Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Windows 8 On Laptop not working.

  1. #1
    Member
    Join Date
    Jun 2008
    Posts
    54

    Default Windows 8 On Laptop not working.

    Hello and thanks in advance for your help.

    About a week ago I noticed a strange problem with streaming online video from sites like youtube and others. If I pause a video and step away for any length of time it won't start up again. Similarly if I watch one video straight through and then try to watch another the second one will not work at all. I though it was a flash problem but then I went to a video site that uses HTML5 and the same thing happened.

    Later that day when I tried to shut down the laptop I realized that the tablet screen for windows 8 wasn't coming up at all. I had to use Control, alt, delete to shut down. Since then the tablet screen will come up sometimes but it always sticks for several minutes until I have to shut down to get it back. Additionally there have been some audio problems with the speakers suddenly not working for a while but then working again the next day.

    I tried to download the Farbar Recovery Scan Tool but every time it says the download fails. And eventually when I find a site that I can download from (Although it says it fails there too) there is a message saying It can not run on my PC. I have tried both the 32 and 64 versions.

    Below is my aswMBR Log and the SpybotS&D log in case that helps

    aswMBR Log

    aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
    Run date: 2015-07-18 18:33:39
    -----------------------------
    18:33:39.686 OS Version: Windows x64 6.2.9200
    18:33:39.686 Number of processors: 2 586 0x2A07
    18:33:39.687 ComputerName: DELL UserName: Alan
    18:33:41.195 Initialize success
    18:33:41.218 VM: initialized successfully
    18:33:41.220 VM: Intel CPU supported virtualized
    18:33:44.897 VM: disk I/O iaStorA.sys
    18:33:48.003 AVAST engine defs: 15071804
    18:33:51.624 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002c
    18:33:51.627 Disk 0 Vendor: ST320LM001_HN-M320MBB 2AR20003 Size: 305245MB BusType: 11
    18:33:51.756 Disk 0 MBR read successfully
    18:33:51.763 Disk 0 MBR scan
    18:33:51.772 Disk 0 unknown MBR code
    18:33:51.779 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
    18:33:51.813 Disk 0 scanning C:\windows\system32\drivers
    18:34:07.172 Service scanning
    18:34:37.309 Modules scanning
    18:34:37.325 Disk 0 trace - called modules:
    18:34:37.715 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
    18:34:37.727 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001d70dc060]
    18:34:37.736 3 CLASSPNP.SYS[fffff80008802170] -> nt!IofCallDriver -> [0xffffe001d5cabb40]
    18:34:37.743 5 ACPI.sys[fffff80008a3ec21] -> nt!IofCallDriver -> \Device\0000002c[0xffffe001d5ca8060]
    18:34:38.422 AVAST engine scan C:\windows
    18:34:40.650 AVAST engine scan C:\windows\system32
    18:38:27.870 AVAST engine scan C:\windows\system32\drivers
    18:38:46.264 AVAST engine scan C:\Users\user
    18:39:36.364 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
    18:39:36.371 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"


    Search results from Spybot - Search & Destroy

    7/18/2015 5:57:44 PM
    Scan took 00:00:06.
    3 items found.

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-784291939-2049310861-2985522810-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-784291939-2049310861-2985522810-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

    Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)



    --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

    2014-06-24 blindman.exe (2.4.40.151)
    2014-06-24 explorer.exe (2.4.40.181)
    2014-06-24 SDBootCD.exe (2.4.40.109)
    2014-06-24 SDCleaner.exe (2.4.40.110)
    2014-06-24 SDDelFile.exe (2.4.40.94)
    2013-06-18 SDDisableProxy.exe
    2014-06-24 SDFiles.exe (2.4.40.135)
    2014-06-24 SDFileScanHelper.exe (2.4.40.1)
    2014-06-24 SDFSSvc.exe (2.4.40.217)
    2014-06-24 SDHelp.exe (2.4.40.1)
    2014-04-25 SDHookHelper.exe (2.3.39.2)
    2014-04-25 SDHookInst32.exe (2.3.39.2)
    2014-04-25 SDHookInst64.exe (2.3.39.2)
    2014-06-24 SDImmunize.exe (2.4.40.130)
    2015-07-01 SDInform2xWin10.exe (1.3.0.0)
    2014-06-24 SDLogReport.exe (2.4.40.107)
    2014-06-24 SDOnAccess.exe (2.4.40.11)
    2014-06-24 SDPESetup.exe (2.4.40.3)
    2014-06-24 SDPEStart.exe (2.4.40.86)
    2014-06-24 SDPhoneScan.exe (2.4.40.28)
    2014-06-24 SDPRE.exe (2.4.40.22)
    2014-06-24 SDPrepPos.exe (2.4.40.15)
    2014-06-24 SDQuarantine.exe (2.4.40.103)
    2014-06-24 SDRootAlyzer.exe (2.4.40.116)
    2014-06-24 SDSBIEdit.exe (2.4.40.39)
    2014-06-24 SDScan.exe (2.4.40.181)
    2014-06-24 SDScript.exe (2.4.40.54)
    2014-06-24 SDSettings.exe (2.4.40.139)
    2014-06-24 SDShell.exe (2.4.40.2)
    2014-06-24 SDShred.exe (2.4.40.108)
    2014-06-24 SDSysRepair.exe (2.4.40.102)
    2014-06-24 SDTools.exe (2.4.40.157)
    2014-06-24 SDTray.exe (2.4.40.129)
    2014-06-27 SDUpdate.exe (2.4.40.94)
    2014-06-27 SDUpdSvc.exe (2.4.40.77)
    2014-06-24 SDWelcome.exe (2.4.40.130)
    2014-04-25 SDWSCSvc.exe (2.3.39.2)
    2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
    2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
    2014-07-31 spybotsd2-translation-esx.exe
    2013-06-19 spybotsd2-translation-frx.exe
    2015-03-25 spybotsd2-translation-hrx.exe
    2014-08-25 spybotsd2-translation-hux2.exe
    2014-10-01 spybotsd2-translation-nlx2.exe
    2014-11-05 spybotsd2-translation-ukx.exe
    2014-07-26 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2014-04-25 NotificationSpreader.dll
    2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
    2015-03-25 SDAV.dll
    2014-06-24 SDECon32.dll (2.4.40.114)
    2014-06-24 SDECon64.dll (2.3.39.113)
    2014-06-24 SDEvents.dll (2.4.40.2)
    2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
    2014-04-25 SDHook32.dll (2.3.39.2)
    2014-04-25 SDHook64.dll (2.3.39.2)
    2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
    2014-06-24 SDLicense.dll (2.4.40.0)
    2014-06-24 SDLists.dll (2.4.40.4)
    2014-06-24 SDResources.dll (2.4.40.7)
    2014-06-24 SDScanLibrary.dll (2.4.40.131)
    2014-06-24 SDTasks.dll (2.4.40.15)
    2014-06-24 SDWinLogon.dll (2.4.40.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2014-06-24 Tools.dll (2.4.40.36)
    2015-04-22 Includes\Adware-000.sbi
    2015-02-27 Includes\Adware-001.sbi
    2015-07-15 Includes\Adware-C.sbi
    2014-01-13 Includes\Adware.sbi
    2014-01-13 Includes\AdwareC.sbi
    2010-08-13 Includes\Cookies.sbi
    2014-11-14 Includes\Dialer-000.sbi
    2014-11-14 Includes\Dialer-001.sbi
    2014-01-08 Includes\Dialer-C.sbi
    2014-01-13 Includes\Dialer.sbi
    2014-01-13 Includes\DialerC.sbi
    2014-01-09 Includes\Fraud-000.sbi
    2014-01-09 Includes\Fraud-001.sbi
    2014-03-31 Includes\Fraud-002.sbi
    2014-01-09 Includes\Fraud-003.sbi
    2012-11-14 Includes\HeavyDuty.sbi
    2014-11-14 Includes\Hijackers-000.sbi
    2014-11-14 Includes\Hijackers-001.sbi
    2014-01-08 Includes\Hijackers-C.sbi
    2014-01-13 Includes\Hijackers.sbi
    2014-01-13 Includes\HijackersC.sbi
    2014-01-08 Includes\iPhone-000.sbi
    2014-01-08 Includes\iPhone.sbi
    2014-11-14 Includes\Keyloggers-000.sbi
    2014-09-24 Includes\Keyloggers-C.sbi
    2014-01-13 Includes\Keyloggers.sbi
    2014-01-13 Includes\KeyloggersC.sbi
    2014-11-14 Includes\Malware-000.sbi
    2014-11-14 Includes\Malware-001.sbi
    2014-11-14 Includes\Malware-002.sbi
    2014-11-14 Includes\Malware-003.sbi
    2014-11-14 Includes\Malware-004.sbi
    2014-11-14 Includes\Malware-005.sbi
    2014-02-26 Includes\Malware-006.sbi
    2014-01-09 Includes\Malware-007.sbi
    2015-07-01 Includes\Malware-C.sbi
    2014-01-13 Includes\Malware.sbi
    2013-12-23 Includes\MalwareC.sbi
    2014-11-14 Includes\PUPS-000.sbi
    2014-01-15 Includes\PUPS-001.sbi
    2014-01-15 Includes\PUPS-002.sbi
    2015-07-15 Includes\PUPS-C.sbi
    2012-11-14 Includes\PUPS.sbi
    2014-01-07 Includes\PUPSC.sbi
    2014-01-08 Includes\Security-000.sbi
    2014-01-08 Includes\Security-C.sbi
    2014-01-21 Includes\Security.sbi
    2014-01-21 Includes\SecurityC.sbi
    2014-11-14 Includes\Spyware-000.sbi
    2015-05-06 Includes\Spyware-001.sbi
    2015-05-27 Includes\Spyware-C.sbi
    2014-01-21 Includes\Spyware.sbi
    2014-01-21 Includes\SpywareC.sbi
    2011-06-07 Includes\Tracks.sbi
    2012-11-19 Includes\Tracks.uti (*)
    2014-01-15 Includes\Trojans-000.sbi
    2014-01-15 Includes\Trojans-001.sbi
    2014-11-14 Includes\Trojans-002.sbi
    2014-01-15 Includes\Trojans-003.sbi
    2014-01-15 Includes\Trojans-004.sbi
    2014-03-19 Includes\Trojans-005.sbi
    2015-03-31 Includes\Trojans-006.sbi
    2014-01-15 Includes\Trojans-007.sbi
    2014-07-09 Includes\Trojans-008.sbi
    2014-07-09 Includes\Trojans-009.sbi
    2015-07-15 Includes\Trojans-C.sbi
    2014-01-15 Includes\Trojans-OG-000.sbi
    2014-01-15 Includes\Trojans-TD-000.sbi
    2014-01-15 Includes\Trojans-VM-000.sbi
    2014-01-15 Includes\Trojans-VM-001.sbi
    2014-01-15 Includes\Trojans-VM-002.sbi
    2014-01-15 Includes\Trojans-VM-003.sbi
    2014-01-15 Includes\Trojans-VM-004.sbi
    2014-01-15 Includes\Trojans-VM-005.sbi
    2014-01-15 Includes\Trojans-VM-006.sbi
    2014-01-15 Includes\Trojans-VM-007.sbi
    2014-01-15 Includes\Trojans-VM-008.sbi
    2014-01-15 Includes\Trojans-VM-009.sbi
    2014-01-15 Includes\Trojans-VM-010.sbi
    2014-01-15 Includes\Trojans-VM-011.sbi
    2014-01-15 Includes\Trojans-VM-012.sbi
    2014-01-15 Includes\Trojans-VM-013.sbi
    2014-01-15 Includes\Trojans-VM-014.sbi
    2014-01-15 Includes\Trojans-VM-015.sbi
    2014-01-15 Includes\Trojans-VM-016.sbi
    2014-01-15 Includes\Trojans-VM-017.sbi
    2014-01-15 Includes\Trojans-VM-018.sbi
    2014-01-15 Includes\Trojans-VM-019.sbi
    2014-01-15 Includes\Trojans-VM-020.sbi
    2014-01-15 Includes\Trojans-VM-021.sbi
    2014-01-15 Includes\Trojans-VM-022.sbi
    2014-01-15 Includes\Trojans-VM-023.sbi
    2014-01-15 Includes\Trojans-VM-024.sbi
    2014-01-15 Includes\Trojans-ZB-000.sbi
    2014-01-15 Includes\Trojans-ZL-000.sbi
    2014-01-09 Includes\Trojans.sbi
    2014-01-16 Includes\TrojansC-01.sbi
    2014-01-16 Includes\TrojansC-02.sbi
    2014-01-16 Includes\TrojansC-03.sbi
    2014-01-16 Includes\TrojansC-04.sbi
    2014-01-16 Includes\TrojansC-05.sbi
    2014-01-09 Includes\TrojansC.sbi

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I'm going to try and help here but I'm not that familiar with windows 8 as I would like to be.

    You might be having hardware issues here rather then malware.

    use your mouse or your finger if its a touch screen and swipe from the very top right slightly downward and to the left and the Charms bar will open, just click on Search and type in Device Manager
    Look for and locate anything related to your video hardware/ accelerator and look for question marks or red flags.

    May need to let windows uninstall and reinstall the adapters.

    If you can use a clean computer, using a USB flash drive, download and transfer to yours to see if we can get Farbar Recovery Scan Tool to run to completion.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Member
    Join Date
    Jun 2008
    Posts
    54

    Default

    Thanks for taking the time to help. I went to the device manager and looked for the question marks and red flags but didn't see anything. I've attached a screen capture of it so you can see if I missed anything.

    The reason I came here to the malware section is because I went to Microsoft support first and asked for their help. They suggested it was malware, but the guy's diagnosis was cursory at best with little more info than what I posted here. It may have been he was trying to get me to pay for their tech service, I don't know.

    I don't have a clean PC at home, I will have to see if I can get it at work tomorrow so I will probably be posting around this time tomorrow again.

    Thanks again.

    Device Manager Screen Capture.jpg

  4. #4
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Quote Originally Posted by STN1225 View Post
    Thanks for taking the time to help. I went to the device manager and looked for the question marks and red flags but didn't see anything. I've attached a screen capture of it so you can see if I missed anything.

    The reason I came here to the malware section is because I went to Microsoft support first and asked for their help. They suggested it was malware, but the guy's diagnosis was cursory at best with little more info than what I posted here. It may have been he was trying to get me to pay for their tech service, I don't know.

    I don't have a clean PC at home, I will have to see if I can get it at work tomorrow so I will probably be posting around this time tomorrow again.

    Thanks again.

    Device Manager Screen Capture.jpg
    Without seeing a couple of logs from tools we normally request, I can't rule out malware but...

    First Let's see if you have to most current version of Flash, might be a simple solution, or not.
    https://www.adobe.com/software/flash/about/
    This site should check which version you have and if it needs to be updated.

    ~~~~~~~~~~~~~~~~~~`
    Please try to download a couple of things to run...Might need to disable your antivirus software first


    Please download Malwarebytes Anti-Malware and save it to your desktop.
    • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
    • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"
    • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
    • You will be prompted to update Malwarebytes...click on the Update Now button.
    • The THREAT SCAN will automatically begin.
    • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
    • After rebooting the computer, copy and paste the mbam.log in your next reply.

    To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
    • Open Malwarebytes Anti-Malware.
    • Click the History Tab at the top and select Application Logs.
    • Select (check) the box next to Scan Log. Choose the most current scan.
    • Click the View button.
    • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
    • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
    • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

    To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)



    When the scan is finished and the log pops up...select Copy to Clipboard

    Please paste the log back into this thread for review

    Exit Malwarebytes


    • Open Malwarebytes Anti-Malware.
    • Click the Scan Tab at the top.
    • Click the View detailed log link on the right.
    • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
    • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
    • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

    Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
    -- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
    -- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

    ~~~~~~~~~~~~~~~~~~~``

    AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

    -- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    ~~
    please post
    Malwarebytes Anti-Malware log
    C:\AdwCleaner.txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Member
    Join Date
    Jun 2008
    Posts
    54

    Default Requested Scan Log

    So I noticed that the problems I was previously having have stopped so I tried to download the Farbar tool and guess what, it worked this time. Everything seems to be working normally now. And I've done nothing. This has me worried that whatever virus I have has buried itself deep. So I went ahead and downloaded the requested programs and ran them as instructed. Please note that much of the instructions you posted did not coincide with the layout of the various programs. I think they have been updated since those instructions were drafted.

    Anyway, My flash is up-to-date and I've included all the logs as attachments and posted the full text below, for whichever way you prefer.

    JRT.txt
    AdwCleaner[S0].txt
    Mal Bytes Scan Log.txt
    FRST.txt
    Addition.txt

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
    Ran by Alan (administrator) on DELL on 21-07-2015 21:16:53
    Running from C:\Users\user\Desktop
    Loaded Profiles: Alan (Available Profiles: Alan)
    Platform: Windows 8.1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
    HKLM\...\Run: [Dell Audio] => c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20591616 2012-08-06] ()
    HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-07-31] (Qualcomm Atheros)
    HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-07-31] (Qualcomm Atheros Commnucations)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-16] (AVAST Software)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
    HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-03] (Google Inc.)
    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-12]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-07-13]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-16] (AVAST Software)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/
    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-784291939-2049310861-2985522810-1001 -> {15FA46C5-6D67-4BC0-B79F-850F465F5D88} URL =
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-07-31] (Qualcomm Atheros Commnucations)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-16] (AVAST Software)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-07-16] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-16] (AVAST Software)
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    Handler: WSWSVCUchrome - No CLSID Value
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 200.1.104.36 200.1.104.35
    Tcpip\..\Interfaces\{ADF1526D-699B-4004-865B-2981DAC3C120}: [DhcpNameServer] 200.1.104.35 200.1.104.36
    Tcpip\..\Interfaces\{FA97450F-E882-43C3-ABEF-371CF299A2F4}: [DhcpNameServer] 200.1.104.36 200.1.104.35

    FireFox:
    ========
    FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0wpdo2pa.default
    FF DefaultSearchEngine: Google
    FF DefaultSearchEngine.US: Google
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin HKU\S-1-5-21-784291939-2049310861-2985522810-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-784291939-2049310861-2985522810-1001: @talk.google.com/O1DPlugin -> C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-784291939-2049310861-2985522810-1001: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
    FF Plugin HKU\S-1-5-21-784291939-2049310861-2985522810-1001: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-26]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF HKU\S-1-5-21-784291939-2049310861-2985522810-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
    FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

    Chrome:
    =======
    CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-28]
    CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-28]
    CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-28]
    CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-28]
    CHR Extension: (Avast SafePrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-04]
    CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-26]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
    CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
    CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-28]
    CHR Extension: (Abstract-Blue) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2014-07-17]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AECLFilters; C:\Windows\system32\AECLSr64.exe [99696 2012-08-06] (Andrea Electronics Corporation)
    S2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-16] (AVAST Software)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
    S2 CirrusAudioService; c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe [7168 2012-08-06] (Cirrus Logic) [File not signed]
    S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [145288 2015-04-09] (Dell Inc.)
    S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
    S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
    S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
    S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-06-09] (Dell Inc.)
    S3 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
    S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
    S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
    S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-07-22] (Atheros) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-16] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-16] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-16] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-16] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-16] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-16] (AVAST Software)
    S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-16] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-16] (AVAST Software)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
    R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFDx64.sys [41328 2012-08-06] (Cirrus Logic)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
    R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
    S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
    S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
    R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-21] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
    S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
    S3 GENERICDRV; \??\C:\Users\user\Downloads\amifldrv64.sys [X]
    S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015 [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-21 21:16 - 2015-07-21 21:17 - 00020436 _____ C:\Users\user\Desktop\FRST.txt
    2015-07-21 21:16 - 2015-07-21 21:16 - 02135552 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
    2015-07-21 21:16 - 2015-07-21 21:16 - 00000000 ____D C:\FRST
    2015-07-21 21:14 - 2015-07-21 21:14 - 00002178 _____ C:\Users\user\Desktop\JRT.txt
    2015-07-21 21:03 - 2015-07-21 21:03 - 01798288 _____ (Malwarebytes Corporation) C:\Users\user\Desktop\JRT.exe
    2015-07-21 21:01 - 2015-07-21 21:01 - 00002391 _____ C:\Users\user\Desktop\AdwCleaner[S0].txt
    2015-07-21 21:01 - 2015-07-21 21:01 - 00000000 ___RD C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2015-07-21 20:51 - 2015-07-21 20:57 - 00000000 ____D C:\AdwCleaner
    2015-07-21 20:51 - 2015-07-21 20:51 - 02248704 _____ C:\Users\user\Desktop\AdwCleaner.exe
    2015-07-21 20:43 - 2015-07-21 20:43 - 00003799 _____ C:\Users\user\Desktop\Mal Bytes Scan Results.txt
    2015-07-21 20:18 - 2015-07-21 20:59 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2015-07-21 20:18 - 2015-07-21 20:18 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-07-21 20:18 - 2015-07-21 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-07-21 20:17 - 2015-07-21 20:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-07-21 20:17 - 2015-07-21 20:17 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-07-21 20:17 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2015-07-21 20:17 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2015-07-21 20:17 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2015-07-21 20:16 - 2015-07-21 20:17 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\user\Desktop\mbam-setup-2.1.8.1057.exe
    2015-07-21 17:15 - 2015-05-19 20:26 - 00033616 ____N (Intel Corporation ) C:\windows\system32\Drivers\iqvw64e.sys
    2015-07-20 15:58 - 2015-07-14 09:14 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
    2015-07-20 15:58 - 2015-07-14 09:14 - 00301056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
    2015-07-20 15:58 - 2015-07-14 09:14 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
    2015-07-20 15:58 - 2015-07-14 09:13 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
    2015-07-20 15:54 - 2015-07-20 15:55 - 00000000 ____D C:\Users\user\Desktop\Vids
    2015-07-18 18:39 - 2015-07-18 18:39 - 00001828 _____ C:\Users\user\Desktop\aswMBR.txt
    2015-07-18 18:39 - 2015-07-18 18:39 - 00000512 _____ C:\Users\user\Desktop\MBR.dat
    2015-07-18 18:27 - 2015-07-18 18:31 - 05198336 _____ (AVAST Software) C:\Users\user\Desktop\aswMBR.exe
    2015-07-18 18:18 - 2015-07-18 18:18 - 00000207 _____ C:\windows\tweaking.com-regbackup-DELL-Windows-8.1-(64-bit).dat
    2015-07-18 18:17 - 2015-07-18 18:17 - 00000000 ____D C:\RegBackup
    2015-07-18 18:14 - 2015-07-18 18:14 - 00002253 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2015-07-18 18:14 - 2015-07-18 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-07-18 18:14 - 2015-07-18 18:14 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
    2015-07-18 18:11 - 2015-07-18 18:11 - 04720448 _____ C:\Users\user\Desktop\tweaking.com_registry_backup_setup.exe
    2015-07-18 17:59 - 2015-06-29 21:39 - 00450831 ____R C:\windows\system32\Drivers\etc\hosts.20150718-175935.backup
    2015-07-16 07:15 - 2015-07-16 07:15 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
    2015-07-16 07:15 - 2015-07-16 07:15 - 00176040 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
    2015-07-16 07:15 - 2015-07-16 07:15 - 00176040 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
    2015-07-16 07:15 - 2015-07-16 07:15 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
    2015-07-16 07:15 - 2015-07-16 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2015-07-16 06:57 - 2015-07-16 06:57 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
    2015-07-16 06:57 - 2015-07-16 06:57 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
    2015-07-15 19:32 - 2015-07-16 07:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-07-14 18:33 - 2015-07-09 14:51 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2015-07-14 18:33 - 2015-07-09 13:40 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
    2015-07-14 18:33 - 2015-07-09 11:03 - 03701760 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
    2015-07-14 18:33 - 2015-07-09 10:54 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
    2015-07-14 18:33 - 2015-07-09 10:48 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
    2015-07-14 18:33 - 2015-07-09 10:46 - 02229248 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
    2015-07-14 18:33 - 2015-07-09 10:34 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
    2015-07-14 18:33 - 2015-06-26 21:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
    2015-07-14 18:32 - 2015-07-09 10:53 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
    2015-07-14 18:32 - 2015-07-09 10:50 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
    2015-07-14 18:32 - 2015-07-09 10:50 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
    2015-07-14 18:32 - 2015-07-09 10:38 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
    2015-07-14 18:32 - 2015-07-09 10:37 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
    2015-07-14 18:32 - 2015-07-09 10:35 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
    2015-07-14 18:32 - 2015-06-26 22:08 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
    2015-07-14 18:32 - 2015-06-26 22:08 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
    2015-07-14 18:29 - 2015-06-28 00:07 - 00442712 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2015-07-14 18:29 - 2015-06-28 00:07 - 00178008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2015-07-14 18:29 - 2015-06-28 00:06 - 01311960 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2015-07-14 18:29 - 2015-06-28 00:06 - 00332120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2015-07-14 18:29 - 2015-06-27 11:42 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2015-07-14 18:29 - 2015-06-26 22:13 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
    2015-07-14 18:29 - 2015-06-26 22:12 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
    2015-07-14 18:29 - 2015-06-26 22:12 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
    2015-07-14 18:29 - 2015-06-26 21:40 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2015-07-14 18:29 - 2015-06-26 21:05 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2015-07-14 18:29 - 2015-06-26 21:00 - 00989184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2015-07-14 18:29 - 2015-06-26 20:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2015-07-14 18:29 - 2015-06-26 20:26 - 00802816 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2015-07-14 18:29 - 2015-06-24 21:31 - 04177920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2015-07-14 18:29 - 2015-06-15 17:41 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
    2015-07-14 18:29 - 2015-06-15 17:24 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
    2015-07-14 18:29 - 2015-06-15 16:16 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
    2015-07-14 18:29 - 2015-06-15 16:09 - 03607552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
    2015-07-14 18:29 - 2015-06-15 15:50 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
    2015-07-14 18:29 - 2015-06-15 14:57 - 02460160 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
    2015-07-14 18:29 - 2015-05-30 16:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
    2015-07-14 18:29 - 2015-05-30 14:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
    2015-07-14 18:29 - 2015-05-30 14:35 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
    2015-07-14 18:29 - 2015-05-02 19:39 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
    2015-07-14 18:29 - 2015-04-29 18:22 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
    2015-07-14 18:28 - 2015-06-29 17:43 - 00026288 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
    2015-07-14 18:28 - 2015-06-29 10:07 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2015-07-14 18:28 - 2015-06-29 10:07 - 01084928 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2015-07-14 18:28 - 2015-06-29 10:07 - 00764928 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2015-07-14 18:28 - 2015-06-29 10:07 - 00433152 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2015-07-14 18:28 - 2015-06-29 10:07 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
    2015-07-14 18:28 - 2015-06-26 18:21 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2015-07-14 18:28 - 2015-06-26 18:21 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2015-07-14 18:28 - 2015-05-11 13:17 - 01201664 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
    2015-07-14 18:28 - 2015-05-07 12:50 - 22292672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
    2015-07-14 18:28 - 2015-05-07 12:00 - 03109376 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
    2015-07-14 18:28 - 2015-05-07 11:53 - 19734960 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
    2015-07-14 18:28 - 2015-05-07 11:12 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
    2015-07-14 18:28 - 2015-05-07 10:21 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\GeofenceMonitorService.dll
    2015-07-14 18:28 - 2015-05-07 10:05 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\GeofenceMonitorService.dll
    2015-07-14 18:28 - 2015-04-24 21:25 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
    2015-07-14 18:28 - 2014-11-04 14:25 - 00059712 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys
    2015-07-14 18:28 - 2014-11-04 14:25 - 00051008 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys
    2015-07-14 18:28 - 2014-11-04 01:55 - 00026112 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys
    2015-07-14 18:28 - 2014-11-04 01:54 - 00108544 ____C (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys
    2015-07-14 18:28 - 2014-11-04 01:54 - 00032256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
    2015-07-14 18:28 - 2014-11-04 01:54 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
    2015-07-14 18:27 - 2015-07-02 16:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2015-07-14 18:27 - 2015-07-02 15:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2015-07-14 18:27 - 2015-07-02 15:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2015-07-14 18:27 - 2015-07-02 15:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2015-07-14 18:27 - 2015-07-02 15:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2015-07-14 18:27 - 2015-07-02 14:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2015-07-14 18:27 - 2015-07-02 14:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2015-07-14 18:27 - 2015-07-02 13:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2015-07-14 18:27 - 2015-07-01 17:08 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2015-07-14 18:27 - 2015-07-01 16:14 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2015-07-14 18:27 - 2015-05-03 10:09 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 18:27 - 2015-05-03 09:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2015-07-14 18:27 - 2015-05-03 09:55 - 00971776 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
    2015-07-14 18:27 - 2015-05-03 09:49 - 00811008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
    2015-07-14 18:26 - 2015-06-15 17:39 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2015-07-14 18:26 - 2015-06-15 17:38 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2015-07-14 18:26 - 2015-06-15 17:26 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2015-07-14 18:26 - 2015-06-15 17:24 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2015-07-14 18:26 - 2015-06-15 17:02 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
    2015-07-14 18:26 - 2015-06-15 16:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2015-07-14 18:26 - 2015-06-15 16:57 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2015-07-14 18:26 - 2015-06-15 16:56 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
    2015-07-14 18:26 - 2015-06-15 16:55 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2015-07-14 18:26 - 2015-06-15 16:49 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
    2015-07-14 18:26 - 2015-06-15 16:41 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
    2015-07-14 18:26 - 2015-06-15 16:38 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2015-07-14 18:26 - 2015-06-15 16:36 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2015-07-14 18:26 - 2015-06-15 16:17 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
    2015-07-14 18:26 - 2015-06-15 16:16 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2015-07-14 18:26 - 2015-06-15 16:15 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2015-07-14 18:26 - 2015-06-15 16:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2015-07-14 18:26 - 2015-06-15 16:04 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2015-07-14 18:26 - 2015-06-15 16:03 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2015-07-14 18:26 - 2015-06-15 15:52 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2015-07-14 18:26 - 2015-06-15 15:47 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
    2015-07-14 18:26 - 2015-06-15 15:44 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2015-07-14 18:26 - 2015-06-15 15:43 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2015-07-14 18:26 - 2015-06-15 15:42 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
    2015-07-14 18:26 - 2015-06-15 15:41 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2015-07-14 18:26 - 2015-06-15 15:37 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
    2015-07-14 18:26 - 2015-06-15 15:32 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
    2015-07-14 18:26 - 2015-06-15 15:31 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2015-07-14 18:26 - 2015-06-15 15:30 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2015-07-14 18:26 - 2015-06-15 15:30 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2015-07-14 18:26 - 2015-06-15 15:17 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
    2015-07-14 18:26 - 2015-06-15 15:07 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2015-07-14 18:26 - 2015-06-15 15:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2015-07-14 18:25 - 2015-06-16 00:36 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2015-07-14 18:25 - 2015-06-16 00:36 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2015-07-14 18:25 - 2015-06-10 22:49 - 01380600 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2015-07-14 18:25 - 2015-06-10 11:13 - 01097216 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2015-07-14 18:25 - 2015-05-11 11:34 - 00332800 _____ (Microsoft Corporation) C:\windows\system32\fhcpl.dll
    2015-07-14 18:25 - 2015-04-28 08:13 - 00513480 _____ C:\windows\SysWOW64\locale.nls
    2015-07-14 18:25 - 2015-04-28 08:13 - 00513480 _____ C:\windows\system32\locale.nls
    2015-07-14 18:24 - 2015-05-12 08:19 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
    2015-07-14 18:24 - 2015-05-07 11:47 - 00564224 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
    2015-07-14 18:24 - 2015-05-03 10:07 - 07784448 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
    2015-07-14 18:24 - 2015-05-03 09:57 - 05264384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
    2015-07-14 18:24 - 2015-05-01 18:33 - 00410739 _____ C:\windows\system32\ApnDatabase.xml
    2015-07-14 18:24 - 2015-04-23 10:47 - 03084288 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
    2015-07-14 18:24 - 2015-04-23 10:16 - 02471424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
    2015-07-09 06:43 - 2015-07-09 06:43 - 00000000 ____D C:\Program Files (x86)\Dell Update
    2015-07-01 14:27 - 2015-07-01 14:27 - 00001900 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-07-01 14:27 - 2015-07-01 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-07-01 14:08 - 2015-07-01 14:09 - 00739680 _____ C:\windows\Minidump\070115-31843-01.dmp
    2015-06-30 20:18 - 2015-07-21 09:52 - 00008704 _____ C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-06-29 21:39 - 2015-03-22 16:59 - 00450831 ____R C:\windows\system32\Drivers\etc\hosts.20150629-213917.backup
    2015-06-25 18:50 - 2015-06-25 18:50 - 00000000 ____D C:\Users\user\AppData\Roaming\dvdcss
    2015-06-22 18:39 - 2015-06-22 18:39 - 00003208 _____ C:\windows\System32\Tasks\SystemToolsDailyTest
    2015-06-22 18:39 - 2015-06-22 18:39 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
    2015-06-22 18:39 - 2015-06-22 18:39 - 00000000 ____D C:\Program Files\Dell Support Center

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-07-21 21:14 - 2013-10-26 12:14 - 01169500 _____ C:\windows\WindowsUpdate.log
    2015-07-21 21:11 - 2013-07-07 20:35 - 00000914 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001UA.job
    2015-07-21 21:03 - 2013-06-28 12:17 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-784291939-2049310861-2985522810-1001
    2015-07-21 21:01 - 2013-01-21 06:50 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2015-07-21 20:58 - 2013-09-29 22:55 - 00219494 _____ C:\windows\PFRO.log
    2015-07-21 20:58 - 2013-08-22 09:46 - 00442361 _____ C:\windows\setupact.log
    2015-07-21 20:58 - 2013-08-22 09:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
    2015-07-21 20:58 - 2013-06-28 12:15 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-07-21 20:57 - 2013-08-22 08:25 - 01048576 ___SH C:\windows\system32\config\BBI
    2015-07-21 20:52 - 2013-06-28 12:16 - 00000916 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-07-21 20:44 - 2013-08-22 10:36 - 00000000 ____D C:\windows\PLA
    2015-07-21 20:33 - 2013-06-28 14:50 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2015-07-21 20:18 - 2013-10-31 19:22 - 00003906 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{C79AD3D2-1A03-443C-A8BF-4EB65A453E8C}
    2015-07-21 20:18 - 2013-09-29 23:04 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
    2015-07-21 20:15 - 2013-08-22 10:36 - 00000000 ____D C:\windows\system32\sru
    2015-07-21 07:29 - 2013-08-22 09:44 - 00490656 _____ C:\windows\system32\FNTCACHE.DAT
    2015-07-21 07:25 - 2012-07-26 02:59 - 00000000 ____D C:\windows\CbsTemp
    2015-07-21 07:13 - 2013-08-22 10:36 - 00000000 ____D C:\windows\AppReadiness
    2015-07-20 19:11 - 2013-07-07 20:35 - 00000862 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001Core.job
    2015-07-20 12:52 - 2013-06-28 12:18 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
    2015-07-20 09:11 - 2015-04-04 08:37 - 00000000 ___SD C:\windows\SysWOW64\GWX
    2015-07-20 09:11 - 2015-04-04 08:37 - 00000000 ___SD C:\windows\system32\GWX
    2015-07-20 08:48 - 2013-06-28 14:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-07-19 22:23 - 2013-09-01 21:07 - 00000000 ____D C:\Users\user\Documents\Official
    2015-07-18 16:21 - 2014-07-26 10:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2015-07-16 22:34 - 2013-09-28 13:33 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
    2015-07-16 14:19 - 2013-08-22 10:36 - 00000000 ____D C:\windows\rescache
    2015-07-16 07:16 - 2013-07-10 20:05 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-07-16 07:16 - 2013-07-10 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2015-07-16 07:16 - 2013-07-10 20:05 - 00000000 ____D C:\Program Files (x86)\WinRAR
    2015-07-16 07:15 - 2013-06-30 15:44 - 00000000 ____D C:\Program Files (x86)\Java
    2015-07-16 06:57 - 2014-07-31 16:24 - 00150160 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
    2015-07-16 06:57 - 2014-07-31 16:24 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
    2015-07-16 06:57 - 2013-10-26 14:32 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
    2015-07-16 06:57 - 2013-10-26 14:32 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
    2015-07-16 06:57 - 2013-10-26 14:32 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
    2015-07-16 06:57 - 2013-10-26 14:32 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
    2015-07-16 06:57 - 2013-10-26 14:32 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
    2015-07-16 06:56 - 2013-10-26 14:32 - 01048856 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
    2015-07-15 19:06 - 2013-07-07 20:35 - 00003858 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001UA
    2015-07-15 19:06 - 2013-07-07 20:35 - 00003478 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001Core
    2015-07-15 18:47 - 2013-06-28 12:16 - 00003888 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-07-15 18:47 - 2013-06-28 12:15 - 00003652 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-07-15 06:10 - 2013-10-26 13:34 - 00000000 ___RD C:\Users\user\SkyDrive
    2015-07-14 22:41 - 2014-12-10 23:27 - 00000000 ____D C:\windows\system32\appraiser
    2015-07-14 22:41 - 2014-07-09 22:32 - 00000000 ___SD C:\windows\system32\CompatTel
    2015-07-14 22:41 - 2013-08-22 10:36 - 00000000 ___RD C:\windows\ToastData
    2015-07-14 22:41 - 2013-08-22 10:36 - 00000000 ____D C:\windows\WinStore
    2015-07-14 18:52 - 2013-06-28 12:17 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-07-14 18:47 - 2013-06-28 12:20 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-07-14 18:46 - 2013-07-14 22:53 - 00000000 ____D C:\windows\system32\MRT
    2015-07-14 18:33 - 2013-06-28 14:50 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
    2015-07-13 16:10 - 2015-04-17 17:51 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2015-07-13 16:10 - 2015-04-17 17:51 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-07-09 21:41 - 2014-01-14 05:53 - 00000000 ____D C:\Users\user\Documents\Fatima
    2015-07-09 06:43 - 2013-07-13 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
    2015-07-03 08:43 - 2013-06-29 15:16 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2015-07-01 14:08 - 2013-11-09 13:08 - 552336969 _____ C:\windows\MEMORY.DMP
    2015-07-01 14:08 - 2013-11-09 13:08 - 00000000 ____D C:\windows\Minidump
    2015-06-22 18:38 - 2013-01-21 06:40 - 00000000 ____D C:\ProgramData\PCDr
    2015-06-21 09:00 - 2015-04-18 18:39 - 00000000 ____D C:\Users\user\Documents\Tor Browser

    ==================== Files in the root of some directories =======

    2015-06-30 20:18 - 2015-07-21 09:52 - 0008704 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-07-14 19:10 - 2014-01-06 17:15 - 0007605 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
    2013-09-12 21:55 - 2015-04-19 19:22 - 0003756 _____ () C:\ProgramData\hpzinstall.log
    2013-01-21 06:46 - 2013-01-21 06:46 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
    2013-01-21 06:41 - 2013-01-21 06:42 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2013-01-21 06:42 - 2013-01-21 06:44 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
    2013-01-21 06:41 - 2013-01-21 06:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2013-01-21 06:44 - 2013-01-21 06:46 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-07-21 08:34

    ==================== End of log ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
    Ran by Alan at 2015-07-21 21:18:20
    Running from C:\Users\user\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-784291939-2049310861-2985522810-500 - Administrator - Disabled)
    Alan (S-1-5-21-784291939-2049310861-2985522810-1001 - Administrator - Enabled) => C:\Users\user
    Guest (S-1-5-21-784291939-2049310861-2985522810-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    calibre (HKLM-x32\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal)
    Cirrus Logic Audio Panel (Version: 1.2.10.0 - Cirrus Logic) Hidden
    Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.)
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.)
    Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
    Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.210 - ALPS ELECTRIC CO., LTD.)
    Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
    Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
    File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
    Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows 8 - ENU (HKLM-x32\...\{b6391d7a-479c-494c-a76f-cad96a8a73ac}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Might & Magic: Duel of Champions (HKLM-x32\...\Steam App 256410) (Version: - Ubisoft Quebec)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
    QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    01-07-2015 14:22:40 avast! antivirus system restore point
    08-07-2015 22:33:28 Windows Update
    14-07-2015 18:25:10 Windows Update
    16-07-2015 06:55:37 avast! antivirus system restore point
    20-07-2015 09:06:33 Windows Update
    21-07-2015 21:05:08 JRT Pre-Junkware Removal

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 08:25 - 2015-07-18 17:59 - 00450831 ____R C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {07814D79-D6A0-4065-8C8F-6753DE2E8E1A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-03] (Google Inc.)
    Task: {1AE8E228-E6DF-466E-B909-2FFA3B96DF51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
    Task: {4CAC6ADD-ED4A-4BB4-8C5B-7243330AA730} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
    Task: {591AD833-156C-48E1-9925-6EB82FB81A9F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-03] (Google Inc.)
    Task: {7888F181-D3DF-4857-A75E-010B654718A0} - System32\Tasks\{74AF0438-94B8-47AD-AC0B-DE2C03D96500} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enUS --uid=hs_beta --displayname="Hearthstone"
    Task: {90EC884F-11D6-4850-949D-20DE44D660EF} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
    Task: {B55947DA-A9D6-419E-B718-88EBA81ECE2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {B65F4644-EBA6-42C0-B49E-766642BE1B39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
    Task: {B81BB8EA-1320-4EAD-B316-25E3C82582F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
    Task: {C6FD9CB4-119D-4CAE-8122-180DD6FD2530} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {D86E73E4-D678-4F0B-BA6A-FA9A5E1AC238} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {DA19FE5F-5F0D-483D-9234-7A404878EC53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
    Task: {E170109E-8FAC-414A-92A1-A1CD3BA97EA7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-16] (AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-784291939-2049310861-2985522810-1001UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2014-05-14 19:59 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
    2015-03-29 09:30 - 2014-10-24 14:16 - 00721263 _____ () C:\windows\SysWOW64\WSCM64.dll
    2015-07-16 06:57 - 2015-07-16 06:57 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
    2015-07-16 06:57 - 2015-07-16 06:57 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2015-07-21 20:20 - 2015-07-21 20:20 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072101\algo.dll
    2014-07-26 10:11 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-07-26 10:11 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-07-26 10:11 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-07-26 10:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-07-26 10:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-07-01 14:26 - 2015-07-01 14:26 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-07-14 18:51 - 2015-07-13 16:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
    2015-07-14 18:51 - 2015-07-13 16:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\user\SkyDrive:ms-properties

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7868 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Pictures\Wallpaper\4703-dismembered-robot-1920x1080-3d-wallpaper.jpg
    DNS Servers: 200.1.104.36 - 200.1.104.35
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run32: => "RemoteControl10"
    HKU\S-1-5-21-784291939-2049310861-2985522810-1001\...\StartupApproved\Run: => "Google Update"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{A679E423-162B-4517-9D2D-49D150FCCEE9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
    FirewallRules: [{FEE54D13-5CA6-4595-AA92-FCB87068F2A2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{A8CCCFEC-31AD-4C99-98ED-E2F8C1A21F59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{BB2CAB2A-A160-4CBB-B369-5D4ED8B0B6AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{98F4DCE3-7DEB-4C51-A6FE-608EBC9CA998}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{FEEB2C42-37C4-4E19-AAE7-32D7555A024B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{37A6E584-5E72-4355-BEB8-A87F751CA5AE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
    FirewallRules: [{FC53E9ED-A45A-4C33-94EF-08A549D5F468}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{E9020C13-DBA4-4BCA-8E32-51AA99289272}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{4B3FAC1A-048A-49A6-B306-87A84EC480A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{1FFFB9D7-EC16-4DF7-8B00-4A5BE2A16D69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{059E7E8F-C664-41B0-98D4-CD27C6AF161C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{0447AC70-75E6-41CA-8E60-4229589D0E2B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{C31A492A-9786-4BAF-839C-B022ACD38703}] => (Allow) C:\Users\user\AppData\Local\Temp\7zS4258\hppiw.exe
    FirewallRules: [{E8F1CB1B-E6DE-492E-9D32-2535D0C69FA3}] => (Allow) C:\Users\user\AppData\Local\Temp\7zS4258\hppiw.exe
    FirewallRules: [{D91BE12D-F546-4DF4-B240-CDC5E46081B0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{949A3F81-AC6F-4D2D-9656-0033215CC7FA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{8F4BC650-91A8-404F-926B-C4BDF849290B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
    FirewallRules: [{038BCBE1-F971-49E6-991B-70F807CAEF7C}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe
    FirewallRules: [{101EC4CE-9D35-484A-9D16-5E48B0F58160}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
    FirewallRules: [{F62B6D44-9251-4D65-AA14-F4BA1FE02A90}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
    FirewallRules: [{772CFE55-8698-46FC-843D-5094C8C56361}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe
    FirewallRules: [{F10FCD35-4220-4F44-9EEB-DFB4995348B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{2E2A8443-6FF0-473D-89DC-9215E7E4CDFD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{4B9F35BD-2F67-4715-930F-49295424C993}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
    FirewallRules: [{3417CCA2-AD11-49D7-A78B-3DDFF224E1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
    FirewallRules: [{127CA207-8044-48BD-992D-ED4F79AF0171}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
    FirewallRules: [{CAAD1DD9-1902-4DFE-95FF-397BD4679499}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
    FirewallRules: [{55F8FE54-4A10-4BB1-BBCA-F8B374C31986}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Elsword\data\x2.exe
    FirewallRules: [{9DBDCD30-F6A5-4BA5-9411-3FB211DE48B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Elsword\data\x2.exe
    FirewallRules: [{DD199D1E-A371-4160-A7DF-1B6695D496D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{30AFA730-9924-43A4-A0E3-5B95106FBE84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
    FirewallRules: [{A7AE21E4-A18F-497C-AA48-E2BB534AC4F1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{A44C8E89-04BB-4A35-8CBF-3A0E80425238}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
    FirewallRules: [{255D9694-8E54-4449-A639-A90CE049F456}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{F4C8FC03-7C9F-47E3-AD2A-4259E45592D0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{451AA4D1-6E55-4162-8661-EC013BDED175}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{CF2640A0-65FC-49E0-BD10-2B3C162361B0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{CAD9A21C-FDF6-44C3-9068-2E26A993BFAC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{785B530C-4C92-4CE2-AA3B-7A6A2A854572}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
    FirewallRules: [{B7FC5931-3CF8-414B-B6FB-7CB98F4D07B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{B109C377-D770-4CF8-8EC7-6E14761FF679}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
    FirewallRules: [{1A1F5599-EC4B-4918-A501-808ADB073682}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{CD815252-0782-45EF-8BD4-362225EDE89C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
    FirewallRules: [{932C5D4F-D160-465F-961A-2B617139B289}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [{77EEF96A-5E48-4273-9C43-E51633021224}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
    FirewallRules: [TCP Query User{38A586F9-AAB1-4EBD-827C-AE35C66064A9}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
    FirewallRules: [UDP Query User{3636B944-5363-469A-99CC-109E86350D16}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
    FirewallRules: [{F8D05E8C-025C-4013-91B2-B90854D96F57}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{815EB691-A6C9-4595-AC0A-31FB25339AEA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
    FirewallRules: [{F8AED90B-104A-4681-B0C3-F451B87EF049}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{2BC26A33-B09B-45E3-AFCE-40F78F1851CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{5268E425-7525-4A49-85C7-70C049ABB278}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{EDA3368F-5012-432D-ABA0-E0C423E0A80E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{FA3618C8-8A14-46EE-8A28-2B0C620BF133}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{FF5AC3DF-3FA6-49AD-8CD5-A4354608EF3E}] => (Allow) LPort=2869
    FirewallRules: [{7CC6E7FD-FD5D-422A-ADED-4840190C6421}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{FDB40A38-B4EE-4865-97A3-48646F320434}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
    FirewallRules: [UDP Query User{57EE1491-744E-4A68-B512-750675779CAE}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
    FirewallRules: [TCP Query User{6643D38C-5FCC-423C-8104-AAAB2455D488}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{B2C120C7-2AD5-4A13-A0E6-9939CBFFA4C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [{02C9145E-B38A-4E7F-B04E-CDD020CF906D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/21/2015 08:59:05 PM) (Source: CirrusAudioService) (EventID: 0) (User: )
    Description: Service cannot be started. System.TypeLoadException: Could not load type 'CirrusLogicSquared.LogicSquared' from assembly 'LogicSquared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.
    at CirrusService.ServiceContractImpl..ctor()
    at CirrusService.CirrusService.CreateServiceHost()
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (07/21/2015 08:45:39 PM) (Source: CirrusAudioService) (EventID: 0) (User: )
    Description: Service cannot be started. System.TypeLoadException: Could not load type 'CirrusLogicSquared.LogicSquared' from assembly 'LogicSquared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.
    at CirrusService.ServiceContractImpl..ctor()
    at CirrusService.CirrusService.CreateServiceHost()
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (07/21/2015 08:44:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DELL)
    Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (07/21/2015 08:43:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DELL)
    Description: Activation of app 41038Axilesoft.InfinityTileClock_wxjjre7dryqb6!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (07/21/2015 07:29:30 AM) (Source: CirrusAudioService) (EventID: 0) (User: )
    Description: Service cannot be started. System.TypeLoadException: Could not load type 'CirrusLogicSquared.LogicSquared' from assembly 'LogicSquared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.
    at CirrusService.ServiceContractImpl..ctor()
    at CirrusService.CirrusService.CreateServiceHost()
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (07/20/2015 12:55:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 54c

    Start Time: 01d0c31485831cd8

    Termination Time: 4294967295

    Application Path: C:\WINDOWS\syswow64\backgroundTaskHost.exe

    Report Id: 7915b2df-2f08-11e5-becc-f4b7e22a50e4

    Faulting package full name: 41038Axilesoft.InfinityTileClock_1.2.5.77_x86__wxjjre7dryqb6

    Faulting package-relative application ID: App

    Error: (07/20/2015 12:50:51 PM) (Source: CirrusAudioService) (EventID: 0) (User: )
    Description: Service cannot be started. System.TypeLoadException: Could not load type 'CirrusLogicSquared.LogicSquared' from assembly 'LogicSquared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.
    at CirrusService.ServiceContractImpl..ctor()
    at CirrusService.CirrusService.CreateServiceHost()
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (07/20/2015 08:49:46 AM) (Source: CirrusAudioService) (EventID: 0) (User: )
    Description: Service cannot be started. System.TypeLoadException: Could not load type 'CirrusLogicSquared.LogicSquared' from assembly 'LogicSquared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.
    at CirrusService.ServiceContractImpl..ctor()
    at CirrusService.CirrusService.CreateServiceHost()
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (07/18/2015 03:55:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: c24

    Start Time: 01d0c17854152075

    Termination Time: 0

    Application Path: C:\windows\Explorer.EXE

    Report Id: 39e01970-2d8f-11e5-beca-f4b7e22a50e4

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (07/18/2015 03:55:13 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: explorer.exe, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
    Faulting module name: twinui.appcore.dll, version: 6.3.9600.17415, time stamp: 0x54503801
    Exception code: 0x80270233
    Fault offset: 0x000000000008cb57
    Faulting process id: 0x360
    Faulting application start time: 0xexplorer.exe0
    Faulting application path: explorer.exe1
    Faulting module path: explorer.exe2
    Report Id: explorer.exe3
    Faulting package full name: explorer.exe4
    Faulting package-relative application ID: explorer.exe5


    System errors:
    =============
    Error: (07/21/2015 09:06:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The WMI Performance Adapter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    Error: (07/21/2015 09:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell Data Vault service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell Update Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell Data Vault Wizard service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell Customer Connect service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (07/21/2015 09:06:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The ZAtheros Wlan Agent service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/21/2015 09:06:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell SupportAssist Agent service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office:
    =========================
    Error: (11/23/2014 09:47:49 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6707.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1640 seconds with 120 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: Intel(R) Celeron(R) CPU B820 @ 1.70GHz
    Percentage of memory in use: 42%
    Total physical RAM: 3959.1 MB
    Available physical RAM: 2295.85 MB
    Total Virtual: 7927.1 MB
    Available Virtual: 6308.53 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:288.08 GB) (Free:219.05 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 298.1 GB) (Disk ID: 68EBE124)

    Partition: GPT Partition Type.

    ==================== End of log ============================

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 7/21/2015
    Scan Time: 8:22 PM
    Logfile: Mal Bytes Scan Log.txt
    Administrator: Yes

    Version: 2.1.8.1057
    Malware Database: v2015.07.21.08
    Rootkit Database: v2015.07.17.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Alan

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 388919
    Time Elapsed: 19 min, 38 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 6
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ, Quarantined, [c8a4994b107a31054a83711bc34111ef],
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ, Quarantined, [0f5d5e866f1b1620ceffa6e6749049b7],
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP, Quarantined, [1557db09048661d5eae3c2cabe4621df],
    PUP.Optional.Spigot.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Quarantined, [c1ab776d3753a5913315740bfc087a86],
    PUP.Optional.TNT.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{22457D30-D56E-4924-AAEA-EA0D3BFDA22B}, Quarantined, [ea82469e6b1f49edf5822bde11f2d030],
    PUP.Optional.Spigot.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{419062CA-9C08-4D69-A90D-C3D6B764D929}, Quarantined, [274518ccaedca195e858e725dd26a15f],

    Registry Values: 6
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj|path, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx, Quarantined, [c8a4994b107a31054a83711bc34111ef]
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj|path, C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx, Quarantined, [0f5d5e866f1b1620ceffa6e6749049b7]
    PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp|path, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, Quarantined, [1557db09048661d5eae3c2cabe4621df]
    PUP.Optional.TNT.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{22457D30-D56E-4924-AAEA-EA0D3BFDA22B}|OSDFileURL, file:///C:/Users/user/AppData/Local/TNT2/Profiles/10513/yah10513.xml, Quarantined, [ea82469e6b1f49edf5822bde11f2d030]
    PUP.Optional.Spigot.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{419062CA-9C08-4D69-A90D-C3D6B764D929}|URL, http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=231195&p={searchTerms}, Quarantined, [274518ccaedca195e858e725dd26a15f]
    PUP.Optional.Spigot.A, HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{419062CA-9C08-4D69-A90D-C3D6B764D929}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, Quarantined, [105cd41099f1290dc11c7320f311df21]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Spigot, C:\$RECYCLE.BIN\S-1-5-21-784291939-2049310861-2985522810-1001\$RHBR4OR.exe, Quarantined, [cba132b227632412c1e881b471907090],
    PUP.Optional.Spigot.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0wpdo2pa.default\searchplugins\yahoo_ff.xml, Quarantined, [84e817cd38526ec8fceac8527d86d52b],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    # AdwCleaner v4.208 - Logfile created 21/07/2015 at 20:57:11
    # Updated 09/07/2015 by Xplode
    # Database : 2015-07-15.1 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : Alan - DELL
    # Running from : C:\Users\user\Desktop\AdwCleaner.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Program Files (x86)\lucky leap
    Folder Deleted : C:\Users\user\AppData\Local\Slick Savings
    File Deleted : C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0wpdo2pa.default\user.js
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17840


    -\\ Mozilla Firefox v39.0 (x86 en-US)


    -\\ Google Chrome v43.0.2357.134


    *************************

    AdwCleaner[R0].txt - [2295 bytes] - [21/07/2015 20:52:03]
    AdwCleaner[S0].txt - [2248 bytes] - [21/07/2015 20:57:11]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2307 bytes] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.5.1 (07.16.2015:1)
    OS: Windows 8.1 x64
    Ran by Alan on Tue 07/21/2015 at 21:05:02.66
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks

    Successfully deleted: [Task] C:\windows\system32\tasks\PCDEventLauncherTask
    Successfully deleted: [Task] C:\windows\system32\tasks\PCDoctorBackgroundMonitorTask



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Users\user\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
    Successfully deleted: [File] C:\Users\user\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
    Successfully deleted: [File] C:\Users\user\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage
    Successfully deleted: [File] C:\Users\user\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal



    ~~~ Folders



    ~~~ FireFox

    Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\0wpdo2pa.default\minidumps [31 files]



    ~~~ Chrome


    [C:\Users\user\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\user\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

    [C:\Users\user\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\user\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    [
    bopakagnckmlgajfccecajhnimjiiedh,
    eiimolhnbbbdagljikeckdkldgemmmlj,
    hbcennhacfaagdopikcegfcobcadeocj,
    icdlfehblmklkikfigmjhbmmpmkmpooj,
    mhkaekfpcppmmioggniknbnbdbcigpkk,
    pfndaklgolladniicklehhancnlgocpp
    ]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 07/21/2015 at 21:14:31.14
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  6. #6
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    When instructions were first drafted they were for windows 7, but really shouldn't be that much different for Windows 8.....grrrr

    ~~~
    Java

    https://www.java.com/en/download/help/java_update.xml

    the above link will help you download the most current version.

    ~~~~~~~~~~~~~~~~~~`

    Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
    To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)





    start
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-784291939-2049310861-2985522810-1001 -> {15FA46C5-6D67-4BC0-B79F-850F465F5D88} URL =
    S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015
    2015-06-22 18:38 - 2013-01-21 06:40 - 00000000 ____D C:\ProgramData\PCDr
    2015-06-21 09:00 - 2015-04-18 18:39 - 00000000 ____D C:\Users\user\Documents\Tor Browser
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    AlternateDataStreams: C:\Users\user\SkyDrive:ms-properties
    EmptyTemp:
    End
    Open FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ~~~~~~~~~`

    What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
    Most reliable and thorough.
    The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
    This scanner can take quite a bit of time to run, depending of course how full your computer is.


    ESET Online Scan
    Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.
    • Please download ESET Online Scan and save the file to your Desktop.
    • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
    • Double-click esetsmartinstaller_enu.exe to run the programme.
    • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
    • Agree to the Terms of Use once more and click Start. Allow components to download.
    • Place a checkmark next to Enable detection of potentially unwanted applications.
    • Click Advanced settings. Place a checkmark next to:
      • Scan archives
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

    • Ensure Remove found threats is unchecked.
    • Click Start.
    • Wait for the scan to finish. Please be patient as this can take some time.
    • Upon completion, click . If no threats were found, skip the next two bullet points.
    • Click and save the file to your Desktop, naming it something such as "MyEsetScan".
    • Push the Back button.
    • Place a checkmark next to and click .
    • Re-enable your anti-virus software.
    • Copy the contents of the log and paste in your next reply.


    ***
    please post these 2 logs when finished.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Member
    Join Date
    Jun 2008
    Posts
    54

    Default Two Logs

    That scan took really long to finish. The two logs are below.

    Tell me something, would I need to run a fix or a clean on my flash drives? I plugged them in before noticing the problems.

    Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
    Ran by Alan at 2015-07-23 07:05:01 Run:1
    Running from C:\Users\user\Desktop
    Loaded Profiles: Alan (Available Profiles: Alan)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-784291939-2049310861-2985522810-1001 -> {15FA46C5-6D67-4BC0-B79F-850F465F5D88} URL =
    S3 X6va015; \??\C:\WINDOWS\SysWOW64\Drivers\X6va015
    2015-06-22 18:38 - 2013-01-21 06:40 - 00000000 ____D C:\ProgramData\PCDr
    2015-06-21 09:00 - 2015-04-18 18:39 - 00000000 ____D C:\Users\user\Documents\Tor Browser
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    AlternateDataStreams: C:\Users\user\SkyDrive:ms-properties
    EmptyTemp:
    End
    *****************

    Processes closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15FA46C5-6D67-4BC0-B79F-850F465F5D88}" => key removed successfully
    HKCR\CLSID\{15FA46C5-6D67-4BC0-B79F-850F465F5D88} => key not found.
    X6va015 => Service removed successfully
    C:\ProgramData\PCDr => moved successfully.
    C:\Users\user\Documents\Tor Browser => moved successfully.
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
    "HKU\S-1-5-21-784291939-2049310861-2985522810-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
    "C:\Users\user\SkyDrive" => ":ms-properties" ADS not found.
    EmptyTemp: => 1.8 GB temporary data Removed.


    The system needed a reboot..

    ==== End of Fixlog 07:06:42 ====

    C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\Backup\DBRUpdate\hstart.exe.bak a variant of Win32/HiddenStart.A potentially unsafe application
    C:\Users\user\Downloads\cbsidlm-cbsi134-FLVPlayer-ORG-10413460.exe a variant of Win32/CNETInstaller.B potentially unwanted application

  8. #8
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Tell me something, would I need to run a fix or a clean on my flash drives? I plugged them in before noticing the problems.
    Thats possible. If they had been plugged in while running the ESET scan they would had been included at that time.

    Two programs come to mind that you may want to use in the future.

    MCShield Anti-Malware USB Tool is a lightweight scanner designed to prevent infections transmitted via removable drives (usb, external, camera cards). It's real-time protection is only real-time when you plug-in an external. MCShield should not be confused with mcshield.exe which is a process (module/driver) related to McAfee Anti-virus

    * MSChield Documentation & Program Features

    There is a lengthy discussion in this topic started by TwinHeadedEagle, a member of the MCShield developing team who sometimes visits our forums.


    Download MCShield Anti-Malware USB Tool to your desktop and install
    It will initially run a scan and show the result as a toaster by the system clock
    Then in the control centre select scanner and tick unhide items on flash drives

    Plug in the drive and McShield will start a scan

    Then get the log which will be here :

    Start > all programs > MCShield > logs > all scans

    ********************************************************

    • Double-click on USBVaccineSetup.exe to install the program to C:\Program Files\Panda USB Vaccine.
    • Read and accept the license agreement, then click Next.
    • When setup completes, make sure "Launch Panda USB Vaccine" is checked and click Finish to open the program.
    • Click the Vaccinate computer button. It should now show a green checkmark and confirm Computer vaccinated.
    • Hold down the Shift key and insert your USB external drive.
    • When the name of the drive appears in the dialog box, click the button to Vaccinate USB drive(s).
    • Exit the program when done

    Note: Computer Vaccination will prevent any AutoRun file from running, regardless of whether the removable device is infected or not. USB Vaccination disables the autorun file so it cannot be read, modified or replaced and creates an AUTORUN_.INF as protection against malicious code. The Panda Resarch Blog advises that once USB drives have been vaccinated, they cannot be reversed except with a format. If you do this, be sure to back up your data files first or they will be lost during the formatting process.

    ~~~~~~~~~~~~~~~~`

    The below 2 items found by Eset

    C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\Backup\DBRUpdate\hstart.exe.bak a variant of Win32/HiddenStart.A potentially unsafe application
    If you don't use the Dell Backup and Recovery tool then delete it. It comes preinstalled and is considered potentially unsafe, I feel sure their are people out there using it or Dell wouldn't install it. Might not be the best as far as a backup goes but, and is considered a false Positive so this I'll leave to you.



    Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
    To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)
    start
    C:\Users\user\Downloads\cbsidlm-cbsi134-FLVPlayer-ORG-10413460.exe
    End
    Open FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    How is your computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #9
    Member
    Join Date
    Jun 2008
    Posts
    54

    Default USB Vacinated

    Everything seems to be working normally. I was having some trouble shutting down. When I clicked on shut down it would instead turn off the screen for a moment and then turn back on, but after I did a manual restart that problem went away.

    I'm not sure how to delete the Dell backup but I don't use it at all. I also performed the two USB clean-up suggestions, and thankfully my USB was clean.

    Here is the last fixlog.

    Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
    Ran by Alan at 2015-07-23 22:32:26 Run:2
    Running from C:\Users\user\Desktop
    Loaded Profiles: Alan (Available Profiles: Alan)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    C:\Users\user\Downloads\cbsidlm-cbsi134-FLVPlayer-ORG-10413460.exe
    End
    *****************

    C:\Users\user\Downloads\cbsidlm-cbsi134-FLVPlayer-ORG-10413460.exe => moved successfully.

    ==== End of Fixlog 22:32:26 ====

    I hope this means I am clean now. If so, which of the programs can I delete?

    Thanks a lot for you help.

  10. #10
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I'm not sure how to delete the Dell backup but I don't use it at all. I also performed the two USB clean-up suggestions, and thankfully my USB was clean.
    Good, USB was clean.

    I never deleted my Dell Backup and Recovery. I know it's there and that it's possible it can be flagged as Potentially unwanted but, if I/you wanted to use the tool to make or Create reinstall disks (rescue disks, this I did do when the computer was new) for your machine I would just leave it alone.

    We can remove the tools used and quarantine folders now.

    DelFix
    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools

    • Click the Run button.
    • -- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).


    ~~~~~~~~~~~~~~~~~~~~~~`


    The following programmes come highly recommended in the security community.
    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secuina PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •