46 - 2020-08-27 17:50 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{46199E18-599D-4060-9554-AECE3B7CD090}
2021-05-29 12:24 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-29 12:24 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-29 12:20 - 2020-03-16 02:08 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-29 12:20 - 2020-03-16 02:08 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-29 12:20 - 2020-03-16 02:08 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-27 14:09 - 2020-08-27 17:50 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3358373597-1690568811-3966139131-1001
2021-05-27 14:08 - 2020-08-27 17:25 - 000002370 _____ C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\OneDrive.lnk
2021-05-27 14:08 - 2019-08-13 13:04 - 000000000 ___RD C:\Users\Debbie\OneDrive
2021-05-27 11:27 - 2020-08-27 17:25 - 000000000 ____D C:\Users\Debbie
2021-05-27 09:08 - 2021-04-06 12:25 - 000000000 ____D C:\Users\Debbie\Wavesor Software
2021-05-25 13:46 - 2020-11-03 11:19 - 000000000 ____D C:\Users\Debbie\Documents\statements
2021-05-24 12:16 - 2020-06-14 19:24 - 000522936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-18 13:14 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-16 19:52 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 15:41 - 2021-04-06 12:27 - 000002297 _____ C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\WaveBrowser.lnk
2021-05-14 15:41 - 2021-04-06 12:27 - 000002272 _____ C:\Users\Debbie\Desktop\WaveBrowser.lnk
2021-05-12 21:19 - 2019-09-12 18:43 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 21:19 - 2019-09-12 18:43 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-12 21:19 - 2019-09-12 18:43 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-12 17:48 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-12 17:47 - 2020-08-27 17:33 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-12 17:43 - 2019-10-18 19:41 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-12 17:42 - 2020-08-27 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-12 17:42 - 2020-08-27 17:20 - 000257824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-12 17:42 - 2020-04-05 13:08 - 000000951 _____ C:\WINDOWS\Tasks\EPSON XP-430 Series Update {4096E76B-F21C-4D1E-96D3-5B18C92C0122}.job
2021-05-12 17:41 - 2020-08-27 17:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-12 17:40 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-12 17:39 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 17:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-12 07:51 - 2019-12-07 05:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-12 06:51 - 2019-08-13 16:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 06:49 - 2019-08-13 16:58 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 17:04 - 2021-03-09 20:14 - 000000000 ____D C:\Users\Debbie\Desktop\2020 taxes
2021-05-08 11:57 - 2021-03-22 18:09 - 000000000 ____D C:\Users\Debbie\Desktop\horseshoes
2021-05-05 04:12 - 2020-08-27 17:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-05 04:12 - 2020-08-27 17:50 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2021-05-05 04:12 - 2020-08-27 17:50 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2021-05-05 04:12 - 2020-08-27 17:50 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2021-05-05 04:12 - 2020-08-27 17:50 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2021-05-05 04:05 - 2021-02-09 18:39 - 000000000 ____D C:\Users\Debbie\AppData\Local\Notepad
2021-05-05 04:02 - 2021-04-06 12:25 - 000003532 _____ C:\WINDOWS\system32\Tasks\WavesorSWUpdaterTaskUser S-1-5-21-3358373597-1690568811-3966139131-1001UA
2021-05-05 04:02 - 2021-04-06 12:25 - 000003264 _____ C:\WINDOWS\system32\Tasks\WavesorSWUpdaterTaskUser S-1-5-21-3358373597-1690568811-3966139131-1001Core
2021-05-05 04:02 - 2021-04-06 11:18 - 000002700 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2021-05-05 04:02 - 2021-04-06 11:18 - 000002698 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2021-05-05 04:02 - 2021-04-06 11:18 - 000002698 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2021-05-05 04:02 - 2020-08-27 17:50 - 000003502 _____ C:\WINDOWS\system32\Tasks\EPSON XP-430 Series Update {4096E76B-F21C-4D1E-96D3-5B18C92C0122}
2021-05-05 04:02 - 2020-08-27 17:50 - 000003058 _____ C:\WINDOWS\system32\Tasks\BA Scheduler
2021-05-05 04:02 - 2020-08-27 17:50 - 000002482 _____ C:\WINDOWS\system32\Tasks\Quick Driver Updater skipuac

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #9  
Old June 1st, 2021, 07:30 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2021 01
Ran by Debbie (01-06-2021 11:30:48)
Running from C:\Users\Debbie\Downloads
Windows 10 Home Version 2004 19041.985 (X64) (2020-08-27 21:52:13)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-3358373597-1690568811-3966139131-500 - Administrator - Disabled)
Debbie (S-1-5-21-3358373597-1690568811-3966139131-1001 - Administrator - Enabled) => C:\Users\Debbie
DefaultAccount (S-1-5-21-3358373597-1690568811-3966139131-503 - Limited - Disabled)
Guest (S-1-5-21-3358373597-1690568811-3966139131-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3358373597-1690568811-3966139131-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Total AV (Disabled - Out of date) {AC3490DF-B2AE-610F-9290-A5E6E0CD5323}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Direct Game UNI Installer (HKLM-x32\...\{7CE79E81-562B-4252-93D7-C6FF8F18FE9C}) (Version: 1.0.23 - GamesLOL)
EdrawMax(Build 10.0.4.776) (HKLM-x32\...\{037BAB81-3DF7-4381-A72C-A26B57C03548}_is1) (Version: 10.0.4.776 - EdrawSoft Co.,Ltd.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-430 Series Printer Uninstall (HKLM\...\EPSON XP-430 Series) (Version: - Seiko Epson Corporation)
Free DVD Player version 6.6.8 (HKLM-x32\...\Free DVD Player_is1) (Version: 6.6.8 - ShiningSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
IEBrowserAssistant (HKLM-x32\...\{BC63C727-3079-49AA-876A-8E459D35CB72}) (Version: 1.0.0 - Realistic Media Inc.)
Inventoria Stock Manager (HKLM-x32\...\Inventoria) (Version: 7.04 - NCH Software)
Malwarebytes version 4.2.2.95 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.2.95 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Quick Driver Updater (HKLM\...\{1745FA8E-3AEE-4239-A380-89B8F6EDB642}_is1) (Version: 1.0.0.5 - Digital Protection Services S.R.L)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
WaveBrowser (HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\...\WaveBrowser) (Version: 1.1.1.4 - Wavesor Software)
WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412F}) (Version: 25.0.14273 - Corel Corporation)

Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3 .5.828.0_x64__22t9g3sebte08 [2021-05-06] (AMZN Mobile LLC.) [Startup Task]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.58. 4.0_x86__kgqvnymyfvs32 [2021-05-20] (king.com)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_ 3.3.8.0_x64__htrsf667h5kn2 [2019-11-26] (Dell Inc)
DVD Player - FREE -> C:\Program Files\WindowsApps\21336V3TApps.DVDPlayer-FREE_1.0.12.0_x86__bzg06mxvgh4fa [2021-01-16] (V3TApps)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.59.5.0 _x86__kgqvnymyfvs32 [2021-05-19] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-08-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-08-13] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.1 1030.0_x64__8wekyb3d8bbwe [2020-11-22] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-22] (Microsoft Studios) [MS Ad]
Nero DVD Player -> C:\Program Files\WindowsApps\NeroAG.NeroDVDPlayer_1.0.18.0_x8 6__k5ye2zvjqqeaw [2020-12-24] (NeroAG)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0 [2021-05-29] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3358373597-1690568811-3966139131-1001_Classes\CLSID\{9CD78CBC-FD21-4FFF-B452-9D792A58B7C4}\localserver32 -> C:\Users\Debbie\Wavesor Software\WaveBrowser\1.1.1.4\notification_helper.e xe (Wavesor Software -> Wavesor Software)
CustomCLSID: HKU\S-1-5-21-3358373597-1690568811-3966139131-1001_Classes\CLSID\{C5596523-009B-41A7-AB11-BCA2274BDCDB}\InprocServer32 -> C:\Users\Debbie\Wavesor Software\SWUpdater\1.3.107.0\psuser_64.dll (Wavesor Software -> Wavesor Software)
CustomCLSID: HKU\S-1-5-21-3358373597-1690568811-3966139131-1001_Classes\CLSID\{F6994161-37C3-47C9-BE83-C84C33A1CF2A}\InprocServer32 -> C:\Users\Debbie\Wavesor Software\SWUpdater\1.3.107.0\psuser_64.dll (Wavesor Software -> Wavesor Software)
CustomCLSID: HKU\S-1-5-21-3358373597-1690568811-3966139131-1001_Classes\CLSID\{F87D77DF-DEF2-4294-9F4B-A92E5A6725DE}\InprocServer32 -> C:\Users\Debbie\Wavesor Software\SWUpdater\1.3.107.0\psuser_64.dll (Wavesor Software -> Wavesor Software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: IEBrowserAssistant -> {2421CBA2-89B7-4734-8438-49E0D7EB8A75} -> C:\Users\Debbie\AppData\Roaming\IEBrowserAssistant \adxloader64.dll [2018-11-13] (Default Company) [File not signed]
BHO-x32: IEBrowserAssistant -> {2421CBA2-89B7-4734-8438-49E0D7EB8A75} -> C:\Users\Debbie\AppData\Roaming\IEBrowserAssistant \adxloader.dll [2018-11-13] (Default Company) [File not signed]
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG8\avgssie.dll => No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3358373597-1690568811-3966139131-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Debbie\Desktop\67702742_10211103468221886 _5226150221913784320_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EDE300A4-4668-487C-80BF-7ED7CB87CCE2}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{AA880568-314B-4828-A4EE-91C38FD10C0D}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{21D7B6EA-61B9-4BAE-A031-21BFCE3B3839}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{3953B7E4-57BB-4E11-B665-3F60D3482BB0}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{2ABEF0F6-D7E7-4CD6-8130-B2BB7338C92E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5571D8C7-1384-4564-8EF5-D7BA6F76D0CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{659D87C1-3DE0-418F-9809-DF7EB7ABC663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4A97183-33D1-4565-B766-18CAB9D31A68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE6CCC3F-7752-4CC0-AB94-B2695D0E9798}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{6580FCD0-21B4-40BA-A917-CC62C0E87EB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60AD2FD3-DB9C-4128-BCB9-8DA8E051859F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2772ECF0-0BCC-4B67-AAFB-4CA766397A4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C20609E6-D64E-40D0-8CA1-F777E3A612FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAD5DCD7-4035-4FAA-99F2-6B48E5022FA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2601F319-B3A6-40FA-B148-BF4EEBD879AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{307C059B-F0A3-4E54-BEC1-59BF31336815}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DD9A8C3-2B7F-413B-B0B8-76D833F18148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01DD18EE-ED29-4982-BA65-008096800FC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672 .0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{18FC0007-2E32-4170-81CB-50B2131A1229}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{25897CAB-D1C9-4915-974E-3219973E3636}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

20-05-2021 19:51:32 Scheduled Checkpoint
29-05-2021 19:42:45 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/28/2021 11:48:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/28/2021 11:42:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/22/2021 12:04:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/21/2021 11:42:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/14/2021 11:56:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/14/2021 11:42:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/12/2021 05:40:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (05/12/2021 05:40:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (05/12/2021 05:40:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Avast Antivirus service did not shut down properly after receiving a preshutdown control.

Error: (05/05/2021 04:08:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Storage Service service hung on starting.

Error: (05/05/2021 04:07:45 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-ELI7VR8)
Description: DCOM got error "1053" attempting to start the service gupdatem with arguments "/comsvc" in order to run the server:
{E225E692-4B47-4777-9BED-4FD7FE257F0E}

Error: (05/05/2021 04:07:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdatem) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/05/2021 04:07:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdatem) service to connect.

Error: (04/15/2021 09:19:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (04/15/2021 09:17:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (04/11/2021 02:04:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.


CodeIntegrity:
===============
Date: 2021-06-01 11:30:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-01 11:28:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A11 12/30/2011
Motherboard: Dell Inc. 0D28YY
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 71%
Total physical RAM: 8073.05 MB
Available physical RAM: 2299.36 MB
Total Virtual: 12008.97 MB
Available Virtual: 2191.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.19 GB) (Free:419.09 GB) NTFS

\\?\Volume{ec7a2b63-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EC7A2B63)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Reply With Quote
  #10  
Old June 1st, 2021, 08:48 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Not seeing any malware outright, but kind of an antivirus logjam. Go here and download and run AVG Clear. Then reboot, and go here and download and run avastclear. Reboot, and post back here any changes there.
Reply With Quote
  #11  
Old June 5th, 2021, 01:54 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Are you still needing help?
Reply With Quote
  #12  
Old June 6th, 2021, 08:55 AM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
Yes I do
Reply With Quote
  #13  
Old June 6th, 2021, 02:02 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Where do you see the infection warnings? Do they show up in a display in the lower right corner of your screen?
Reply With Quote
  #14  
Old June 10th, 2021, 04:27 PM
littleone littleone is offline
Senior Member
 
Join Date: Aug 2017
Posts: 133
they are popping up on bottom right screen and I notice they are only doing it on Chrome??
Reply With Quote
  #15  
Old June 10th, 2021, 06:02 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,143
Reset Chrome. It Gets attachments that Malwarebytes doesn't catch, and can run apps even when closed.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 04:49 PM.