Thank you for the assistance. Both logs are posted below.
FRST Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by Helena (administrator) on HELENA-PC (06-08-2016 19:09:25)
Running from C:\Users\Helena\Desktop
Loaded Profiles: Helena (Available Profiles: Helena)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
() C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Helena\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-10] (Intel Corporation)
HKLM-x32\...\Run: [D-Link D-Link DWA-121] => C:\Program Files (x86)\D-Link\DWA-121 revA\AirNCFG.exe [1079600 2013-03-19] (D-Link Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-08-14] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3746497652-99284834-819367531-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-24] (SUPERAntiSpyware)
HKU\S-1-5-21-3746497652-99284834-819367531-1000\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1707632 2012-08-14] (CyberLink Corp.)
HKU\S-1-5-21-3746497652-99284834-819367531-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-07-24]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-01-17]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-04-20]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{84E3B946-060C-44A1-B082-3D7859732B3B}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{A4E4995F-30E7-4BDF-849C-4FC850F0AC69}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3746497652-99284834-819367531-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3746497652-99284834-819367531-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-08] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-11-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-08] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-11-28] (Oracle Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-11-13] (Belarc, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345
FF DefaultSearchEngine.US: Google
FF Homepage: www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-11-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-11-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-08] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: StumbleUpon - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-09-05]
FF Extension: WOT - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-03]
FF Extension: Zoom Page - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\extensions\[email protected] [2016-07-27]
FF Extension: Pin It button - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\Extensions\[email protected] [2015-09-03]
FF Extension: WiseStamp Web - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\Extensions\[email protected] [2016-06-23]
FF Extension: Shorten URL (bit.ly) - C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Profiles\ju292vok.default-1438795000345\Extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi [2015-08-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-08] (AVAST Software)
R2 D_Link_DWA-121_WPS; C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe [49152 2012-12-24] () [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2010-06-08] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-01-17] (ASRock Incorporation)
S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [20232 2013-09-09] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DRTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-20] (Realtek Semiconductor Corporation )
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-07] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 19:09 - 2016-08-06 19:09 - 00018136 _____ C:\Users\Helena\Desktop\FRST.txt
2016-08-06 19:08 - 2016-08-06 19:08 - 02393600 _____ (Farbar) C:\Users\Helena\Desktop\FRST64(1).exe
2016-08-06 17:51 - 2016-08-06 17:58 - 00000000 ____D C:\Users\Helena\Desktop\Scripture Power Printout
2016-08-02 20:07 - 2016-08-02 20:07 - 00037325 _____ C:\Users\Helena\Downloads\2012-10-153-scripture-power-eng.pdf
2016-08-01 10:35 - 2016-08-01 11:06 - 00000000 ____D C:\Users\Helena\Desktop\Golden Island Jerky
2016-07-31 13:13 - 2016-07-31 13:13 - 02581653 _____ C:\Users\Helena\Downloads\NEW FILE LIST(1).pdf
2016-07-31 13:09 - 2016-07-31 13:09 - 01760950 _____ C:\Users\Helena\Downloads\Presentation Songs.pdf
2016-07-24 22:32 - 2016-07-24 22:32 - 00001095 _____ C:\Users\Public\Desktop\Kaspersky Software Updater Beta.lnk
2016-07-24 22:32 - 2016-07-24 22:32 - 00001055 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2016-07-24 22:32 - 2016-07-24 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-07-24 22:32 - 2016-07-24 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-07-24 22:32 - 2016-07-24 22:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-24 22:32 - 2016-07-24 22:32 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-07-24 22:30 - 2016-07-24 22:30 - 02671128 _____ (Kaspersky Lab) C:\Users\Helena\Downloads\kss16.0.0.1344en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_ko_id_pt_ar_vi_hi_zh-hant_fa_10518.exe
2016-07-24 22:28 - 2016-07-24 22:28 - 00000000 ____D C:\Users\Helena\AppData\Roaming\QuickScan
2016-07-22 18:27 - 2016-08-04 11:55 - 00000000 ____D C:\Users\Helena\Desktop\Sticky Blogging Notes
2016-07-15 16:33 - 2016-07-15 16:33 - 00063014 _____ C:\Users\Helena\Downloads\26209009854-529422192-ticket.pdf
2016-07-13 10:08 - 2016-07-13 10:08 - 11438608 _____ (SurfRight B.V.) C:\Users\Helena\Downloads\hitmanpro_x64(1).exe
2016-07-13 10:04 - 2016-07-13 10:04 - 00001879 _____ C:\Users\Helena\Desktop\JRT.txt
2016-07-13 10:02 - 2016-07-13 10:02 - 01610560 _____ (Malwarebytes) C:\Users\Helena\Downloads\JRT.exe
2016-07-13 09:59 - 2016-07-13 10:00 - 03712064 _____ C:\Users\Helena\Downloads\adwcleaner_5.201(1).exe
2016-07-13 09:51 - 2016-07-13 09:52 - 03712064 _____ C:\Users\Helena\Downloads\adwcleaner_5.201.exe
2016-07-13 09:00 - 2016-07-13 10:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-12 21:09 - 2016-08-01 10:24 - 00000000 ____D C:\Users\Helena\Desktop\Affiliate Collection
2016-07-10 14:25 - 2016-07-10 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-07-10 14:25 - 2016-07-08 09:39 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-08 09:39 - 2016-07-08 09:39 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 19:09 - 2016-03-02 16:21 - 00000000 ____D C:\FRST
2016-08-06 18:19 - 2015-10-06 21:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-06 17:58 - 2015-07-03 14:42 - 00000000 ____D C:\Users\Helena\Desktop\Primary
2016-08-06 17:23 - 2009-07-13 22:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-06 17:23 - 2009-07-13 22:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-06 17:16 - 2009-07-13 23:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-06 17:16 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-08-06 17:09 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-06 08:18 - 2014-01-17 15:50 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-05 19:07 - 2014-03-21 14:37 - 00000000 ____D C:\Users\Helena\Documents\Outlook Files
2016-08-05 14:31 - 2015-09-06 09:57 - 00462848 ___SH C:\Users\Helena\Desktop\Thumbs.db
2016-08-05 14:27 - 2014-08-23 14:39 - 00000000 ____D C:\Users\Helena\Desktop\Web pictures
2016-08-05 08:47 - 2014-01-17 15:50 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-04 18:22 - 2015-11-10 19:19 - 00000000 ____D C:\Users\Helena\Desktop\Reviews Only
2016-08-04 10:43 - 2015-07-06 11:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 21:07 - 2015-01-03 19:29 - 00000000 ____D C:\Users\Helena\Desktop\A Gal Needs
2016-07-31 10:35 - 2015-04-10 18:23 - 00000000 ____D C:\Users\Helena\Desktop\Insightful
2016-07-30 14:01 - 2015-03-30 18:54 - 00000000 ____D C:\Users\Helena\Desktop\Giveaways
2016-07-26 16:13 - 2014-01-17 16:22 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-24 22:40 - 2014-08-29 20:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-24 22:31 - 2016-02-27 17:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-07-23 21:49 - 2016-07-02 14:24 - 00019604 ____H C:\Users\Helena\Desktop\~WRL0420.tmp
2016-07-16 15:32 - 2014-01-17 19:17 - 00000000 ____D C:\Users\Helena\AppData\Local\Microsoft Help
2016-07-13 15:39 - 2016-06-13 19:07 - 00000000 ____D C:\Users\Helena\Desktop\Sundance
2016-07-13 10:20 - 2014-02-01 23:20 - 00133120 ___SH C:\Users\Helena\Thumbs.db
2016-07-13 10:18 - 2014-01-17 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-13 10:15 - 2015-12-12 09:24 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-13 10:00 - 2016-03-03 16:53 - 00000000 ____D C:\AdwCleaner
2016-07-13 08:13 - 2015-07-06 11:36 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 07:32 - 2014-01-17 15:50 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-12 10:46 - 2015-10-06 21:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 10:45 - 2014-01-17 16:00 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-12 10:45 - 2014-01-17 16:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 10:45 - 2014-01-17 16:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 10:45 - 2014-01-17 15:59 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-10 14:25 - 2016-03-02 18:52 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-10 14:25 - 2016-02-12 21:57 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1455335821
2016-07-08 09:39 - 2016-02-11 22:55 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-08 09:39 - 2014-04-27 14:37 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-08 09:39 - 2014-01-17 15:50 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-08 09:39 - 2014-01-17 15:50 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146799242084902
2016-07-08 09:39 - 2014-01-17 15:50 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-08 09:39 - 2014-01-17 15:50 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-08 09:39 - 2014-01-17 15:50 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-08 09:39 - 2014-01-17 15:50 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
==================== Files in the root of some directories =======
2014-01-17 15:20 - 2014-01-17 15:20 - 0000000 _____ () C:\Users\Helena\AppData\Local\Driver_LOM_8161Present.flag
2014-01-17 15:14 - 2014-01-17 15:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-06 08:18
==================== End of FRST.txt ============================
Addition Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by Helena (2016-08-06 19:09:43)
Running from C:\Users\Helena\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-01-17 20:53:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3746497652-99284834-819367531-500 - Administrator - Disabled)
Guest (S-1-5-21-3746497652-99284834-819367531-501 - Limited - Disabled)
Helena (S-1-5-21-3746497652-99284834-819367531-1000 - Administrator - Enabled) => C:\Users\Helena
HomeGroupUser$ (S-1-5-21-3746497652-99284834-819367531-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
ASRock HDMI Switch v1.0.25 (HKLM-x32\...\ASRock HDMI Switch_is1) (Version: 1.0.25 - )
ASRock Key Master v1.0.6 (HKLM-x32\...\ASRock Key Master_is1) (Version: 1.0.6 - )
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Belarc Advisor 8.5b (HKLM-x32\...\Belarc Advisor) (Version: 8.5.2.0 - Belarc Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CollageIt 1.9.3 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version: 1.9.3 - PearlMountain Technology Co., Ltd)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2014 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Link DWA-121 (HKLM-x32\...\{ACB879B8-19A7-4310-BD93-5D745CA6B798}) (Version: - D-Link Corporation)
E-Hammer (HKLM-x32\...\E-Hammer1.0.0) (Version: 1.0.0 - Asus)
FamilySearch Indexing 3.26.0 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.26.0 - FamilySearch)
F-Stream Tuning v2.0.39.1 (HKLM-x32\...\F-Stream Tuning_is1) (Version: 2.0.39.1 - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{EE7C94CC-BECB-4000-B5E3-D895307B9D5E}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.2.228 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05CD5EB4-1357-4D3C-9B4B-7360B9046F1D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {18AAC443-E0DF-4293-9311-E3371C8B285F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {30FC47DE-1547-4D69-A7FC-C8F8EDF808D1} - \HDMISwitch -> No File <==== ATTENTION
Task: {40270424-2A8D-4B15-84B0-30CE97BEB65D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {4578A731-F52D-490C-B20F-9D41AF761950} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {5A7274C4-F097-4066-A80E-8BDEA9EB560B} - System32\Tasks\AsrKM => C:\Program Files (x86)\ASRock Utility\Key Master\AsrKM.exe
Task: {C7321E26-71C4-4A47-8617-3E49679768C8} - System32\Tasks\SafeZone scheduled Autoupdate 1455335821 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {DFB30C65-4410-42A5-9475-524CDF4B92E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-08] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-01-17 15:26 - 2013-05-28 19:58 - 00454656 _____ () C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
2014-01-17 15:38 - 2012-12-24 22:08 - 00049152 _____ () C:\Program Files (x86)\D-Link\DWA-121 revA\ANIWConnService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-08-08 16:30 - 2013-08-08 16:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2016-07-08 09:39 - 2016-07-08 09:39 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-06 08:18 - 2016-08-06 08:18 - 03012096 _____ () C:\Program Files\AVAST Software\Avast\defs\16080600\algo.dll
2016-07-08 09:39 - 2016-07-08 09:39 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2014-01-17 19:10 - 2012-08-15 06:29 - 00807440 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2014-01-17 19:10 - 2012-08-01 04:47 - 01319024 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
2014-01-17 19:10 - 2012-08-15 06:29 - 00176656 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2014-01-17 15:39 - 2014-01-17 15:39 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-121 revA\ANPDApi.dll
2014-01-17 15:38 - 2013-01-18 20:21 - 00303104 _____ () C:\Program Files (x86)\D-Link\DWA-121 revA\WlanApp.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-07-08 09:39 - 2016-07-08 09:39 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-17 19:10 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-01-17 15:17 - 2013-09-03 18:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3746497652-99284834-819367531-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helena\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{437AC30D-0F9B-43E7-9D26-C8636D8530B2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{2F2ADC61-5CCA-46C3-AF0C-968FBD6DDDC2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{E1DE450D-22E1-4515-9185-DEBB16A33A09}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{4DA3649B-B12B-4F9E-9A76-1DBDA889922D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{844EF005-C26C-4E6C-B8C2-31A0C370EA96}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{174D4580-3AB8-4A40-9B1E-28C59CF5312A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1930773D-CE2B-4DFD-AF56-BA12ECF365D7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{3D90784B-23D8-4111-8376-12FBDD9E0585}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{8A694256-2763-4166-9A98-A5A27CB75D38}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{080F6635-8C33-401D-8ED9-56E58CBE1763}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [{CBAE2DFC-5892-40D5-8B64-429AEDD90798}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{77980433-A4CD-454B-9590-DC596FD977C5}] => (Allow) LPort=2869
FirewallRules: [{02CD281D-F5FE-4C16-BB5D-770C97885FB1}] => (Allow) LPort=1900
FirewallRules: [{0A6EDCEE-3772-4937-9259-9743EFE90218}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56591900-419A-4E7F-83C6-5B7E436A5867}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DE3875E1-1CBD-4B36-A128-98E6BE7B4277}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{42A6BA4A-0B2F-47A4-AFBE-B33EB0EFCE18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9C573DF7-AD6D-496C-94B5-36AD74F52831}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2D85E6BC-B7CC-4B73-BBB4-5B77121C545F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4398F3A2-C44E-46A8-918B-588811245027}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C1F7DDBC-9198-4C61-9BA1-250B989ABD0C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CA3F79F9-4A3F-40EE-93C6-95AD8EE2B646}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0F79F1B-3D4F-45AD-8477-AE98AB1A9D3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20031123-092F-452E-BE60-71A0DE7F51DE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{ABDB47A6-1625-4321-A12F-A284E0FB870A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Restore Points =========================
25-05-2016 19:59:41 Scheduled Checkpoint
02-06-2016 12:29:26 Scheduled Checkpoint
09-06-2016 12:31:06 Scheduled Checkpoint
17-06-2016 14:15:00 Scheduled Checkpoint
25-06-2016 11:38:57 Scheduled Checkpoint
03-07-2016 00:00:01 Scheduled Checkpoint
10-07-2016 17:02:02 Scheduled Checkpoint
13-07-2016 10:03:11 JRT Pre-Junkware Removal
13-07-2016 10:14:23 Checkpoint by HitmanPro
13-07-2016 10:15:17 Checkpoint by HitmanPro
21-07-2016 20:07:44 Scheduled Checkpoint
28-07-2016 20:15:10 Scheduled Checkpoint
05-08-2016 11:43:04 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2016 05:09:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/04/2016 01:29:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/02/2016 11:44:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2016 05:11:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2016 04:13:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/24/2016 04:47:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 47.0.1.6018, time stamp: 0x576c9637
Faulting module name: mozglue.dll, version: 47.0.1.6018, time stamp: 0x576c85ba
Exception code: 0x80000003
Fault offset: 0x0000f02b
Faulting process id: 0x16d0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (07/23/2016 08:38:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 47.0.1.6018, time stamp: 0x576c85bd
Faulting module name: ntdll.dll, version: 6.1.7601.23418, time stamp: 0x5708a73e
Exception code: 0xc0000374
Fault offset: 0x000ce843
Faulting process id: 0x12f0
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Error: (07/21/2016 09:41:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2016 01:07:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/13/2016 10:48:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/06/2016 05:09:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (08/06/2016 05:08:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (08/04/2016 01:29:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (08/02/2016 11:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/27/2016 05:10:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/26/2016 04:13:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/21/2016 04:50:41 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Error: (07/21/2016 09:41:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/21/2016 09:41:28 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:38:51 AM on 7/21/2016 was unexpected.
Error: (07/21/2016 09:33:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
CodeIntegrity:
===================================
Date: 2016-08-06 17:09:09.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 17:09:03.476
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 17:09:03.351
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-04 13:29:02.640
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-04 13:28:57.304
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-04 13:28:57.258
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 11:43:31.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 11:43:10.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 11:43:10.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-27 17:09:48.141
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 7856.74 MB
Available physical RAM: 5772.73 MB
Total Virtual: 15711.66 MB
Available Virtual: 12918.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:787.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D39C8DFD)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================