Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Videos and text box replaced with ad box [Closed]


  • This topic is locked This topic is locked

#1
buer93

buer93

    Member

  • Member
  • PipPip
  • 11 posts
Hello, my laptop is infected with something that causes videos not load but just replaced with an ad.

Also my ad blocker is now constantly blocking things.

When I tried posting to this forum on that lap top the text box would load and then be replaced with an ad in the top left corner.

Same thing happens when I try playing runescape. Will try to load and then is replaced with ad in top left corner.

Just copied the text into an email, emailed it to my phone, and copied and pasted it here. Hope I got everything.

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

Ran by Mack (2016-04-09 18:57:32)

Running from C:\Users\Mack\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2011-11-06 03:09:09)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-4293282829-1684631028-3940860919-500 - Administrator - Disabled)

Guest (S-1-5-21-4293282829-1684631028-3940860919-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-4293282829-1684631028-3940860919-1002 - Limited - Enabled)

Mack (S-1-5-21-4293282829-1684631028-3940860919-1000 - Administrator - Enabled) => C:\Users\Mack

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

2013 National Construction Estimator CD (HKLM-x32\...\{02C88209-64C8-4C5A-8928-44AC6FE5B307}) (Version: 1.00.0000 - Craftsman Book Company)

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Autodesk 123D 32 Bit (HKLM-x32\...\{9DDFFAAF-E1BE-470C-8533-D5C186056922}) (Version: 1.0.6 - Autodesk)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2261 - AVAST Software)

Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

Canon MF Toolbox 4.9.1.1.mf14 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf14 - CANON INC.)

Canon MF4800 Series (HKLM\...\{444085BE-389B-4330-A291-3FC258B846EC}) (Version: 4.1.0.1 - CANON INC.)

CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

Craftsman Software Update (HKLM-x32\...\{ED9686AC-D463-4511-8A1E-C5811B410B2D}) (Version: 3.03.0000 - Craftsman Book Company)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Data Vault (Version: 4.3.7.0 - Dell Inc.) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)

Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)

Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)

Dell SupportAssistAgent (HKLM-x32\...\{B57A8AFE-6735-4497-BD52-BD2F838F5CF0}) (Version: 1.2.1.31 - Dell)

Dell System Detect (HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\9204f5692a8faf3b) (Version: 5.1.0.41 - Dell)

Dell System Detect Bootstrapper (HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)

Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)

Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)

Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.18 - Creative Technology Ltd)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit)

eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)

Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)

Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.1 - Ellora Assets Corporation)

FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)

Google Chrome (HKLM-x32\...\{75615E8E-1D89-3B1F-87E4-B31AC2F23A77}) (Version: 49.0.2623.112 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

IcoFX 2.6 (HKLM-x32\...\IcoFX 2_is1) (Version:  - )

IGS Viewer 2.3 (HKLM-x32\...\{37614826-F9EE-4674-A060-3F447C4788E6}_is1) (Version:  - IdeaMK) <==== ATTENTION

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{451A5ECC-C9A5-4944-B28D-23656C9E03D0}) (Version: 14.1.2000 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Intel® WiDi (HKLM-x32\...\{03703CBB-563D-45CE-8B35-CB04CAB258BE}) (Version: 2.1.38.0 - Intel Corporation)

Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )

IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)

iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)

Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)

Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 45.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)

Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)

QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

RealDownloader (x32 Version: 17.0.8 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.8 - RealNetworks)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden

Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)

Skype 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com)

Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)

Sweet Home 3D version 3.7 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)

SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden

The National Estimator (HKLM-x32\...\{35495A1B-B920-4F7E-84AD-9D42B9E8D1FF}) (Version: 4.01.0001 - Craftsman Book Company)

TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)

Unity Web Player (HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)

WildTangent Games App (Dell Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0A02A65F-EB13-4894-956B-6AA8274D574E} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe

Task: {147073C7-C9B4-45F0-A143-C550EC306C20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)

Task: {16D29A2D-B3FF-46C8-A2AE-BAD41B07714B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4293282829-1684631028-3940860919-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)

Task: {1849EB54-E018-4412-BCC5-83B274D183DE} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4293282829-1684631028-3940860919-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)

Task: {1B9CE01C-C52B-401A-B844-D36677DF6786} - System32\Tasks\Driver Booster SkipUAC (Mack) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-04-01] (IObit)

Task: {2E479663-D60C-4B93-BB19-409607A1BF81} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4293282829-1684631028-3940860919-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)

Task: {31BCB341-364B-4E77-8806-0169B1596AF0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)

Task: {45D25ACC-763A-4471-9EA7-BF8E187DFBD8} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-03-28] (IObit)

Task: {6E5F7134-B11F-4160-B8F3-253109DB219D} - \GoforFilesUpdate -> No File <==== ATTENTION

Task: {72C9F1E8-D1F5-40BB-A68A-A7D32BCA726F} - System32\Tasks\Uninstaller_SkipUac_Mack => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)

Task: {84172F4B-73BD-4999-82D2-F780AD912CB7} - System32\Tasks\SafeZone scheduled Autoupdate 1460160895 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)

Task: {85DC1EE0-B537-4935-882E-FE77544E0CE6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.)

Task: {868BAC9D-479B-43D8-B996-A16C97F68FC9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-08] (AVAST Software)

Task: {89F19A70-C10D-4D4B-91D3-0A10E00EC1D5} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {8EC70730-88A9-494D-980E-5EB8F185989F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)

Task: {911E57C3-1769-46E2-91F5-A14CAFE8DADF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

Task: {948EB232-4B05-41CE-99F7-9017889E4CCD} - System32\Tasks\{58519AB9-269D-4D3D-993C-A8BEEDC60DAD} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2012-09-12] (Microsoft Corporation)

Task: {A0E68A8B-7542-43F8-9BE0-2FBDC53B185E} - System32\Tasks\ASC8_SkipUac_Mack => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe

Task: {B5765243-3CA5-48D8-849E-4798A935D248} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.)

Task: {CC6AAA8E-8C08-4E81-8A1B-699A7D664AF9} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

Task: {D151FA52-26E0-4D5D-83A1-7EF46C6AB23D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-08] (Google Inc.)

Task: {D4BC9942-EB48-43C4-9B35-D3A5FF55C4D3} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4293282829-1684631028-3940860919-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)

Task: {EEF7DC74-1353-4221-A1FC-3D215C41DC5F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-03-14] (Dell Inc.)

Task: {F2EE5415-2E7F-45F4-87FD-F1A6C7E2D02B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)

Task: {F9C92D12-33DA-48F6-9899-FFF8CC95904D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2011-06-16 11:37 - 2011-06-16 11:37 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-15 03:18 - 2014-03-15 03:18 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

2014-03-20 21:13 - 2014-03-20 21:13 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

2011-09-05 04:36 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2011-06-16 11:37 - 2011-06-16 11:37 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2011-09-05 05:37 - 2011-03-26 18:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2016-04-08 19:11 - 2016-04-08 19:11 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2016-04-08 19:11 - 2016-04-08 19:11 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2016-04-09 13:23 - 2016-04-09 13:23 - 02876416 _____ () C:\Program Files\AVAST Software\Avast\defs\16040901\algo.dll

2016-04-08 19:11 - 2016-04-08 19:11 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

2014-04-04 09:23 - 2014-04-04 09:23 - 00869976 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll

2015-01-14 17:30 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl

2015-01-14 17:30 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl

2015-01-14 17:30 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

2015-12-30 14:38 - 2015-12-30 14:38 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Users\Mack\Downloads\adwcleaner.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\avast_free_antivirus_setup.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\ccsetup401.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\ccsetup402.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\ccsetup409.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\FreemakeYoutubeMp3ConverterSetup.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\jxpiinstall.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\N7110A13.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\revosetup.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\Setup3DVIA.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\SUPERAntiSpyware.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\wlsetup-web.exe:BDU [0]

AlternateDataStreams: C:\Users\Mack\Downloads\zps15_en_free.exe:BDU [0]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\dell.com -> dell.com

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 21:34 - 2014-01-09 20:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1       localhost

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mack\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.1 - 217.12.218.116

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Mack^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Craftsman Software Update.lnk => C:\Windows\pss\Craftsman Software Update.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Mack^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup

MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{1AB49DE2-B304-4EF3-B11D-9F30618062A1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{382605FA-A78B-487F-93CF-B7E8E0B27E27}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{DEBC4906-6F34-4AEE-994D-3ACBB34A19D9}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe

FirewallRules: [{3153E401-E4E0-4BF3-9680-31E036250C6C}] => (Allow) LPort=9700

FirewallRules: [{6EA43DDE-2E28-4E53-8AD5-C1627B28954C}] => (Allow) LPort=9701

FirewallRules: [{BFB3FCF2-85B5-4A27-8072-2D03E8561D8B}] => (Allow) LPort=9702

FirewallRules: [{249EE2A8-65B7-4B95-A677-81B8B52178CE}] => (Allow) LPort=9700

FirewallRules: [{B13B1A1B-BC62-484C-BE91-41BFDCDC3DD3}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [{160327F5-F697-44EA-A91A-4087A06373B5}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [TCP Query User{85B38C51-E596-48E7-8FB4-B75E71CDBFDD}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe

FirewallRules: [UDP Query User{6B6B7208-8190-49CD-913C-767AF6FBB77A}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe

FirewallRules: [{5C3770D6-5EB4-4AB7-8427-66FFA96266DD}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [{87176104-C163-4FB8-9BF8-CF83F90D33BF}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe

FirewallRules: [{62919144-FE12-499B-B6F4-2029E7C18C6E}] => (Allow) C:\Users\Mack\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{45AD741E-9A3B-4FD4-B98D-1816F48D3274}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{45404B20-11E4-4ABA-82C1-3A6675CF94B0}] => (Allow) LPort=2869

FirewallRules: [{495A9D17-9B6A-4880-8D8A-3D8C5B0EFC3A}] => (Allow) LPort=1900

FirewallRules: [{9D7FD7C3-860C-4CD9-99A8-15974BAC43B6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [TCP Query User{D30F7DD8-589D-4947-B85F-0A4C87D45FB6}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe

FirewallRules: [UDP Query User{E19E4E17-50F6-4248-B4D3-D562906ACD87}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => (Block) C:\program files (x86)\dell\dell datasafe online\nobuclient.exe

FirewallRules: [{E75F8116-415D-40E6-9321-D0CE3559AF97}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe

FirewallRules: [{17E0A9DF-5056-414C-9E6C-4323F52C0B6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{8541C2DD-C8EE-49A1-BC6B-3CE9581D0FBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{1A0E71A4-E3E2-4405-8479-78ACC9BC76E7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [UDP Query User{C7B0A1EE-5657-4EF3-A296-C55AF1B9AA68}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [TCP Query User{DA0FE27B-056E-4A82-B469-6019DBD11596}E:\simplisafewizard.exe] => (Allow) E:\simplisafewizard.exe

FirewallRules: [UDP Query User{498C90CF-E79C-494C-B72E-39B84C596477}E:\simplisafewizard.exe] => (Allow) E:\simplisafewizard.exe

FirewallRules: [{D6F7009C-8F0E-4B3C-87D4-1EEA6141247A}] => (Allow) C:\Program Files (x86)\Common Files\Nero\BDCore\Nero Blu-ray Player\Blu-rayPlayer.exe

FirewallRules: [{E96ABE7D-DED3-47A5-8E4C-22ABF4582796}] => (Allow) C:\Program Files (x86)\Common Files\Nero\BDCore\Nero Blu-ray Player\Blu-rayPlayer.exe

FirewallRules: [{06418ABC-C060-400B-9896-1B5220B63AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{1329E5D3-F180-498A-8C21-BC5BFAEB508F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C5020044-7734-4373-B2C4-E80A6B032B34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{9DB121A6-01A3-42E7-8F58-995272036BE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{AF7E0E74-C753-42EE-9E90-EEA13B620D95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{4DFC4090-F62C-4E78-A814-EFBF7EF0BA1C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{567F6FE2-824C-42C8-9400-E847C7D906E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{896ADCC8-1254-4324-A470-06D513425FB3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{A17AD9A9-DD2D-48EE-A4C4-F9D6D75D00B1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{223BEF6A-E309-49BF-A54D-B213DCE2270B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{103F00B0-EF6E-4335-A54F-C633574025E2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{51E0FCAB-D1D9-49A7-A89E-5A731B387E6C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{689C74A4-09E6-44BB-B308-86AAE6F6D979}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{EF6D76B5-398E-4FBA-B1BC-0A3FB31ECDFE}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{422901FC-9B8E-4D0F-B354-A04B72578105}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

24-03-2016 15:53:25 Dell Update: DSD Cert Removal

25-03-2016 03:00:21 Windows Update

29-03-2016 07:56:13 Windows Update

01-04-2016 09:29:28 Windows Update

05-04-2016 09:12:07 Windows Update

05-04-2016 18:46:32 Driver Booster : C460 Series

08-04-2016 13:43:47 Windows Update

09-04-2016 13:24:03 Restore Operation

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft Virtual WiFi Miniport Adapter

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Bluetooth Device (Personal Area Network)

Description: Bluetooth Device (Personal Area Network)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: BthPan

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Microsoft Virtual WiFi Miniport Adapter #2

Description: Microsoft Virtual WiFi Miniport Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (04/09/2016 06:56:08 PM) (Source: SideBySide) (EventID: 59) (User: )

Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.

Invalid Xml syntax.

 

Error: (04/09/2016 06:56:08 PM) (Source: SideBySide) (EventID: 59) (User: )

Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.

Invalid Xml syntax.

 

Error: (04/09/2016 06:56:08 PM) (Source: SideBySide) (EventID: 59) (User: )

Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.

Invalid Xml syntax.

 

Error: (04/09/2016 01:44:30 PM) (Source: System Restore) (EventID: 8210) (User: )

Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070002.

 

Error: (04/09/2016 01:41:57 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/09/2016 01:19:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5549b1aa

Faulting module name: KERNELBASE.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c3

Exception code: 0xe0434352

Fault offset: 0x0000c52f

Faulting process id: 0xa6c

Faulting application start time: 0xFreemakeUtilsService.exe0

Faulting application path: FreemakeUtilsService.exe1

Faulting module path: FreemakeUtilsService.exe2

Report Id: FreemakeUtilsService.exe3

 

Error: (04/09/2016 01:18:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

 

Error: (04/09/2016 01:18:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

 

Error: (04/09/2016 01:18:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

 

Error: (04/09/2016 01:18:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNS_Execute: SendResponses didn't send all its responses; will try again in one second

 

 

System errors:

=============

Error: (04/09/2016 01:41:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

amdkmafd

 

Error: (04/09/2016 01:21:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Freemake Improver service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (04/09/2016 12:13:56 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

 

CodeIntegrity:

===================================

  Date: 2014-01-09 19:25:56.172

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-09 19:25:56.079

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-09 18:48:46.887

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-09 18:40:02.639

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-09 12:40:21.519

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-09 12:30:31.351

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-08 23:53:26.116

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-08 23:46:24.681

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-08 22:48:12.487

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-01-08 21:27:19.096

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Defender Pro\Defender Pro 15-in-1\active virus control\Avc3_00204_021\avcuf64.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info ===========================

 

Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz

Percentage of memory in use: 36%

Total physical RAM: 6038.17 MB

Available physical RAM: 3831.86 MB

Total Virtual: 12074.54 MB

Available Virtual: 9420 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:576.54 GB) (Free:482.68 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 07F2837E)

Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)

Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=576.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01

Ran by Mack (administrator) on MACK-PC (09-04-2016 18:56:37)

Running from C:\Users\Mack\Desktop

Loaded Profiles: Mack (Available Profiles: Mack)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\koala.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8849152 2016-04-05] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-06-16] (Intel® Corporation)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390096 2016-04-08] (AVAST Software)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-04-04] (RealNetworks, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-02-29] (SUPERAntiSpyware)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-08] (AVAST Software)

BootExecute: autocheck autochk * sdnclean64.exe

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer: [S-1-5-21-4293282829-1684631028-3940860919-1000] => localhost:8080

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 217.12.218.116 8.8.8.8

Tcpip\..\Interfaces\{8B0905F3-7FE1-4A66-9755-15427A847782}: [DhcpNameServer] 192.168.1.1 217.12.218.116 8.8.8.8

 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01

HKU\S-1-5-21-4293282829-1684631028-3940860919-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM -> {7052DA55-2833-4A34-920F-0840624A1D45} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKLM-x32 -> {7052DA55-2833-4A34-920F-0840624A1D45} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-4293282829-1684631028-3940860919-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\S-1-5-21-4293282829-1684631028-3940860919-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\S-1-5-21-4293282829-1684631028-3940860919-1000 -> {7052DA55-2833-4A34-920F-0840624A1D45} URL =

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-01-14] (IObit)

BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-27] (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-08] (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-27] (Oracle Corporation)

BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-08] (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKLM-x32 - No Name - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} -  No File

Toolbar: HKU\S-1-5-21-4293282829-1684631028-3940860919-1000 -> No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File

DPF: HKLM {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

 

FireFox:

========

FF ProfilePath: C:\Users\Mack\AppData\Roaming\Mozilla\Firefox\Profiles\k4zxu0mg.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-27] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-27] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-04-04] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-03-15] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-03-15] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-03-15] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-04-04] (RealPlayer Cloud)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-08] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-08] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-10-12] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-4293282829-1684631028-3940860919-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mack\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-4293282829-1684631028-3940860919-1000: autodesk.com/Autodesk123D -> C:\Users\Mack\AppData\Roaming\Autodesk\Autodesk123D32\1.0.6\npAutodesk123D32.dll [2013-03-05] (Autodesk)

FF Plugin HKU\S-1-5-21-4293282829-1684631028-3940860919-1000: autodesk.com/Autodesk123DShapes -> C:\Users\Mack\AppData\Local\Autodesk\123DPlugins\Autodesk 123D Shapes321.0.111\npAutodesk123DShapes32.dll [2013-04-17] (Autodesk)

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-15] [not signed]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-09]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-04] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2016-04-08] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2013-06-06] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-09]

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found

 

Chrome:

=======

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-06]

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-06]

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-08] (AVAST Software)

R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)

R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201816 2016-01-05] (Dell Inc.)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-05-06] (Freemake) [File not signed]

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-12] (IObit)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-16] ()

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()

R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-04] (RealNetworks, Inc.)

R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-04-05] (Realtek Semiconductor)

S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-01-22] (SolidWorks) [File not signed]

R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

S3 MozillaMaintenance; no ImagePath

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-08] (AVAST Software)

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-08] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-08] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-08] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-08] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-08] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-08] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-08] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-08] (AVAST Software)

R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2015-03-04] (Motorola Solutions, Inc.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2016-01-05] (Dell Computer Corporation)

R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-04] (REALiX™)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-09] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-04-05] (Realsil Semiconductor Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)

S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

====================One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-04-09 18:56 - 2016-04-09 18:57 - 00025426 _____ C:\Users\Mack\Desktop\FRST.txt

2016-04-09 18:55 - 2016-04-09 18:56 - 00000000 ____D C:\FRST

2016-04-09 18:55 - 2016-04-09 18:55 - 02374144 _____ (Farbar) C:\Users\Mack\Desktop\FRST64.exe

2016-04-09 18:38 - 2016-04-09 18:38 - 03119168 _____ C:\Users\Mack\Downloads\adwcleaner_5.109.exe

2016-04-09 13:43 - 2016-04-09 13:43 - 00058016 _____ C:\Users\Mack\AppData\Local\GDIPFONTCACHEV1.DAT

2016-04-09 13:42 - 2016-04-09 13:42 - 00000000 ____D C:\Users\Mack\AppData\Local\Google

2016-04-09 13:39 - 2016-04-09 13:39 - 00267672 _____ C:\Windows\system32\FNTCACHE.DAT

2016-04-09 00:01 - 2016-04-09 00:01 - 00000000 ____D C:\Users\Mack\AppData\Roaming\SUPERAntiSpyware.com

2016-04-09 00:00 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2016-04-09 00:00 - 2016-04-09 13:37 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2016-04-09 00:00 - 2016-04-09 00:00 - 25350712 _____ (SUPERAntiSpyware) C:\Users\Mack\Downloads\SUPERAntiSpyware(1).exe

2016-04-09 00:00 - 2016-04-09 00:00 - 00001770 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2016-04-09 00:00 - 2016-04-09 00:00 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com

2016-04-08 23:33 - 2016-04-08 23:41 - 00000000 ____D C:\Users\Mack\AppData\Local\Mozilla

2016-04-08 23:33 - 2016-04-08 23:34 - 00000000 ____D C:\Users\Mack\AppData\Roaming\Mozilla

2016-04-08 23:31 - 2016-04-09 13:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-04-08 23:31 - 2016-04-09 13:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-04-08 23:31 - 2016-04-08 23:31 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-04-08 23:30 - 2016-04-08 23:30 - 00307200 _____ (Secure By Design Inc.) C:\Users\Mack\Downloads\Ninite Firefox Installer.exe

2016-04-08 23:28 - 2016-04-08 23:28 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-04-08 23:28 - 2016-04-08 23:28 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-04-08 23:27 - 2016-04-09 18:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-04-08 23:27 - 2016-04-09 13:39 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-04-08 23:27 - 2016-04-08 23:27 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2016-04-08 23:27 - 2016-04-08 23:27 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2016-04-08 23:25 - 2016-04-08 23:25 - 00000973 _____ C:\Users\Mack\Desktop\JRT.txt

2016-04-08 22:30 - 2016-04-08 22:30 - 00158408 _____ C:\Users\Mack\Desktop\bookmarks-2016-04-08.json

2016-04-08 21:20 - 2016-04-08 21:20 - 06868672 _____ (Piriform Ltd) C:\Users\Mack\Downloads\ccsetup516.exe

2016-04-08 21:10 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2016-04-08 21:10 - 2016-04-08 21:10 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk

2016-04-08 21:09 - 2016-04-09 13:38 - 00000000 ____D C:\Program Files (x86)\iTunes

2016-04-08 21:09 - 2016-04-09 13:37 - 00000000 ____D C:\Program Files\iTunes

2016-04-08 21:09 - 2016-04-08 21:09 - 00000000 ____D C:\Program Files\iPod

2016-04-08 21:05 - 2016-04-09 13:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2016-04-08 21:05 - 2016-04-09 13:37 - 00000000 ____D C:\Windows\System32\Tasks\Apple

2016-04-08 20:56 - 2016-04-09 13:38 - 00000000 ____D C:\Program Files (x86)\QuickTime

2016-04-08 20:56 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2016-04-08 20:56 - 2016-04-08 20:56 - 00001847 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2016-04-08 19:15 - 2016-04-08 19:15 - 00003046 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460160895

2016-04-08 19:15 - 2016-04-08 19:15 - 00000999 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk

2016-04-08 19:15 - 2016-04-08 19:15 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

2016-04-08 19:12 - 2016-04-08 19:12 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2016-04-08 19:12 - 2016-04-08 19:11 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2016-04-08 19:11 - 2016-04-08 19:11 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr

2016-04-08 19:00 - 2016-04-09 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3

2016-04-08 19:00 - 2016-04-08 19:00 - 00003238 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler

2016-04-08 19:00 - 2016-04-08 19:00 - 00002156 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk

2016-04-08 19:00 - 2016-04-08 19:00 - 00000000 ____D C:\Windows\IObit

2016-04-08 18:46 - 2016-04-08 18:46 - 14982312 _____ (IObit ) C:\Users\Mack\Downloads\driver_booster_setup(5).exe

2016-04-07 01:46 - 2016-04-07 01:46 - 01079702 _____ C:\Users\Mack\Downloads\TaxDocument.pdf

2016-04-05 19:08 - 2016-04-09 13:37 - 00000000 ____D C:\Users\Mack\Downloads\ToolBox_4911mf17_Win_EN

2016-04-05 19:05 - 2016-04-05 19:05 - 00000000 ____D C:\Users\Mack\Downloads\MF4800MFDriversV2090W64usEN

2016-04-05 19:02 - 2016-04-09 13:40 - 00003358 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4293282829-1684631028-3940860919-1000

2016-04-05 18:54 - 2016-04-05 18:54 - 11531536 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys

2016-04-05 18:53 - 2016-04-05 18:53 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys

2016-04-05 18:53 - 2016-04-05 18:53 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc

2016-04-05 18:53 - 2016-04-05 18:53 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe

2016-04-05 18:53 - 2016-04-05 18:53 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl

2016-04-05 18:53 - 2016-04-05 18:53 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00101376 _____ C:\Windows\system32\igdde64.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00031984 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll

2016-04-05 18:53 - 2016-04-05 18:53 - 00017082 _____ C:\Windows\system32\iglhxs64.vp

2016-04-05 18:53 - 2016-04-05 18:53 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll

2016-04-05 18:52 - 2016-04-09 13:37 - 00000000 ____D C:\Windows\SysWOW64\sda

2016-04-05 18:52 - 2016-04-05 18:52 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe

2016-04-05 18:52 - 2016-04-05 18:52 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys

2016-04-05 18:52 - 2016-04-05 18:52 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll

2016-04-05 18:51 - 2016-04-05 18:51 - 01027840 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2016-04-05 18:51 - 2016-04-05 18:51 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat

2016-04-05 18:47 - 2016-04-05 18:47 - 05576400 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT

2016-04-05 18:47 - 2016-04-05 18:47 - 04803840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2016-04-05 18:47 - 2016-04-05 18:47 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 03198720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 03081808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 02894976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2016-04-05 18:47 - 2016-04-05 18:47 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 02049664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01977072 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01743632 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00914024 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00768824 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00642928 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00577840 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00410040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00074608 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00069928 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll

2016-04-05 18:47 - 2016-04-05 18:47 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2016-04-05 18:44 - 2016-04-05 18:44 - 10452536 _____ C:\Users\Mack\Downloads\ToolBox_4911mf17_Win_EN.exe

2016-04-05 18:43 - 2016-04-05 18:45 - 42057200 _____ C:\Users\Mack\Downloads\MF4800MFDriversV2090W64usEN.exe

2016-03-30 23:01 - 2016-03-30 23:01 - 00000000 __SHD C:\found.000

2016-03-25 15:57 - 2016-04-07 13:43 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask

2016-03-25 15:57 - 2016-03-25 15:57 - 00004026 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2016-03-25 15:57 - 2016-03-25 15:57 - 00003340 _____ C:\Windows\System32\Tasks\PCDDataUploadTask

2016-03-25 15:57 - 2016-03-25 15:57 - 00003214 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest

2016-03-25 15:56 - 2016-03-25 15:56 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows

2016-03-25 15:56 - 2016-03-25 15:56 - 00000000 ____D C:\Program Files\Dell Support Center

2016-03-24 20:56 - 2016-03-24 20:56 - 00734784 _____ (Oracle Corporation) C:\Users\Mack\Downloads\jxpiinstall(4).exe

2016-03-24 14:31 - 2016-03-24 14:31 - 00087220 _____ C:\Users\Mack\Desktop\Light'em Up Gunsmithing - 164710 Invoice.pdf

2016-03-24 14:29 - 2016-03-24 14:29 - 00317758 _____ C:\Users\Mack\Desktop\Light Em Up 8-17.pdf

2016-03-24 14:28 - 2016-03-24 14:28 - 00324936 _____ C:\Users\Mack\Desktop\Light Em Up Gunsmithing 12-14 JB.pdf

2016-03-24 14:25 - 2016-03-24 14:25 - 00109124 _____ C:\Users\Mack\Desktop\Light'em 02-23-2015 420761 (1).pdf

2016-03-24 14:25 - 2016-03-24 14:25 - 00106505 _____ C:\Users\Mack\Desktop\Light'em 02-23-2015 420762.pdf

2016-03-24 14:01 - 2016-03-24 14:01 - 00065503 _____ C:\Users\Mack\Desktop\Inv_DD119_from_RUGGED_DESIGN_INC._10584 (1).pdf

2016-03-15 11:20 - 2016-03-15 11:20 - 00169264 _____ C:\Users\Mack\Desktop\Ron Breberg.pdf

2016-03-10 14:23 - 2016-02-19 14:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2016-03-10 14:23 - 2016-02-19 13:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2016-03-10 14:23 - 2016-02-19 09:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2016-03-10 14:23 - 2016-02-11 09:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2016-03-10 14:23 - 2016-02-05 09:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2016-03-10 14:23 - 2016-02-05 09:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2016-03-10 14:23 - 2016-02-05 09:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-04-09 18:47 - 2014-01-11 09:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-04-09 18:01 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-04-09 18:01 - 2009-07-13 23:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-04-09 17:56 - 2014-09-17 10:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-04-09 13:44 - 2014-01-09 19:46 - 00000000 ____D C:\ProgramData\boost_interprocess

2016-04-09 13:43 - 2014-06-01 22:47 - 00002870 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mack)

2016-04-09 13:41 - 2011-09-05 04:36 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

2016-04-09 13:40 - 2016-01-29 14:19 - 00003222 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4293282829-1684631028-3940860919-1000

2016-04-09 13:40 - 2011-09-05 04:45 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks

2016-04-09 13:40 - 2011-09-05 04:45 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks

2016-04-09 13:39 - 2009-07-14 00:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2016-04-09 13:39 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-04-09 13:38 - 2014-09-17 10:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-04-09 13:38 - 2014-06-01 22:47 - 00000000 ____D C:\ProgramData\IObit

2016-04-09 13:38 - 2011-11-13 03:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2016-04-09 13:38 - 2011-11-13 03:06 - 00000000 ____D C:\Program Files\CCleaner

2016-04-09 13:37 - 2015-12-30 18:15 - 00000000 ___RD C:\Program Files (x86)\Skype

2016-04-09 13:37 - 2015-12-03 17:44 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software

2016-04-09 13:37 - 2015-04-05 03:11 - 00000000 ___SD C:\Windows\system32\GWX

2016-04-09 13:37 - 2015-01-14 17:32 - 00000000 ____D C:\Users\Mack\AppData\Roaming\ProductData

2016-04-09 13:37 - 2015-01-14 17:30 - 00000000 ____D C:\Users\Mack\AppData\LocalLow\IObit

2016-04-09 13:37 - 2015-01-14 17:30 - 00000000 ____D C:\ProgramData\ProductData

2016-04-09 13:37 - 2014-09-17 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-04-09 13:37 - 2014-06-01 22:47 - 00000000 ____D C:\Users\Mack\AppData\Roaming\IObit

2016-04-09 13:37 - 2013-05-12 02:16 - 00000000 ____D C:\Windows\ERUNT

2016-04-09 13:37 - 2012-01-25 20:28 - 00000000 ____D C:\Users\Mack\AppData\Roaming\Skype

2016-04-09 13:37 - 2011-11-12 16:50 - 00000000 ____D C:\Program Files\Common Files\Apple

2016-04-09 13:37 - 2011-11-06 15:03 - 00000000 ____D C:\Windows\system32\Macromed

2016-04-09 13:37 - 2011-11-05 22:09 - 00000000 ____D C:\Users\Mack

2016-04-09 13:37 - 2011-09-05 05:59 - 00000000 ____D C:\Windows\SysWOW64\RTCOM

2016-04-09 13:37 - 2010-11-21 02:16 - 00000000 ___RD C:\Users\Public\Recorded TV

2016-04-09 13:37 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media

2016-04-09 13:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security

2016-04-09 13:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration

2016-04-09 13:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf

2016-04-09 13:20 - 2014-01-08 21:10 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2016-04-09 00:28 - 2013-04-26 23:29 - 00000000 ____D C:\Users\Mack\AppData\Local\CrashDumps

2016-04-08 23:31 - 2013-05-11 02:34 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-04-08 23:28 - 2013-02-01 23:21 - 00000000 ____D C:\Program Files (x86)\Google

2016-04-08 23:25 - 2013-12-14 12:35 - 00000000 ____D C:\Users\Mack\Desktop\Virus Cleaners

2016-04-08 23:12 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2016-04-08 21:53 - 2013-01-20 16:35 - 00000000 ____D C:\Windows\Minidump

2016-04-08 21:21 - 2011-11-13 03:06 - 00000784 _____ C:\Users\Public\Desktop\CCleaner.lnk

2016-04-08 21:11 - 2013-06-06 14:28 - 00000000 ____D C:\Program Files (x86)\Freemake

2016-04-08 21:05 - 2011-11-12 16:51 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2016-04-08 20:59 - 2011-09-05 04:38 - 00000000 ____D C:\ProgramData\Skype

2016-04-08 20:25 - 2014-01-22 18:02 - 00000000 ____D C:\Users\Mack\AppData\Local\genienext

2016-04-08 19:12 - 2014-08-07 07:47 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2016-04-08 19:12 - 2014-01-08 21:10 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys

2016-04-08 19:12 - 2014-01-08 21:07 - 00000000 ____D C:\ProgramData\AVAST Software

2016-04-08 19:11 - 2014-01-08 21:10 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2016-04-08 19:11 - 2014-01-08 21:08 - 00000000 ____D C:\Program Files\AVAST Software

2016-04-08 19:07 - 2014-09-17 10:30 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-04-08 18:59 - 2014-06-01 22:47 - 00000000 ____D C:\Program Files (x86)\IObit

2016-04-08 18:51 - 2009-07-14 00:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI

2016-04-08 18:40 - 2012-02-05 22:55 - 00000000 ____D C:\Users\Mack\AppData\Roaming\SoftGrid Client

2016-04-08 18:18 - 2014-09-02 11:47 - 00000000 ____D C:\Users\Mack\AppData\Local\Adobe

2016-04-08 18:18 - 2014-01-11 09:40 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-04-08 18:18 - 2014-01-11 09:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-04-08 18:18 - 2014-01-11 09:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-04-08 13:32 - 2011-11-05 23:36 - 00000024 _____ C:\Users\Mack\random.dat

2016-04-07 19:46 - 2011-11-05 23:36 - 00000043 _____ C:\Users\Mack\jagex_cl_runescape_LIVE.dat

2016-04-07 01:51 - 2014-02-23 13:15 - 00000000 ___RD C:\Users\Mack\Desktop\Light'em Up Gunsmithing LLC

2016-04-05 18:53 - 2015-05-14 13:44 - 12694808 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll

2016-04-05 18:53 - 2015-05-14 13:44 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll

2016-04-05 18:53 - 2015-05-14 13:44 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll

2016-04-05 18:53 - 2014-01-22 22:34 - 11245520 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll

2016-04-05 18:53 - 2011-09-05 05:37 - 12937864 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll

2016-04-05 18:53 - 2011-09-05 05:37 - 11117808 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll

2016-04-05 18:53 - 2011-09-05 05:37 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll

2016-04-05 18:53 - 2011-09-05 05:37 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll

2016-04-05 18:53 - 2011-09-05 05:37 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll

2016-04-05 18:51 - 2011-09-05 05:38 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll

2016-03-30 18:01 - 2013-06-04 17:02 - 00000044 _____ C:\Users\Mack\jagex_cl_runescape_LIVE1.dat

2016-03-25 17:14 - 2015-02-12 14:55 - 00000000 ____D C:\ProgramData\SupportAssistAgent

2016-03-25 15:56 - 2011-11-05 23:42 - 00000000 ____D C:\ProgramData\PCDr

2016-03-25 15:56 - 2011-09-05 04:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

2016-03-25 03:16 - 2015-04-05 03:11 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2016-03-24 21:01 - 2013-12-13 16:12 - 00000000 ____D C:\ProgramData\Oracle

2016-03-24 21:00 - 2014-07-22 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-03-24 21:00 - 2013-07-15 17:45 - 00000000 ____D C:\Program Files (x86)\Java

2016-03-24 20:59 - 2015-12-30 17:01 - 00000000 ____D C:\Users\Mack\.oracle_jre_usage

2016-03-24 20:59 - 2014-07-22 17:44 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2016-03-18 16:18 - 2011-11-13 03:10 - 00000000 ____D C:\Windows\pss

2016-03-16 13:56 - 2011-11-05 23:09 - 00000000 ____D C:\Users\Mack\AppData\Local\Nero

2016-03-15 11:29 - 2015-01-14 16:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2016-03-15 11:28 - 2016-03-09 14:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-03-11 04:07 - 2014-12-10 15:43 - 00000000 ____D C:\Windows\system32\appraiser

2016-03-10 18:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache

2016-03-10 14:09 - 2014-09-17 10:30 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-03-10 14:08 - 2014-09-17 10:30 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-03-10 14:08 - 2013-05-11 14:29 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

 

==================== Files in the root of some directories =======

 

2013-03-04 01:03 - 2013-03-04 01:03 - 0000288 _____ () C:\Users\Mack\AppData\Roaming\.backup.dm

2013-01-18 22:24 - 2013-02-17 23:35 - 0000000 _____ () C:\Users\Mack\AppData\Roaming\.NANotifyHere

2014-06-11 23:50 - 2014-07-10 19:33 - 0000209 _____ () C:\Users\Mack\AppData\Roaming\uninstall.bat

2012-04-18 14:22 - 2012-09-04 00:03 - 0006144 _____ () C:\Users\Mack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-01-24 23:18 - 2014-01-24 23:18 - 0229992 _____ () C:\ProgramData\1390621399.bdinstall.bin

2012-01-25 20:33 - 2012-01-25 20:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-04-08 00:40

 

==================== End of FRST.txt ============================

Edited by buer93, 09 April 2016 - 07:46 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, let me know how the computer is after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
ProxyServer: [S-1-5-21-4293282829-1684631028-3940860919-1000] => localhost:8080
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No File
2016-04-08 20:25 - 2014-01-22 18:02 - 00000000 ____D C:\Users\Mack\AppData\Local\genienext
Task: {6E5F7134-B11F-4160-B8F3-253109DB219D} - \GoforFilesUpdate -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP