PC Painfully Slow - Especially IE

Status
Not open for further replies.
W

woody55

New member
About 6 weeks ago IE became really really slow. Youd be typing and only half the letters would appear with one word mixed with the other half of the next.

The download dialogue box takes about 5 minutes to appear and when it does it invariably freezes and stops responding.

Have run Spybot S&D several times and removes a few basic tracking cookies etc but nothings helped. Have reset internet explorer and to no avail.

It has taken me the past hour to download Tweaking Resistry Backup and Run iT

Have managed to download aswMBR and run it - log below

FRST will not download as when the dialogue finally appears and I press "Run" it keeps coming up with the message "FRST.exe couldn't be downloaded.

When I try to save as - I get " This app could not be run on your PC

Have tried this with 32 bit and 64 bit versions - same with both.

Incidentally I am running Windows 10 32 bit on a x64 based processor.

Any help appreciated.

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-10-03 19:58:47
-----------------------------
19:58:47.341 OS Version: Windows 6.2.9200
19:58:47.341 Number of processors: 2 586 0xF0B
19:58:47.356 ComputerName: DESKTOP-2FD7588 UserName: Dad
19:58:55.517 Initialize success
19:58:55.532 VM: initialized successfully
19:58:55.532 VM: Intel CPU BiosDisabled
19:59:12.710 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000020
19:59:12.710 Disk 0 Vendor: WDC_WD5000AVDS-63U7B0 01.00A01 Size: 476940MB BusType: 11
19:59:12.741 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000021
19:59:12.741 Disk 1 Vendor: WDC_WD20EADS-00R6B0 01.00A01 Size: 1907729MB BusType: 11
19:59:13.725 Disk 1 MBR read successfully
19:59:13.725 Disk 1 MBR scan
19:59:13.725 Disk 1 Windows 7 default MBR code
19:59:13.757 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1907276 MB offset 2048
19:59:13.788 Disk 1 Partition 2 00 27 Hidden NTFS WinRE NTFS 450 MB offset 3906105344
19:59:13.835 Disk 1 scanning sectors +3907026944
19:59:14.350 Disk 1 scanning C:\WINDOWS\system32\drivers
19:59:59.589 Service scanning
20:01:03.124 Modules scanning
20:01:03.133 Disk 1 trace - called modules:
20:01:03.183 ntoskrnl.exe CLASSPNP.SYS disk.sys avgSP.sys halmacpi.dll storport.sys storahci.sys dxgkrnl.sys atikmpag.sys atikmdag.sys dxgmms1.sys watchdog.sys partmgr.sys volmgr.sys fvevol.sys iorate.sys volsnap.sys NTFS.sys USBPORT.SYS usbuhci.sys
20:01:03.189 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8d066030]
20:01:03.194 3 avgSP.sys[8830bc35] -> nt!IofCallDriver -> \Device\00000021[0x8cb3c030]
20:01:03.198 Disk 1 statistics 128324/0/0 @ 1.55 MB/s
20:01:03.219 Scan finished successfully
20:03:55.471 Disk 1 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
20:03:55.617 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"
 
Can you go to the web site (probably with a different computer) and download to a USB drive?
Then use the USB to see if you can get FRST to run?

Use the same method using an USB to Download Tweaking.com - Windows Repair from Here
OR
Windows Repair (all in one) from here.

  • Install and then run the program
  • Execute the instructions on Step 1 Important
  • Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
  • On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
  • Click Repairs - Open Repairs in the bottom right corner
  • Uncheck the All repair button then select just the item(s) listed below

    01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    06 - Repair Windows Firewall
    07 - Repair Internet Explorer
    10 - Remove Policies Set By Infections
    17 - Repair Windows Updates
    19 - Repair Volume Shadow Copy Service
    21 - Repair MSI (Windows Installer)
    26 - Restore Important Windows Services
    27 - Set Windows Service to Default Startup


  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.

Restart the computer normally.

~~~
A couple of things to try
Disable your antivirus and attempt to download and run the above tools?
Boot into safe mode?

Let me know how you make out.
 
Done !

Ok I finally got FRST to download and Run (32 bit version) (Disabled Malwarebytes and AVG)

Here's the Log :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2017 01
Ran by Dad (administrator) on DESKTOP-2FD7588 (04-10-2017 18:56:09)
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\HDD Regenerator\hrsrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
() C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgui.exe
(Insight Software Solutions) C:\Program Files\Keyboard Express 3\keyexp.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x86__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-09-14] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8\pua.exe [1490888 2015-11-27] (Corel Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [FoneLabAppService] => C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe [81640 2015-09-18] ()
HKLM\...\Run: [FaxCenterServer] => "C:\Program Files\Dell PC Fax\fm3032.exe" /s
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [HDD Regenerator] => C:\Program Files\HDD Regenerator\Shell.exe [90336 2013-05-08] ()
HKLM\...\Run: [LogitechVideoRepair] => C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [LogitechVideoTray] => C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [124544 2016-02-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [289248 2017-09-04] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [LogitechSoftwareUpdate] => C:\Program Files\Logitech\Video\ManifestEngine.exe [196608 2005-06-08] (Logitech Inc.)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Keyboard Express 3.lnk [2015-12-10]
ShortcutTarget: Keyboard Express 3.lnk -> C:\Program Files\Keyboard Express 3\keyexp.exe (Insight Software Solutions)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4926ba25-6cf7-4277-9b08-c1ad41a8c60b}: [NameServer] 62.6.40.178,62.6.40.162
Tcpip\..\Interfaces\{4926ba25-6cf7-4277-9b08-c1ad41a8c60b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ae5530b1-4c29-475e-91c1-1e2608f6b211}: [NameServer] 45.32.155.235,108.61.178.207
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-004-752
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-09-24] (Microsoft Corporation)
BHO: Watch for Browser Events -> {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} -> C:\Program Files\Keyboard Express 3\kie.dll [2009-10-28] (Insight Software Solutions)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-24] (Microsoft Corporation)
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value -

FireFox:
========
FF DefaultProfile: e4gws394.default
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\e4gws394.default [2017-10-02]
FF Homepage: Mozilla\Firefox\Profiles\e4gws394.default -> hxxp://www.google.co.uk/
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-12] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-31] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [276328 2017-09-04] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5881008 2017-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-09-14] (AVG Technologies CZ, s.r.o.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4939976 2017-09-08] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-04] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1104128 2015-12-10] (Flexera Software LLC)
R2 hddrsrv; C:\Program Files\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4430792 2017-08-07] (Malwarebytes)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2016-09-14] (Nero AG)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [135872 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [261128 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [151024 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [270344 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [43992 2017-09-04] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [35264 2017-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [117368 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [91976 2017-09-04] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [63280 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [766216 2017-09-04] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [492552 2017-09-04] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [140648 2017-09-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [290264 2017-09-25] (AVG Technologies CZ, s.r.o.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [30888 2016-12-07] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
S3 FlyUsb; C:\WINDOWS\System32\drivers\FlyUsb.sys [19456 2015-06-04] (LeapFrog)
R3 LVUSBSta; C:\WINDOWS\System32\drivers\LVUSBSta.sys [41888 2015-12-09] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
S3 NuidFltr; C:\WINDOWS\System32\drivers\NuidFltr.sys [44328 2016-04-26] (Microsoft Corporation)
R3 pepifilter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [14112 2015-12-09] (Logitech Inc.)
R3 PID_PEPI; C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [1276832 2015-12-09] (Logitech Inc.)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [23552 2014-08-08] (The OpenVPN Project)
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3245056 2016-07-16] (Realtek Semiconductor Corporation )
R2 SBKUPNT; C:\WINDOWS\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] () [File not signed]
S0 SI3112r; C:\WINDOWS\System32\drivers\SI3112r.sys [116264 2015-12-09] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\drivers\SiWinAcc.sys [19240 2015-12-09] (Silicon Image, Inc)
S3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable_win7.sys [34024 2015-12-04] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
U3 aswMBR; C:\Users\Dad\AppData\Local\Temp\aswMBR.sys [56704 2017-10-03] () [File not signed]
U3 aswVmm; C:\Users\Dad\AppData\Local\Temp\aswVmm.sys [192224 2017-10-03] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-04 18:56 - 2017-10-04 18:57 - 000017089 _____ C:\Users\Dad\Desktop\FRST.txt
2017-10-04 18:54 - 2017-10-04 18:56 - 000000000 ____D C:\FRST
2017-10-04 18:54 - 2017-10-04 18:54 - 001796096 _____ (Farbar) C:\Users\Dad\Desktop\FRST.exe
2017-10-04 18:46 - 2017-10-04 18:46 - 038257112 _____ (Tweaking.com) C:\Users\Dad\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-10-03 19:58 - 2017-10-03 19:58 - 000002258 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2017-10-03 19:58 - 2017-10-03 19:58 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-DESKTOP-2FD7588-Windows-10-Pro-(32-bit).dat
2017-10-03 19:58 - 2017-10-03 19:58 - 000000000 ____D C:\RegBackup
2017-10-03 19:58 - 2017-10-03 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-10-03 19:57 - 2017-10-03 19:58 - 000017361 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2017-10-03 19:57 - 2017-10-03 19:57 - 000000000 ____D C:\Program Files\Tweaking.com
2017-10-03 19:51 - 2017-10-03 19:51 - 005198336 _____ (AVAST Software) C:\Users\Dad\Desktop\aswMBR.exe
2017-10-03 16:13 - 2017-10-03 20:55 - 001639029 _____ C:\Users\Dad\Desktop\Shed-Store.dwg
2017-09-24 17:41 - 2017-09-24 17:55 - 000000000 ___HD C:\Users\Dad\Desktop\Corel Auto-Preserve
2017-09-21 10:11 - 2017-09-21 10:11 - 000221632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\081F680A.sys
2017-09-21 09:40 - 2017-09-29 06:20 - 000059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\ProgramData\MB2Migration
2017-09-21 09:40 - 2017-09-21 09:40 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-20 21:18 - 2017-09-20 21:20 - 000000000 ____D C:\Program Files\Tetris Unlimited
2017-09-16 11:29 - 2017-09-16 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-16 11:27 - 2017-09-16 11:29 - 000000000 ____D C:\Program Files\iTunes
2017-09-16 11:14 - 2017-09-16 11:14 - 000000000 ____D C:\Program Files\Apple Software Update
2017-09-15 22:14 - 2017-09-15 22:14 - 000000000 ____D C:\Users\Dad\AppData\LocalLow\NoBrakesGames
2017-09-15 21:38 - 2017-09-15 21:38 - 000000000 ____D C:\Users\Dad\AppData\Local\Steam
2017-09-15 21:29 - 2017-10-03 19:19 - 000000000 ____D C:\Program Files\Steam
2017-09-15 21:29 - 2017-09-21 11:02 - 000000000 ____D C:\Program Files\Common Files\Steam
2017-09-15 21:29 - 2017-09-15 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-15 00:00 - 2017-09-15 00:00 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Kodi
2017-09-14 23:59 - 2017-09-14 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-09-14 23:58 - 2017-09-14 23:59 - 000000000 ____D C:\Program Files\Kodi
2017-09-08 20:42 - 2017-09-08 20:51 - 000000000 ____D C:\Users\Dad\Desktop\The Emoji Movie 2017 XViD NOGrp
2017-09-07 09:57 - 2017-09-07 09:57 - 000000198 ____H C:\Users\Dad\Documents\Drawing1.dwl2
2017-09-07 09:57 - 2017-09-07 09:57 - 000000048 ____H C:\Users\Dad\Documents\Drawing1.dwl
2017-09-04 19:54 - 2017-09-04 19:53 - 000305936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-09-04 10:20 - 2017-09-04 10:20 - 000000000 ____D C:\Users\Default\AppData\Local\AVG
2017-09-04 10:20 - 2017-09-04 10:20 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-03 19:15 - 2016-09-25 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-03 19:14 - 2016-07-16 03:22 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-10-03 19:08 - 2017-08-02 21:58 - 000000000 ____D C:\Users\Dad\Desktop\Movies to Merge
2017-10-03 13:50 - 2015-12-10 07:09 - 000000000 ____D C:\Users\Dad\AppData\Roaming\BitComet
2017-10-02 21:00 - 2016-09-25 19:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-01 20:50 - 2015-12-09 03:41 - 000000000 ____D C:\Users\Dad\AppData\Local\ElevatedDiagnostics
2017-09-30 16:36 - 2015-12-10 10:24 - 000000000 ____D C:\Users\Dad\AppData\Local\CrashDumps
2017-09-26 19:05 - 2016-09-28 20:38 - 000000000 ____D C:\AdwCleaner
2017-09-26 17:21 - 2016-11-05 18:05 - 000000000 ___RD C:\Users\Dad\Desktop\Murdo Jr
2017-09-25 19:56 - 2017-04-01 13:10 - 000290264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgvmm.sys
2017-09-24 05:28 - 2016-07-16 09:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-24 05:27 - 2016-07-16 09:29 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-24 05:27 - 2015-12-10 11:05 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-24 05:23 - 2015-12-10 10:45 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-24 02:28 - 2015-12-09 03:06 - 000000000 ___RD C:\Users\Dad\Desktop\Murdo
2017-09-22 13:23 - 2016-07-16 09:29 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-22 00:10 - 2016-07-16 09:28 - 000000000 ____D C:\WINDOWS\INF
2017-09-21 19:37 - 2017-02-23 20:45 - 000000000 ____D C:\Users\Dad\AppData\Roaming\vlc
2017-09-21 19:33 - 2016-01-16 21:15 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Anvsoft
2017-09-21 11:00 - 2016-09-25 19:55 - 000000000 ____D C:\Users\Dad
2017-09-21 09:40 - 2016-09-28 09:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-19 14:01 - 2015-12-10 01:32 - 000001254 _____ C:\Users\Dad\Desktop\To Do.txt
2017-09-19 13:31 - 2015-12-09 04:09 - 000000000 ___RD C:\Users\Dad\Desktop\Macleod Bros
2017-09-18 19:56 - 2017-04-01 13:10 - 000140648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgstm.sys
2017-09-16 11:29 - 2016-12-04 17:09 - 000000000 ____D C:\Program Files\iPod
2017-09-16 11:14 - 2016-01-02 18:40 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-15 22:11 - 2016-07-16 09:29 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-09-15 13:32 - 2015-12-09 02:16 - 000002361 _____ C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 13:32 - 2015-12-09 02:16 - 000000000 ___RD C:\Users\Dad\OneDrive
2017-09-14 08:56 - 2015-12-09 02:09 - 000000000 ____D C:\Users\Dad\AppData\Local\Packages
2017-09-08 16:54 - 2016-07-16 11:18 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-09-07 21:43 - 2016-04-26 19:30 - 000000566 _____ C:\WINDOWS\system32\LexFiles.ulf
2017-09-07 21:41 - 2016-09-28 20:37 - 000000000 ____D C:\Users\Dad\AppData\Roaming\AVAST Software
2017-09-07 21:41 - 2015-12-09 03:27 - 000000000 ____D C:\Users\Dad\AppData\Local\AvgSetupLog
2017-09-07 21:30 - 2015-12-10 22:06 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2017-09-05 23:30 - 2017-06-02 18:40 - 000000000 ____D C:\Users\Dad\Desktop\Photos to Merge
2017-09-04 19:57 - 2017-03-07 18:32 - 000000000 ____D C:\ProgramData\KMSAuto
2017-09-04 19:54 - 2017-04-01 13:10 - 000492552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-09-04 19:54 - 2017-04-01 13:10 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-09-04 19:53 - 2017-04-01 13:10 - 000766216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000261128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
2017-09-04 19:52 - 2017-04-01 13:10 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
2017-09-04 19:49 - 2017-03-07 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-04 19:49 - 2017-03-07 19:02 - 000000000 ____D C:\Program Files\KMSpico
2017-09-04 10:22 - 2017-04-03 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2016-09-20 14:30 - 2016-09-20 14:30 - 000000000 _____ () C:\Users\Dad\AppData\Roaming\1.txt
2016-06-17 07:54 - 2016-06-17 07:54 - 000004436 _____ () C:\Users\Dad\AppData\Roaming\90msp-RKSJ-V
2016-10-10 08:33 - 2016-10-10 08:33 - 000000677 _____ () C:\Users\Dad\AppData\Roaming\adventives.zkh
2016-06-17 07:53 - 2016-06-17 07:53 - 000001196 _____ () C:\Users\Dad\AppData\Roaming\Athens
2016-10-10 08:33 - 2016-10-10 08:33 - 000060457 _____ () C:\Users\Dad\AppData\Roaming\bookmaking.rgj
2016-10-15 14:08 - 2016-10-15 14:33 - 000061134 _____ () C:\Users\Dad\AppData\Roaming\Carney.DLB
2016-06-17 07:53 - 2016-06-17 07:53 - 000001930 _____ () C:\Users\Dad\AppData\Roaming\compare-with-callbacks.js
2015-12-28 20:42 - 2017-02-23 20:35 - 000001043 _____ () C:\Users\Dad\AppData\Roaming\coreavc.ini
2016-06-17 07:53 - 2016-06-17 07:53 - 000003119 _____ () C:\Users\Dad\AppData\Roaming\frnphon.env
2015-12-10 22:45 - 2015-12-10 22:45 - 000000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-11-10 13:36 - 2016-11-10 13:36 - 000000016 _____ () C:\ProgramData\mntemp
2016-11-10 13:36 - 2016-11-10 13:36 - 000004965 _____ () C:\ProgramData\mudtcpaz.vzs

Some files in TEMP:
====================
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
2017-09-03 18:55 - 2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-01 20:49

==================== End of FRST.txt ============================

Run Windows repair all in one as stated

Log

Log:
Tweaking.com - Windows Repair 2018 (v4.0.7)
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 10 Pro
OS Architecture: 32-bit
OS Version: 10.0.14393.187
OS Service Pack:
Computer Name: DESKTOP-2FD7588
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Current Profile: C:\Users\Dad
Current Profile SID: S-1-5-21-1307612883-4072204045-1798725994-1002
Current Profile Classes: S-1-5-21-1307612883-4072204045-1798725994-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\Dad\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 01 Day 00:25:31

Process Count: 72
Commit Total: 2.38 GB
Commit Limit: 4.26 GB
Commit Peak: 3.61 GB
Handle Count: 39703
Kernel Total: 652.34 MB
Kernel Paged: 429.92 MB
Kernel Non Paged: 222.42 MB
System Cache: 1.20 GB
Thread Count: 1120
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.00 GB
Memory Used: 1.81 GB(60.4209%)
Memory Avail.: 1.19 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.00 GB
Memory Used: 1.51 GB(50.2522%)
Memory Avail.: 1.49 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (4/10/17 19:40:52)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 75

01 - Reset Registry Permissions
Restore Windows 7/8/10 Default Registry Permissions
Start (4/10/17 19:40:56)


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\hku.7z
Done, 0.53 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\hklm.7z
Done, 24.59 seconds.

Running Repair Under System Account
Done (4/10/17 19:42:41)

03 - Reset Service Permissions
Start (4/10/17 19:42:41)

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:43:03)

04 - Register System Files
Start (4/10/17 19:43:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:43:53)

05 - Repair WMI
Start (4/10/17 19:43:53)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
Windows Defender Exported.
Malwarebytes Exported.
AVG Antivirus Exported.

Exporting AntiSpyware Info...
Malwarebytes Exported.
Windows Defender Exported.
AVG Antivirus Exported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (4/10/17 19:52:00)

06 - Repair Windows Firewall
Start (4/10/17 19:52:00)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.2 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:52:50)

07 - Repair Internet Explorer
Start (4/10/17 19:52:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:53:49)

10 - Remove Policies Set By Infections
Start (4/10/17 19:53:49)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:53:55)

16 - Repair Windows Updates
Start (4/10/17 19:53:55)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.3 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (4/10/17 19:55:03)

18 - Repair Volume Shadow Copy Service
Start (4/10/17 19:55:03)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.19 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:55:43)

20 - Repair MSI (Windows Installer)
Start (4/10/17 19:55:43)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.48 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:01)

25 - Restore Important Windows Services
Start (4/10/17 19:56:01)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\10\services.7z
Done, 0.19 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:21)

26 - Set Windows Services To Default Startup
Start (4/10/17 19:56:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (4/10/17 19:56:45)
 
(Disabled Malwarebytes and AVG
Click to expand...
When you did this, did you see any difference?

Also, after you ran/used Tweaking.com - Windows Repair. has anything improved?

When Farbar Recovery Scan Tool (FRST) Scan was first used it should had created Addition.txt
Can you locate this and post it in your next reply.
 
A little

Internet explorer definitely has improved. But even while typing this the word improved just hung at "impro " and then suddenly the rest of the text will just appear.

I'm away until Saturday evening at a family wedding but will respond to further messages on my return - Many Thanks for your help



Here is the Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2017 01
Ran by Dad (04-10-2017 18:58:50)
Running from C:\Users\Dad\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-09-25 19:43:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1307612883-4072204045-1798725994-500 - Administrator - Disabled)
Dad (S-1-5-21-1307612883-4072204045-1798725994-1002 - Administrator - Enabled) => C:\Users\Dad
DefaultAccount (S-1-5-21-1307612883-4072204045-1798725994-503 - Limited - Disabled)
Guest (S-1-5-21-1307612883-4072204045-1798725994-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

5KPlayer 4.2 (HKLM\...\5KPlayer_is1) (Version: - DearMob, Inc.)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5002-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.22) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.22 - Adobe Systems Incorporated)
Airfoil (HKLM\...\Airfoil) (Version: 5.1.7 - Rogue Amoeba)
Any Video Converter 5.8.8 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA476373-DAE7-4E51-957A-F43F01D9FACD}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Athentech Perfectly Clear (HKLM\...\_{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation)
Athentech Perfectly Clear (HKLM\...\{6CB22877-5117-4C04-84D4-78072AB836FC}) (Version: 1.0.0.122 - Corel Corporation) Hidden
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1002-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk App Manager 2016 (HKLM\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 32 bit (HKLM\...\{67EA06D3-1863-4E37-A19B-DB56175EAD15}) (Version: 4.35.1742 - Autodesk)
Autodesk Featured Apps 2016 (HKLM\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
AVG (HKLM\...\{1D382E7D-7E8B-4C85-9233-287017A66599}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
BitComet 1.45 (HKLM\...\BitComet) (Version: 1.45 - CometNetwork)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon iP7200 series User Registration (HKLM\...\Canon iP7200 series User Registration) (Version: - Canon Inc.‎)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CompuApps SwissKnife V3 (HKLM\...\CompuApps SwissKnife V3) (Version: - )
CoreAVC Professional Edition (remove only) (HKLM\...\CoreAVC Professional Edition) (Version: - )
Corel PaintShop Pro X8 (HKLM\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.2.0.61 - Corel Corporation)
Corel PaintShop Pro X8 (HKLM\...\{8239357B-E792-4EEB-9F8B-F2535730A315}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.03 - Creative Technology Limited)
Dolby Digital Live Pack (HKLM\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
DTS Connect Pack (HKLM\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 12.0 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Fax Solutions (HKLM\...\Dell Fax Solutions) (Version: - Dell, Inc.)
FileZilla Client 3.27.0.1 (HKLM\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
Findwide Toolbar (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\{D9E0E111-6FB8-48F0-BC95-CF78A7835A84}) (Version: - Freshy) <==== ATTENTION
FMW 1 (HKLM\...\{E2258604-A4CB-4F29-BB9F-58081E193EAA}) (Version: 1.224.4 - AVG Technologies) Hidden
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Free FLV to MP4 Converter 1.0.28 (HKLM\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter)
Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HDD Regenerator (HKLM\...\{CC5DA723-D428-40D1-B82B-21EB64B1273C}) (Version: 20.11.0011 - Abstradrome)
Human: Fall Flat (HKLM\...\Steam App 477160) (Version: - No Brakes Games)
ICA (HKLM\...\{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.0.0.124 - Corel Corporation) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPM_PSP_COM (HKLM\...\{80A28CA4-189A-4EB2-9F76-7845A0A83D2A}) (Version: 18.0.0.124 - Corel Corporation) Hidden
iTunes (HKLM\...\{5D7E7C4A-FA18-4A83-8FBC-D31B115306B2}) (Version: 12.7.0.166 - Apple Inc.)
Keyboard Express 3 (HKLM\...\Keyboard Express 3) (Version: 3.4 - Insight Software Solutions, Inc.)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kodi (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Kodi) (Version: - XBMC-Foundation)
LeapFrog Connect (HKLM\...\{97CD1D2B-20BD-40E8-825E-B4BDA5071B73}) (Version: 7.0.7.20035 - LeapFrog) Hidden
LeapFrog Connect (HKLM\...\UPCShell) (Version: 7.0.7.20035 - LeapFrog)
LeapFrog Tag Plugin (HKLM\...\{6A04826B-5056-4B0F-BD5B-1F88DCFFD9B5}) (Version: 7.0.6.19846 - LeapFrog) Hidden
Logitech QuickCam Software (HKLM\...\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}) (Version: 8.47.0000 - Logitech, Inc.)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Expression Web (HKLM\...\WebDesigner) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Movavi Video Converter 17 (HKLM\...\Movavi Video Converter 17) (Version: 17.0.3 - Movavi)
Mozilla Firefox 51.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 51.0 (x86 en-GB)) (Version: 51.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 51.0 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Music Recorder (HKLM\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
Nero 2017 (HKLM\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero BurningROM 2016 (HKLM\...\{FF4B0F4C-80E2-45E4-B7FA-AD6D32B2542A}) (Version: 17.0.00700 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
Octodad - Dadliest Catch (HKLM\...\Octodad - Dadliest Catch_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version: - )
Prerequisite installer (HKLM\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Prerequisite installer (HKLM\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
PSPPContent (HKLM\...\{89E018D8-558F-4051-BB26-64DD9B90DF68}) (Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPHelp (HKLM\...\{88340123-2A5C-48D4-98C1-58C18D12F09C}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Setup (HKLM\...\{8BFA76B5-47DD-4C88-9C9B-7407019F0E13}) (Version: 18.0.0.124 - Corel Corporation) Hidden
Shairport4w (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Shairport4w) (Version: 1.0.8.8 - Frank Friemel)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sugarbox version 0.27 (HKLM\...\{C109A1CE-96CA-4E6A-B43E-018DD4B73BA3}_is1) (Version: 0.27 - Sugarbox)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM\...\TagPlugin) (Version: 7.0.6.19846 - LeapFrog)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Who's You Daddy Alpha version V0.2.0 (HKLM\...\{94FDA70B-B651-40E2-8703-308F448A6A0D}_is1) (Version: V0.2.0 - Joe Williams)
Windows Driver Package - Bose Corporation (usbser) Ports (08/03/2012 1.2.0.0) (HKLM\...\7AFADC17CE5D176C218EB94F26AE53271142A857) (Version: 08/03/2012 1.2.0.0 - Bose Corporation)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.9.8 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-04] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => C:\Windows\System32\WSCM32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-04] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C6E1A1-CC37-4D97-A93E-A37032689AAA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {077F4C37-C322-4D50-8E94-E2CD3408E2D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-31] (Google Inc.)
Task: {0C223F1A-298C-40AA-B3BB-CB6965050067} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {0C23455F-94DE-4964-80A9-A7603EDBB2C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-24] (Microsoft Corporation)
Task: {3A05131B-DD71-4A52-8D85-EDB6650864D0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {3A2A3E98-08E4-4D89-BD96-0ECA42046A3D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {3C8DA9AD-B38F-4E84-A66B-888F411E8D19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-24] (Microsoft Corporation)
Task: {498821DE-0215-404C-ACFB-6BDF64A17EA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {582C4225-C25A-4072-82E4-544BDF1DD1D9} - System32\Tasks\{7C3C99D2-C6D1-4315-97CD-EA1F44AE6558} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Dad\Desktop\R174616.exe -d C:\Users\Dad\Desktop
Task: {5FD4DA14-8FE7-4F8E-A4CA-F48C145971BF} - System32\Tasks\1215tbUpdateInfo => C:\ProgramData\Avg_Update_1215tb\1215tb_{37D935FE-CFD2-4E91-BA42-3CCDD693D97E}.exe
Task: {7ED68182-568A-4CB4-80FA-EC39C3A1DB67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {8FD532F9-8588-443A-885D-4DC1FBDACAD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {9564836E-54AE-4FE1-A47F-AA4B0581ED8C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {991558FC-EC88-44A0-B5EB-4F348A73361E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
Task: {C708F0F5-7301-4120-AC9B-F8E61460F878} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {D3B1B61C-929E-4ED1-BC29-FA5EE367DADD} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {E470C9C2-C3B7-441C-B22E-E7607F85025A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-09-04] (AVG Technologies CZ, s.r.o.)
Task: {E8939421-C7E5-42C1-897F-16BE1AEF9BBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-07-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 09:25 - 2016-07-16 09:25 - 000190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 002048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-26 19:31 - 2006-10-06 07:06 - 000045056 _____ () C:\WINDOWS\System32\DLPRMON.DLL
2016-10-05 19:18 - 2016-10-05 19:18 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-08 14:17 - 2013-05-08 14:17 - 000082144 _____ () C:\Program Files\HDD Regenerator\hrsrv.exe
2015-12-10 22:06 - 2014-05-13 13:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-10 22:06 - 2014-05-13 13:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-10 22:06 - 2014-05-13 13:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-10 22:06 - 2012-08-23 11:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-10 22:06 - 2012-04-03 18:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-08-22 06:05 - 2017-09-24 05:16 - 008928968 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 000109056 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 000108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 006726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 001149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 000779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 001741824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-26 04:32 - 2016-09-26 04:32 - 003158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-28 12:49 - 2016-11-28 12:49 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2016-02-05 02:50 - 2015-09-18 12:28 - 000081640 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\AppService.exe
2016-02-05 02:50 - 2015-09-17 09:55 - 000872448 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\Framework.dll
2016-02-05 02:50 - 2014-09-12 04:11 - 000013824 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\Utility.dll
2016-02-05 02:50 - 2015-06-24 06:53 - 002825216 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\IosDevice.dll
2016-02-05 02:50 - 2011-03-24 09:42 - 000334848 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtXml4.dll
2016-02-05 02:50 - 2011-03-24 09:56 - 007981056 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtGui4.dll
2016-02-05 02:50 - 2011-03-24 09:43 - 000934912 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtNetwork4.dll
2016-02-05 02:50 - 2011-03-24 09:42 - 002145792 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtCore4.dll
2016-02-05 02:50 - 2011-03-24 11:25 - 009843200 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtWebKit4.dll
2016-02-05 02:50 - 2014-09-15 02:51 - 000987136 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\libxml2.dll
2016-02-05 02:50 - 2011-03-24 10:06 - 000232960 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\phonon4.dll
2016-02-05 02:50 - 2011-03-24 10:06 - 002530816 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\QtXmlPatterns4.dll
2016-02-05 02:50 - 2014-09-15 02:51 - 000077824 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\zlib1.dll
2016-02-05 02:50 - 2014-09-12 04:11 - 000562072 _____ () C:\Program Files\Aiseesoft Studio\FoneLab\SQLite3.dll
2017-07-02 19:48 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
2017-07-02 19:48 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll
2017-07-02 19:48 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
2017-07-24 17:43 - 2017-07-24 17:43 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000213024 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
2017-09-04 19:53 - 2017-09-04 19:53 - 000243080 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2017-09-27 19:56 - 2017-09-27 19:56 - 000693528 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2016-08-16 08:36 - 2016-08-16 08:37 - 000017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 08:36 - 2016-08-16 08:37 - 011393536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-16 08:36 - 2016-08-16 08:37 - 000541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-04 06:37 - 2016-03-04 06:38 - 000180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-09-28 18:52 - 2016-09-28 18:52 - 002928640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x86__8wekyb3d8bbwe\Calculator.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 09:28 - 2017-08-20 17:31 - 000453327 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15560 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\Desktop\Murdo\Settings\66.jpg
DNS Servers: 62.6.40.178 - 62.6.40.162
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "CTxfiHlp"
HKLM\...\StartupApproved\Run: => "ADSKAppManager"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => " QQPCTray"
HKLM\...\StartupApproved\Run: => "Monitor"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\StartupFolder: => "produpd.lnk"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "Akworks"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "K061WSFDFT"
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\StartupApproved\Run: => "LC3RCYU6XX"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E866ECD1-69DC-4FFD-B2BE-87413CD32304}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{384CF852-664C-4626-9491-FE3B99633E4F}] => (Allow) 㩃啜敳獲䑜摡䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e
FirewallRules: [{298D0BF0-B2A8-4479-B1FA-DA4029FFB5C9}] => (Allow) 㩃啜敳獲䑜摡䅜灰慄慴剜慯業杮獜湳獜湳攮數
FirewallRules: [{B26A5B77-5993-438D-9DCB-12AF213BA2F8}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe
FirewallRules: [{1559CA9B-A7B7-4D0C-9CEC-C19E58EDE5F1}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTaiox.exe
FirewallRules: [{71F24588-3D73-45BE-BFE7-727641DE6B79}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe
FirewallRules: [{90EB0001-7981-43DF-A250-82CE11054C93}] => (Allow) C:\Program Files\Dell Photo AIO Printer 922\DLBTmon.exe
FirewallRules: [{98F5814D-6AF3-4B31-9C41-BF4F50A78DFD}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe
FirewallRules: [{DDDA3E80-90A6-44BC-B1F9-35D3933B5D23}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\dlbtpswx.exe
FirewallRules: [{70EC6685-EEFF-4E1F-B561-F74DFDC4CA37}] => (Allow) C:\Windows\System32\dlbtcoms.exe
FirewallRules: [{34D4C229-7EF6-4BAD-9282-793DC7C31284}] => (Allow) C:\Windows\System32\dlbtcoms.exe
FirewallRules: [UDP Query User{D444CC20-6351-4AC5-AA0D-365344F482DE}C:\program files\shairport4w\shairport4w.exe] => (Block) C:\program files\shairport4w\shairport4w.exe
FirewallRules: [TCP Query User{6345A0DD-0EF9-4539-BAFE-92F9C8D5ED1C}C:\program files\shairport4w\shairport4w.exe] => (Block) C:\program files\shairport4w\shairport4w.exe
FirewallRules: [{3BA6BB1A-E109-408C-878B-332497B282F8}] => (Allow) C:\Program Files\Shairport4w\Shairport4w.exe
FirewallRules: [{E8B208F2-7F39-4CBA-9619-F83991582257}] => (Allow) C:\Program Files\Shairport4w\Shairport4w.exe
FirewallRules: [UDP Query User{37BF7344-404B-4C0B-930C-A7254FF4868D}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{259C43B6-BB7F-476A-8FF0-085010745D26}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{C4864A50-D644-4B0D-89D9-DB857CDD3539}C:\program files\airfoil\airfoilspeakers.exe] => (Allow) C:\program files\airfoil\airfoilspeakers.exe
FirewallRules: [TCP Query User{E6AD8DD2-0F33-44E0-9859-6ED3D75D76B6}C:\program files\airfoil\airfoilspeakers.exe] => (Allow) C:\program files\airfoil\airfoilspeakers.exe
FirewallRules: [UDP Query User{3F2E22D7-453E-4B58-9389-4F6B2395A194}C:\program files\airfoil\airfoil.exe] => (Allow) C:\program files\airfoil\airfoil.exe
FirewallRules: [TCP Query User{A817DE3B-212E-45F3-A54E-6B84D511966D}C:\program files\airfoil\airfoil.exe] => (Allow) C:\program files\airfoil\airfoil.exe
FirewallRules: [{7A0BD688-D3FF-4DC0-8939-33AFF9F9D2AA}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{5F419906-1DEA-4A6E-AED3-2FA218EA4E64}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{512E1FEF-1DE0-45B7-AC24-11B83ADB1BE2}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{EC220345-D38A-4AAA-9AE7-7216F08BB878}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{4FD8E92A-1EAB-4B3F-9AA0-4641E987D1B7}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{057C92DB-7B3B-4271-9990-92B796A66F60}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{6F93EEA4-C743-420B-A19F-0ECAD9A407F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2350A2A4-BC1F-430F-B8C0-DBEE9F42AB4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97636684-B561-4880-8D8C-36A8729AFA51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B464C2BD-C96A-49D6-8BF3-B701E19AF761}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{16EB2B04-0FF9-49BC-8124-D2BF87749A83}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{B0A7B3C4-1268-47A2-B240-70661A64F87B}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{8DD7AEBA-C5E9-45DB-8255-572191793578}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{28CC1F95-D1C5-4B0D-B13F-8207EFB18774}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{317EA138-92F4-40C0-81CF-D295363A6BC4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B226070D-4139-4DF8-9FC2-E2DE3C32BB43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A934403B-6D6E-4B70-BF91-939B2161138A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A6311737-78A2-4063-A39B-C149FB7143AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D3187473-A83D-4998-BB21-96593B02DF8D}C:\program files\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{FA948DEC-5361-45E3-86D5-FD8572A7855C}C:\program files\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{8C774F6C-821B-41AD-A212-1D9A03D19A0B}] => (Allow) C:\Program Files\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{353736F0-2029-4E21-B3BC-B91A73C2A497}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2075EC3F-4E87-4E5C-8518-316102D6AD4B}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{663ADB34-7BB7-44FB-8C78-F732F5AF087B}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{98918B9E-279C-47DD-8B88-70090A396749}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{059C96C5-7EE7-4F87-A382-7D9D4323B3E3}] => (Allow) C:\Program Files\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [TCP Query User{E9CF9825-32DE-4E64-8B03-774EE22C2AD4}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{EBF9B98A-BA02-4DAE-8F68-FD771B275FC3}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{E1F715F2-05DB-4E21-BEB9-9AAA93E35893}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{ABF08258-0271-40A0-85B1-F42845F97D45}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{55D4B5C3-7C2D-40B4-B596-461C5F9880D0}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{517DD9EE-B746-4F9D-85E8-4E373A50EDF9}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1EF6B511-E2BF-43B0-BF52-8F22F0BC88DD}] => (Allow) C:\Program Files\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{D9C76DC8-5EDD-4E56-AED0-D60F390B45E9}] => (Allow) C:\Program Files\Steam\steamapps\common\Human Fall Flat\Human.exe
FirewallRules: [{52A3492C-7478-42A8-9E14-E44F4B9F56A3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C94859F9-4206-4DA6-A051-EB827CAF0438}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{E6FC97E6-9AF1-4243-945D-9D04668C1185}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\nero.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

14-09-2017 22:08:29 Scheduled Checkpoint
23-09-2017 20:44:09 Scheduled Checkpoint
02-10-2017 20:42:46 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2017 07:01:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Repair_Windows.exe, version: 4.0.0.7, time stamp: 0x59d3abef
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0014ff58
Faulting process id: 0x178
Faulting application start time: 0x01d33d3ac2407e4c
Faulting application path: C:\Program Files\Tweaking.com\Windows Repair (All in One)\Repair_Windows.exe
Faulting module path: unknown
Report Id: 5b6b1da8-3874-4305-8cd6-7465c1c43de2
Faulting package full name:
Faulting package-relative application ID:

Error: (10/03/2017 11:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 14.0.1.0, time stamp: 0x55aef295
Faulting module name: KERNELBASE.dll, version: 10.0.14393.187, time stamp: 0x57cf9899
Exception code: 0xe0434352
Fault offset: 0x000c2062
Faulting process id: 0x2568
Faulting application start time: 0x01d33c9b3387beec
Faulting application path: C:\Program Files\KMSpico\AutoPico.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a240fff8-46da-4e60-b4ca-b9a2f3e7f226
Faulting package full name:
Faulting package-relative application ID:

Error: (10/03/2017 11:59:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
at System.Management.ManagementObject.InvokeMethod(System.String, System.Management.ManagementBaseObject, System.Management.InvokeMethodOptions)
at AutoPico.Activador.WMI.SoftwareLicensingProduct.Activate()
at ᜎ.ᜀ(AutoPico.Activador.Variables ByRef, System.Collections.Generic.List`1<AutoPico.Activador.WMI.SoftwareLicensingProduct> ByRef)
at AutoPico.Activador.Activador.ᜂ(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Activador+ᜀ.ᜂ()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (10/03/2017 08:13:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\LeapFrog\LeapFrog Connect\TagUSBDrivers\DPInst64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:13:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\LeapFrog\LeapFrog Connect\TagUSBDrivers\DPInst64.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:12:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\EaseUS\EaseUS Partition Master 12.0\BUILDPE\EaseUS-x64\epm\bin\Main.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 08:12:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\EaseUS\EaseUS Partition Master 12.0\BUILDPE\EaseUS-x64\epm\bin\Main.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/03/2017 07:20:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 8e0

Start Time: 01d33c741451c600

Termination Time: 32

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 8a9e7353-a867-11e7-945d-001e4fdf241c

Faulting package full name:

Faulting package-relative application ID:

Error: (10/03/2017 07:16:02 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
(HRESULT : 0x80040210) (0x80040210)

Error: (10/02/2017 08:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 03:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 08:23:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
and APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (10/03/2017 11:59:40 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. The error:
"2"
Happened while starting this command:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (10/03/2017 11:59:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {3C296D07-90AE-4FAC-86F9-65EAA8B82D22} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2017-10-04 18:57:36.620
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-04 18:57:36.616
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-03 20:14:36.180
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-03 20:14:36.177
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:56:28.341
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:56:28.337
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.613
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.609
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.606
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-02 18:26:49.602
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 58%
Total physical RAM: 3069.61 MB
Available physical RAM: 1265.42 MB
Total Virtual: 4357.7 MB
Available Virtual: 1956.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.57 GB) (Free:917.64 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive j: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive k: (Music) (Fixed) (Total:224.51 GB) (Free:79.05 GB) NTFS
Drive l: (Old OS Windows 7) (Fixed) (Total:241.15 GB) (Free:112.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D3C687C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=241.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: ED56A399)
Partition 1: (Active) - (Size=1862.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================
 
Please go to your add/remove programs list, look for and delete
Findwide Toolbar (HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\{D9E0E111-6FB8-48F0-BC95-CF78A7835A84}) (Version: - Freshy) <==== ATTENTION
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
KMSpico, This is illegal activation tools for Microsoft Windows and Office products.

~~~~~~~~~~~~~~~~~~`
Start Farbar Recovery Scan Tool (Please double-click on FRST/FRST64) with Administrator privileges

Highlight the below information then hit the Ctrl + C keys at the same time
or Right click/highlight on the text below and select Copy.
beginning with Start:: and finishing with End::


Start::
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
C:\ProgramData\KMSAuto
2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]
Emptytemp:
End::


Press the Fix button.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
~~

Let's update Malwarebytes Anti-Malware and run a new scan

Open Malwarebytes Anti-Malware
click the Settings tab,at the top choose Protection and tick Scan for rootkits.
Click the Dashboard tab, choose Scan, Threat Scan is checked and click Start Scan.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the Reports tab.
Double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

h3qKPnn.png
Malwarebytes AdwCleaner
  • Please download Malwarebytes AdwCleaner and save the file to your Desktop
  • Right-click AdwCleaner.exe and select
    AVOiBNU.jpg
    Run as administrator     to run the programme.
  • Follow the prompts.
  • Click
    A49sxPr.png
    Scan.
  • Upon completion, click
    6cyn5v5.png
    Logfile. A log (AdwCleaner[S0].txt) will open. Briefly check the log for anything you know to be legitimate.
  • Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
  • Click [img=http://i.imgur.com/MqHawIb.png] Clean.
  • Follow the prompts and allow your computer to reboot.
  • After the reboot, a log (AdwCleaner[C0].txt) will open. Copy the contents of the log and paste in your next reply.
-- File, folder and registry backups are made for items removed using this programme. Should a legitimate file, folder or registry item be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S0].txt.


Please post
Fixlog.txt
Malwarebytes log
AdwCleaner log
 
Cant find files

Hi There

Tried uninstalling findwide toolbar but get the message that the files cant be found ?

Regarding KMS Pico - Before Removing this - My computers going to be rendered pretty useless I guess if My Windows 10 and Office/Excel are not activated ? Is this program causing an issue ?


Regards
 
woody55 said:
Hi There

Tried uninstalling findwide toolbar but get the message that the files cant be found ?

Regarding KMS Pico - Before Removing this - My computers going to be rendered pretty useless I guess if My Windows 10 and Office/Excel are not activated ? Is this program causing an issue ?


Regards
Click to expand...

AutoKMS as all of the KMS activation tools is a cracking utility, this forum cannot support the use of the tool or any other software that is cracked/illegal.
I can help you with your computer now and tell you of our policies but, if you should return and need help again and it is found...
help will be denied.
Also, many sites where this can be downloaded are hacked with malicious code so that makes it risky to say the least.

If you can, just continue with the fix I created and we can look for remnants for findwide toolbar later.
 
Ok - Will do

uninstalled KMSPico

Run FRST as stated and here is Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-10-2017
Ran by Dad (08-10-2017 12:32:38) Run:1
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Boot Mode: Normal

==============================================

fixlist content:
*****************

CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\...\Policies\Explorer: []
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={AD1DB690-F951-4B2B-9C85-145BE2B61EF1}&mid=409ad691902747ccb062d15805c271ac-0c7233c5c59cc201da8a7ddd4985513d8e8381be&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-09 02:58:28&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
SearchScopes: HKU\S-1-5-21-1307612883-4072204045-1798725994-1002 -> {EFE22B57-9F3C-4B9E-AB38-0368E469796D} URL =
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
C:\ProgramData\KMSAuto
2017-09-03 18:55 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe
2017-09-18 20:15 - 2017-09-18 20:15 - 016739360 _____ () C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe
2016-09-27 09:26 - 2016-09-27 09:26 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe
2017-08-08 22:00 - 2017-08-08 22:00 - 016742904 _____ () C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe
2016-12-04 14:53 - 2016-12-04 14:53 - 016187624 _____ () C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe
2017-08-20 17:39 - 2016-07-16 09:25 - 000628440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\kernel32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dad\AppData\Local\Temp\libeay32.dll
2017-07-02 22:14 - 2017-07-02 22:15 - 120455440 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe
2016-12-15 07:06 - 2016-12-15 07:06 - 000970912 _____ (Microsoft Corporation) C:\Users\Dad\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 000772672 _____ () C:\Users\Dad\AppData\Local\Temp\sqlite3.dll
2016-10-09 15:02 - 2016-10-09 15:02 - 000012288 _____ () C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL
2016-09-28 00:55 - 2015-01-26 09:09 - 000060296 _____ (Autodesk, Inc.) C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dad\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
Task: {A6B94F68-5F1D-475F-8090-44C2086F61B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-07-22] (@ByELDI)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [314]
Emptytemp:

*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => key removed successfully.
HKLM\Software\Classes\CLSID\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully.
HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-1307612883-4072204045-1798725994-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFE22B57-9F3C-4B9E-AB38-0368E469796D} => key removed successfully.
HKLM\Software\Classes\CLSID\{EFE22B57-9F3C-4B9E-AB38-0368E469796D} => key not found.
C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ => path removed successfully.
C:\ProgramData\KMSAuto => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit1224.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit2F94.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit9653.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\Bit9DE7.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\BitDE07.tmp.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\kernel32.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\mpam-6b3b5ec6.exe => moved successfully
C:\Users\Dad\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\sqlite3.dll => moved successfully
C:\Users\Dad\AppData\Local\Temp\TWcKOuHOnezxmjSkVTaA.DLL => moved successfully
C:\Users\Dad\AppData\Local\Temp\AcDeltree.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => key removed successfully.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => key removed successfully.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => key removed successfully.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key removed successfully.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => key removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => key removed successfully.
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B94F68-5F1D-475F-8090-44C2086F61B4} => key not found.
C:\Windows\System32\Tasks\AutoPico Daily Restart => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key not found.
C:\Windows => ":nlsPreferences" ADS removed successfully..
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully..

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 366045809 B
Java, Flash, Steam htmlcache => 6773249 B
Windows/system/drivers => 12310584 B
Edge => 1768575 B
Chrome => 0 B
Firefox => 15494201 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 23642248 B
NetworkService => 368912110 B
Dad => 3909063805 B

RecycleBin => 0 B
EmptyTemp: => 4.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:49:37 ====


Rebooted system

when I try and open Malwarebytes I get the message "unable to connect the service"

So I uninstalled it - re-downloaded and installed - Still get the same message ??

Doing ADCleaner scan just now will post results after its restart.
 
adwcleaner log

# AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 08 12:13:50 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\combofix.en.softonic.com
Deleted: - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\en.softonic.com
Deleted: - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Deleted: - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1215tbUpdateInfo


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [6612 B] - [2016/9/28 19:45:24]
C:/AdwCleaner/AdwCleaner[C10].txt - [2600 B] - [2017/3/7 20:13:30]
C:/AdwCleaner/AdwCleaner[C11].txt - [3207 B] - [2017/7/2 21:25:7]
C:/AdwCleaner/AdwCleaner[C2].txt - [1739 B] - [2016/9/29 17:26:6]
C:/AdwCleaner/AdwCleaner[C3].txt - [1581 B] - [2016/9/29 21:48:44]
C:/AdwCleaner/AdwCleaner[C4].txt - [2296 B] - [2016/10/15 13:21:3]
C:/AdwCleaner/AdwCleaner[C5].txt - [9858 B] - [2016/10/15 13:55:19]
C:/AdwCleaner/AdwCleaner[C6].txt - [2585 B] - [2016/10/15 14:5:6]
C:/AdwCleaner/AdwCleaner[C7].txt - [2147 B] - [2016/10/15 14:55:44]
C:/AdwCleaner/AdwCleaner[C8].txt - [2745 B] - [2016/11/3 17:30:28]
C:/AdwCleaner/AdwCleaner[C9].txt - [2535 B] - [2016/12/21 21:41:3]
C:/AdwCleaner/AdwCleaner[S0].txt - [6165 B] - [2016/9/28 19:42:26]
C:/AdwCleaner/AdwCleaner[S10].txt - [2835 B] - [2016/11/3 17:30:0]
C:/AdwCleaner/AdwCleaner[S11].txt - [2664 B] - [2016/12/21 21:40:28]
C:/AdwCleaner/AdwCleaner[S12].txt - [2735 B] - [2017/3/7 20:12:46]
C:/AdwCleaner/AdwCleaner[S13].txt - [2875 B] - [2017/4/29 11:6:20]
C:/AdwCleaner/AdwCleaner[S14].txt - [2949 B] - [2017/6/17 18:19:53]
C:/AdwCleaner/AdwCleaner[S15].txt - [3061 B] - [2017/7/2 21:21:16]
C:/AdwCleaner/AdwCleaner[S16].txt - [3048 B] - [2017/9/7 20:52:10]
C:/AdwCleaner/AdwCleaner[S17].txt - [2854 B] - [2017/9/26 18:5:5]
C:/AdwCleaner/AdwCleaner[S18].txt - [3379 B] - [2017/10/8 12:10:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1764 B] - [2016/9/29 17:22:54]
C:/AdwCleaner/AdwCleaner[S2].txt - [1690 B] - [2016/9/29 21:43:41]
C:/AdwCleaner/AdwCleaner[S3].txt - [1614 B] - [2016/9/30 15:43:24]
C:/AdwCleaner/AdwCleaner[S4].txt - [1687 B] - [2016/10/4 10:9:46]
C:/AdwCleaner/AdwCleaner[S5].txt - [2303 B] - [2016/10/15 13:20:28]
C:/AdwCleaner/AdwCleaner[S6].txt - [9689 B] - [2016/10/15 13:54:12]
C:/AdwCleaner/AdwCleaner[S7].txt - [2551 B] - [2016/10/15 14:3:29]
C:/AdwCleaner/AdwCleaner[S8].txt - [2255 B] - [2016/10/15 14:14:10]
C:/AdwCleaner/AdwCleaner[S9].txt - [2344 B] - [2016/10/16 15:50:13]


########## EOF - C:\AdwCleaner\AdwCleaner[C11].txt ##########

also - I am unable to turn on windows security
 
Much Better

Hi There,

PC is acting much better thanks - download dialogue appears within 30 seconds or so and was ages before.

Still cant get Malware bytyes working - run that uninstall tool and it asked me to restart and it installed the latest version but still the same error when trying to start it.

I think it did a preliminary scan or something and generated a report behind the scenes upon initially installing.

heres the report mb-clean-results.txt

2017-10-08 14:42:10.583 mb-clean:3.1.0.1031 @ Malwarebytes. All rights reserved.
2017-10-08 14:42:11.927 Malwarebytes self-protection module is not installed.
2017-10-08 14:42:11.927 Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Dad\AppData\Local\Temp\Mbam3x.log"
2017-10-08 14:44:13.304 Timeout!!!! Kill uninstaller!!!!
2017-10-08 14:44:13.304 >>>>>> Starting 2nd phase cleanup for Malwarebytes version 3.2.2.2029 <<<<<<
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2017-10-08 14:44:13.304 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2017-10-08 14:44:13.304 HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\
2017-10-08 14:44:14.570 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\AeDetections\
2017-10-08 14:44:14.695 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\AeDetections\
2017-10-08 14:44:14.695 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\ArwDetections\
2017-10-08 14:44:14.695 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ArwDetections\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\clean.mbdb
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\config\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\config\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\dbmanifest.dat
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\dynconfig.dat
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\exclusions.txt
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\logs\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\logs\
2017-10-08 14:44:14.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\mbdigsig.dat
2017-10-08 14:44:14.820 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\001a0d20-a674-11e7-b412-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\002606ca-a674-11e7-a7a9-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00869006-a513-11e7-852f-001e4fdf241c.json
2017-10-08 14:44:15.086 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00b858de-a513-11e7-9808-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00d2b82c-9f1f-11e7-b9c8-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\00e07444-9f1f-11e7-b18a-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\01333906-a53f-11e7-ac81-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\015bc0f6-a53f-11e7-8d07-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0214e5d0-a50e-11e7-99ee-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0219aa8e-a50e-11e7-a3ac-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\027465b6-a4ee-11e7-a741-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02923cb4-a4a1-11e7-a832-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029963cc-a4a1-11e7-9416-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029963ce-a4a1-11e7-85a4-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\029ecb12-a49e-11e7-8fe4-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02ac6fc6-a4a1-11e7-94b3-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02bff816-a4a1-11e7-9d9b-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02d6c468-a49e-11e7-9b6d-001e4fdf241c.json
2017-10-08 14:44:15.101 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\02e9eedc-a4a1-11e7-9fd0-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\037dca3a-9f1f-11e7-9a78-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0393c3f8-9f1f-11e7-b327-001e4fdf241c.json
2017-10-08 14:44:15.117 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\03f74aa0-a50e-11e7-b307-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\042fe65c-a109-11e7-a222-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\043248b6-a109-11e7-b4c1-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045150f4-a4ff-11e7-80e9-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045615b2-a4ff-11e7-b131-001e4fdf241c.json
2017-10-08 14:44:15.148 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\045d1c36-a4ff-11e7-8f12-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04aa0bf4-a50e-11e7-96b5-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04bef3ca-a50e-11e7-a36e-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\04c0b6fc-a53f-11e7-b107-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\05152b64-a50e-11e7-9aec-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0516bc8c-a53f-11e7-8858-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0540915e-a4a1-11e7-9cba-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\055ad064-a4a1-11e7-b31d-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\056e0a8a-a4a1-11e7-8d97-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\05fa7bfe-a4d4-11e7-bdb7-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\060ed61c-a4d4-11e7-aee0-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\061c92d6-a4ff-11e7-8728-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0661b712-a4ff-11e7-b678-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0728742a-a670-11e7-b6a7-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0728742c-a670-11e7-9976-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0791f7b4-a50e-11e7-9153-001e4fdf241c.json
2017-10-08 14:44:15.164 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\07fa384c-a50e-11e7-be9b-001e4fdf241c.json
2017-10-08 14:44:15.180 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\080a4dbc-a4a1-11e7-b312-001e4fdf241c.json
2017-10-08 14:44:15.180 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0812cfb4-a4a1-11e7-9540-001e4fdf241c.json
2017-10-08 14:44:15.195 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\081a70fc-a4a1-11e7-bda2-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0858b362-a4a1-11e7-87da-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\08b6f58a-a4a1-11e7-8a2a-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\090f2ca0-a4a1-11e7-82ea-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09b2323e-a4ff-11e7-bb3a-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09bee6ca-9ea9-11e7-83bd-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09c2de88-9ea9-11e7-9957-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09c9cc00-a50e-11e7-8921-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\09d68e42-9ea9-11e7-ad6c-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a070552-a4ff-11e7-a960-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a855dda-a50e-11e7-9278-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a8ee738-a50e-11e7-b7c8-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a93b2e2-a4ee-11e7-beef-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0a961546-a4ee-11e7-8ae5-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0adaea74-a4a1-11e7-8abf-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ae3e048-9f1f-11e7-8518-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ae7b0f6-9f1f-11e7-92ce-001e4fdf241c.json
2017-10-08 14:44:15.211 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0aed1bae-a4a1-11e7-89d9-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0aef2e00-a4f9-11e7-9374-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0af77498-a4f9-11e7-b573-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0af8ad0e-a4f9-11e7-827b-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0bc6cacc-a503-11e7-83b1-001e4fdf241c.json
2017-10-08 14:44:15.227 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0bcb8f80-a503-11e7-b671-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c131a9a-a4e4-11e7-b53d-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c131a9c-a4e4-11e7-9869-001e4fdf241c.json
2017-10-08 14:44:15.242 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c157cfe-a4e4-11e7-9bec-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c576536-a50e-11e7-9dda-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c5a7280-a50e-11e7-a649-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0c7343d4-a4ee-11e7-af1a-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ca440ee-a4e7-11e7-901e-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cad1052-a4e7-11e7-b37f-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cb12f16-a4e7-11e7-b679-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cc54b88-a4f9-11e7-869b-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cf4fa90-a4f9-11e7-802f-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cf82172-a4fc-11e7-9f67-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cfa83e0-a4fc-11e7-ad55-001e4fdf241c.json
2017-10-08 14:44:15.273 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0cfce63a-a4fc-11e7-ad35-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0d77aa3e-a50e-11e7-9132-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0dd602fc-a4e4-11e7-b778-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e0a76ae-a4e4-11e7-a51a-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e5b3fe6-a4e7-11e7-92d9-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0e9e01d2-a4e7-11e7-8675-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0ecbf3f2-a4fc-11e7-b305-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0f0e1318-a4fc-11e7-b62e-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0fe5829e-a5b0-11e7-a3f4-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\0fea475c-a5b0-11e7-871f-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\100b4eb0-a4ee-11e7-8e8d-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\10406d10-a4f9-11e7-9110-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\108d31f4-a4f9-11e7-92c1-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1135a77a-a0c7-11e7-be6e-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\113a9bd8-a49e-11e7-b2b1-001e4fdf241c.json
2017-10-08 14:44:15.289 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\114d5f52-a49e-11e7-9ff9-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1157085c-a0c7-11e7-a11c-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\116358ac-a49e-11e7-922b-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\117ef97c-a4e4-11e7-9f36-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\118252ca-a49e-11e7-bace-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\118f24ee-a0c7-11e7-abc8-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\119f2a08-a49e-11e7-a932-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\119f7544-a4e4-11e7-ba30-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\11b2642e-a49e-11e7-8cf1-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\120aa474-a4e7-11e7-b316-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1217c448-a0c7-11e7-80bb-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\121eeb56-a0c7-11e7-a958-001e4fdf241c.json
2017-10-08 14:44:15.305 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\122ad72c-a0c7-11e7-b6bc-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1244dbd0-a4e7-11e7-b3e4-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1263e3da-a4fc-11e7-b232-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1282ffec-a0c7-11e7-9b2e-001e4fdf241c.json
2017-10-08 14:44:15.320 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12987516-a0c7-11e7-9d23-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12a1fe88-a0c7-11e7-9851-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\12ae913c-a4fc-11e7-85a2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1301344e-a4b8-11e7-8ab3-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13013450-a4b8-11e7-a1d5-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\130396a8-a4b8-11e7-98f2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\134e90a4-a607-11e7-9b05-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13557720-a607-11e7-8da2-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1392f3be-a4f6-11e7-a4ac-001e4fdf241c.json
2017-10-08 14:44:15.336 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\1395560e-a4f6-11e7-8622-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13955610-a4f6-11e7-88ef-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\13ab307e-a50e-11e7-a3f1-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\147dd706-a49e-11e7-84aa-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\148af27e-a49e-11e7-9131-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14a49562-a49e-11e7-aeda-001e4fdf241c.json
2017-10-08 14:44:15.352 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14b42486-a4b8-11e7-827f-001e4fdf241c.json
2017-10-08 14:44:15.367 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\14c452da-a49e-11e7-bad1-001e4fdf241c.json
2017-10-08 14:44:15.414 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\
2017-10-08 14:44:15.430 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\prot.mbdb
2017-10-08 14:44:15.430 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\Quarantine\
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\2576cfd2-a245-11e7-af1f-001e4fdf241c.data
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\2576cfd2-a245-11e7-af1f-001e4fdf241c.quar
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\25a5f09e-a6fc-11e7-bf2e-001e4fdf241c.data
2017-10-08 14:44:15.805 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\25a5f09e-a6fc-11e7-bf2e-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4b080705-a7c5-11e7-bb85-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4b080705-a7c5-11e7-bb85-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bc05ad7-a30e-11e7-bc89-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\4bc05ad7-a30e-11e7-bc89-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\76519f49-a3d7-11e7-a420-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\76519f49-a3d7-11e7-a420-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\771a4343-a88e-11e7-81bc-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\771a4343-a88e-11e7-81bc-001e4fdf241c.quar
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\7c889397-9f20-11e7-82f3-001e4fdf241c.data
2017-10-08 14:44:15.820 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\7c889397-9f20-11e7-82f3-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\a7ae68e3-9fe9-11e7-ac72-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\a7ae68e3-9fe9-11e7-ac72-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\b58be137-a4a0-11e7-994b-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\b58be137-a4a0-11e7-994b-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cf9d9c63-a569-11e7-8cdc-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cf9d9c63-a569-11e7-8cdc-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cfa141a3-a0b2-11e7-8f8d-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\cfa141a3-a0b2-11e7-8f8d-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\f5704b3d-a632-11e7-a7ed-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\f5704b3d-a632-11e7-a7ed-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\fa0ab7ed-a17b-11e7-8541-001e4fdf241c.data
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\fa0ab7ed-a17b-11e7-8541-001e4fdf241c.quar
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\Quarantine\
2017-10-08 14:44:15.836 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\rdefs.mbdb
2017-10-08 14:44:15.836 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\25746d78-a245-11e7-96b1-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\25a2bc4e-a6fc-11e7-ac76-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4b080704-a7c5-11e7-8b45-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\4bc05ad6-a30e-11e7-a4fc-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\76519f48-a3d7-11e7-a1af-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\771a4342-a88e-11e7-9e3a-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\7c889396-9f20-11e7-8ff8-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\a7ae68e2-9fe9-11e7-bb00-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\b58be136-a4a0-11e7-801b-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\cf9d9c62-a569-11e7-aa98-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\cfa141a2-a0b2-11e7-a70d-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\f5704b3c-a632-11e7-a5e6-001e4fdf241c.json
2017-10-08 14:44:15.945 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\fa0ab7ec-a17b-11e7-8c1b-001e4fdf241c.json
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\RtpDetections\
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\rules.mbdb
2017-10-08 14:44:15.961 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\scan.mbdb
2017-10-08 14:44:15.961 Trying to delete path C:\ProgramData\Malwarebytes\MBAMService\ScanResults\
2017-10-08 14:44:15.992 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\1e74acf1-a8a7-11e7-aa91-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\22d4db0a-a3f0-11e7-8788-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\24a36deb-9f39-11e7-8a92-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\4d42e110-a4b9-11e7-b73e-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\4ec3c7cc-a002-11e7-8f48-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\74b5aedf-a582-11e7-a797-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\76368474-a0cb-11e7-badf-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\9f1ad48c-a64b-11e7-b99f-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\a0aa967c-a194-11e7-a440-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\c9ed175a-a714-11e7-a86d-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\cb43f3a1-a25d-11e7-990b-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f23d0a22-9ea8-11e7-b861-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f3edcd82-a7dd-11e7-82b3-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\f5713498-a326-11e7-9473-001e4fdf241c.json
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\ScanResults\
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\tids.mbdb
2017-10-08 14:44:16.008 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\wprot.mbdb
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Malwarebytes\MBAMService\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Malwarebytes\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-08 14:44:16.023 Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:44:16.023 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk
2017-10-08 14:44:16.086 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk
2017-10-08 14:44:16.086 Trying to delete file or folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:44:16.102 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\AeShim.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\arwlib.dll
2017-10-08 14:44:16.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ArwSdkShim.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\changes.txt
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
2017-10-08 14:44:16.133 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\iconengines\
2017-10-08 14:44:16.133 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qdds.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2017-10-08 14:44:16.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2017-10-08 14:44:16.148 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2017-10-08 14:44:16.148 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\imageformats\
2017-10-08 14:44:16.148 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_bg.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_cs.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_da.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_de.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_GB.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_en_US.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_es.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fi.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_fr.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hr.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_hu.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_it.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ja.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ko.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_nl.qm
2017-10-08 14:44:16.195 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_no.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pl.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_BR.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_pt_PT.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ro.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_ru.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sk.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sl.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_sv.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\lang_zh_TW.qm
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Languages\
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\libeay32.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbae-api-na.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
2017-10-08 14:44:16.211 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMCore.dll
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2017-10-08 14:44:16.227 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
2017-10-08 14:44:16.227 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe, reason:(Access is denied.(error=5))
2017-10-08 14:44:16.227 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe on reboot
2017-10-08 14:44:16.242 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\msvcp120.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\msvcr120.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MwacLib.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\MwacSdkShim.dll
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\platforms\
2017-10-08 14:44:16.258 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2017-10-08 14:44:16.258 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2017-10-08 14:44:16.274 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\plugins.qmltypes
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmldir
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\
2017-10-08 14:44:16.305 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\plugins.qmltypes
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmldir
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt\
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2017-10-08 14:44:16.305 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2017-10-08 14:44:16.320 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2017-10-08 14:44:16.430 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2017-10-08 14:44:16.430 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\plugins.qmltypes
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\qmldir
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\
2017-10-08 14:44:16.445 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQml\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2017-10-08 14:44:16.445 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\plugins.qmltypes
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\qtquickextrasflatplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Flat\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\qmldir
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\plugins.qmltypes
2017-10-08 14:44:16.461 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2017-10-08 14:44:16.461 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\qtquickextrasplugin.dll
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\plugins.qmltypes
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qmldir
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-10-08 14:44:16.477 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\
2017-10-08 14:44:16.477 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\plugins.qmltypes
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\qmldir
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2017-10-08 14:44:16.570 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\
2017-10-08 14:44:16.570 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\plugins.qmltypes
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\qmldir
2017-10-08 14:44:16.586 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2017-10-08 14:44:16.602 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\plugins.qmltypes
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qmldir
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2017-10-08 14:44:16.602 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\
2017-10-08 14:44:16.602 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2017-10-08 14:44:16.883 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListDestination.qml
2017-10-08 14:44:17.070 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListLink.qml
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\JumpListSeparator.qml
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\plugins.qmltypes
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qmldir
2017-10-08 14:44:17.086 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\rtp.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\RtpShim.dll
2017-10-08 14:44:17.102 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
2017-10-08 14:44:17.102 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2017-10-08 14:44:17.117 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\softwarecontext.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\scenegraph\
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionSdk.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionShim.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\serviceconfig.json
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\ssleay32.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll
2017-10-08 14:44:17.133 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll, reason:(Access is denied.(error=5))
2017-10-08 14:44:17.133 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\suhlpr.dll on reboot
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
2017-10-08 14:44:17.133 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2017-10-08 14:44:17.133 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat, reason:(The process cannot access the file because it is being used by another process.(error=32))
2017-10-08 14:44:17.133 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat on reboot
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\unins000.msg
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\zlib.dll
2017-10-08 14:44:17.149 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:44:17.149 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The process cannot access the file because it is being used by another process.(error=32))
2017-10-08 14:44:17.149 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService
2017-10-08 14:44:17.149 Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService
2017-10-08 14:44:17.149 --------BEGINNING OF THE UNINSTALLER LOG FILE ----------
2017-10-08 14:42:14.756 Log opened. (Time zone: UTC+01:00)
2017-10-08 14:42:14.756 Setup version: Inno Setup version 5.5.8 (u)
2017-10-08 14:42:14.756 Original Uninstall EXE: C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe
2017-10-08 14:42:14.756 Uninstall DAT: C:\Program Files\Malwarebytes\Anti-Malware\unins000.dat
2017-10-08 14:42:14.756 Uninstall command line: /SECONDPHASE="C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" /FIRSTPHASEWND=$505A2 /LOG /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\Dad\AppData\Local\Temp\Mbam3x.log"
2017-10-08 14:42:14.756 Windows version: 10.0.14393 (NT platform: Yes)
2017-10-08 14:42:14.756 64-bit Windows: No
2017-10-08 14:42:14.756 Processor architecture: x86
2017-10-08 14:42:14.756 User privileges: Administrative
2017-10-08 14:42:14.896 64-bit install mode: No
2017-10-08 14:42:14.943 Created temporary directory: C:\Users\Dad\AppData\Local\Temp\is-43OC4.tmp
2017-10-08 14:42:15.021 Uninstalling service
2017-10-08 14:42:19.715 Installed service, result 0
2017-10-08 14:42:19.715 Uninstall service complete
2017-10-08 14:44:25.602 --------END OF LOG FILE ----------
2017-10-08 14:49:17.858 >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.2.2.2029 <<<<<<<<.
2017-10-08 14:49:28.548 Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2017-10-08 14:49:33.063 HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2017-10-08 14:49:36.548 HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2017-10-08 14:49:40.240 HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2017-10-08 14:49:44.552 HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2017-10-08 14:49:45.209 HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2017-10-08 14:49:50.693 HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2017-10-08 14:49:55.232 HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2017-10-08 14:49:56.685 Trying to delete path C:\ProgramData\Malwarebytes\
2017-10-08 14:49:56.685 Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2017-10-08 14:49:56.685 Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2017-10-08 14:49:56.685 Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2017-10-08 14:49:56.685 Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:49:56.685 Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2017-10-08 14:49:56.685 Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The directory is not empty.(error=145))
2017-10-08 14:49:56.685 Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2017-10-08 14:56:41.146 Malwarebytes v3.x was installed successfully.
2017-10-08 14:56:41.146 Launching process:"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
2017-10-08 14:56:55.957 --------END OF LOG FILE ----------
 
Omg

Omg!

My PC is in a restart cycle with the blue screen of death - your PC ran into problems and hazy I restart and it tries automatic repair which fails and now I can't even get Windows to load - offers me a system restore which is no use as mine are way out of date.
Is offering me advanced options but not sure what to do - pressed the f1 debugging option but it failed to work and fell into the cycle again.

Please help

I'm using my phone now to post replies
 
When I try and boot into safe mode with networking it restarts and a grey screen appears saying we couldn't complete the updates
undoing changes
Don't turn off your PC

Takes ages restarts
Blue screen again
Tried twice

Sounds like Windows has tried to install an update that's messed itself up ???
 
If your Windows 10/8 fails to boot, it will launch Automatic Repair, in order to attempt to repair Windows. If Automatic Repair also fails, you will want to use the Refresh your PC or Reset your PC option. To do so, you will select Advanced options > Troubleshoot > Reset or Refresh.

http://www.thewindowsclub.com/windows-8-fails-to-boot-automatic-repair-refresh-reset-pc-fail

PC is acting much better thanks - download dialogue appears within 30 seconds or so and was ages before.
Click to expand...
what happened between there and now?

also
Restarting or Continuously Reboots
https://www.easeus.com/computer-instruction/windows-10-continuously-reboots.html
 
woody55 said:
When I try and boot into safe mode with networking it restarts and a grey screen appears saying we couldn't complete the updates
undoing changes
Don't turn off your PC

Takes ages restarts
Blue screen again
Tried twice

Sounds like Windows has tried to install an update that's messed itself up ???
Click to expand...

yes
it appears it was running in the background...
let's see if it can finish
 
try safe mode with networking again
anything trying to work?

Open task manager and see if there is any CPU being used.
 
What brand name computer is this?
I'll try searching for links to use the reset options.
 
3rd time lucky
I'm now in - via safe mode with networking - what should I do first?

I hadn't done anything other than try and remove malwarebytes a couple more times and reinstall it as before.
PC had been sitting idle when I went to check my emails an hour later it was in a restart cycle and I had left it on ??

Looking at recently installed programs it seems Windows installed a
Windows 10 update and privacy settings update 1.81mb on the 5th (3 days ago). That might be something because I guess when I had insouciant installed it had stopped updates affecting my PC

Can't seem to uninstall this update though as it says "the Windows installer service could not be accessed .... Blah blah

Are there any startup logs from previous failed attempts I can post that might tell us what happened ?
 
omg, scary

afraid to ask what happens when you try to boot into normal mode.

Was all going well until the attempts with MBAM?

those error messages were from Microsoft.
 
Status
Not open for further replies.
Back
Top