Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with red screen warning, will not update, no memory


  • This topic is locked This topic is locked
4 replies to this topic

#1 aimster216

aimster216

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:35 AM

Posted 15 February 2018 - 12:15 PM

Hi. I am afraid I have an unknown virus/maleware on my pc. Windows 10 will not update bc it says I am out of memory. Have tried a full factory reset and there are practically no files saved on pc, so I am unsure why the memory is all used up. Computer is SLOW, freezes randomly, also getting a red screen warning that I have a virus and it opens a million pop ups. I have followed some other tutorials here and it has not improved my pc. I downloaded and ran rrkill, sophos virus remover, maleware removers and jrt. There was only one issue found and deleted from my pc when I ran all these programs but it did not free up any memory or improve my speed. Please help me!!!

 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Optical (administrator) on DESKTOP-TFH2NRI (15-02-2018 11:06:47)
Running from C:\Users\Optical\Downloads
Loaded Profiles: Optical (Available Profiles: Optical)
Platform: Windows 10 Home 10240.17443 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235440 2018-01-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2018-01-09] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229080 2015-06-02] (Realtek Semiconductor Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3877936 2015-06-12] (Dell Inc.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2018-01-09] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Audio Ltd.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3964024 2018-01-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [330240 2015-02-26] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a8ccbf6-2774-4bca-9905-77f62532a025}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bf8708e-3ad0-4daa-8809-4b9d09451be1}: [DhcpNameServer] 172.21.1.171
 
Internet Explorer:
==================
HKU\S-1-5-21-1855682022-172975426-4291586788-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-1855682022-172975426-4291586788-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-12-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-12-21] (McAfee, Inc.)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2017-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-01-22] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-12-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-12-21] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-19] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default [2018-02-15]
CHR Extension: (Slides) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-19]
CHR Extension: (Docs) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-19]
CHR Extension: (Google Drive) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-19]
CHR Extension: (YouTube) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-19]
CHR Extension: (Sheets) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-19]
CHR Extension: (Gmail) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-19]
CHR Extension: (Chrome Media Router) - C:\Users\Optical\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0019211518540527mcinstcleanup; C:\Windows\TEMP\001921~1.EXE [1013256 2017-12-19] (McAfee, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [117976 2015-06-02] ()
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2018-01-09] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [728808 2017-12-20] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [697288 2017-12-19] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [357840 2017-09-29] (McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-29] (McAfee LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [466384 2017-09-29] (McAfee LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc.)
R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (Intel Security, Inc.)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2018-01-09] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263792 2018-01-09] (Synaptics Incorporated)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77280 2017-10-19] (McAfee LLC)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel® Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [89592 2015-06-03] (Intel® Corporation)
S3 iauarte; C:\Windows\System32\drivers\iauarte.sys [112640 2015-06-03] (Intel® Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5875136 2018-01-09] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [492512 2017-10-19] (McAfee LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [355808 2017-10-19] (McAfee LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84016 2017-10-19] (McAfee LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [506336 2017-10-19] (McAfee LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [938464 2017-10-19] (McAfee LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [507304 2017-11-15] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108456 2017-11-15] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115168 2017-10-19] (McAfee LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252896 2017-10-19] (McAfee LLC)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [598272 2015-05-21] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [427528 2018-01-15] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4175104 2015-06-11] (Realtek Semiconductor Corporation )
R3 SynRMIHID; C:\Windows\System32\drivers\SynRMIHID.sys [74352 2018-01-09] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-15 11:06 - 2018-02-15 11:07 - 000017949 _____ C:\Users\Optical\Downloads\FRST.txt
2018-02-15 11:06 - 2018-02-15 11:06 - 002405376 _____ (Farbar) C:\Users\Optical\Downloads\FRST64.exe
2018-02-15 11:06 - 2018-02-15 11:06 - 000000000 ____D C:\FRST
2018-02-15 10:49 - 2018-02-15 10:49 - 000016148 _____ C:\Windows\system32\DESKTOP-TFH2NRI_Optical_HistoryPrediction.bin
2018-02-14 20:02 - 2018-02-14 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-02-14 15:58 - 2018-02-15 07:38 - 000003606 _____ C:\Windows\System32\Tasks\McAfee DAT Built in test
2018-02-12 12:08 - 2018-02-12 12:09 - 000002072 _____ C:\Users\Optical\Desktop\Rkill.txt
2018-02-12 12:08 - 2018-02-12 12:08 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Optical\Downloads\iExplore.exe
2018-02-12 11:34 - 2018-02-12 11:34 - 000003560 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2018-02-12 10:31 - 2018-02-12 11:44 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-02-12 10:31 - 2018-02-12 10:31 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\2113914E.sys
2018-02-12 10:31 - 2018-02-12 10:31 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2018-02-12 10:31 - 2018-02-12 10:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-12 10:30 - 2018-02-12 11:44 - 000000000 ____D C:\Users\Optical\Desktop\mbar
2018-02-12 10:30 - 2018-02-12 10:30 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Optical\Downloads\mbar-1.10.3.1001.exe
2018-02-12 09:43 - 2018-02-12 09:43 - 000000000 ____D C:\ProgramData\Sophos
2018-02-12 09:42 - 2018-02-12 09:43 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-02-12 09:42 - 2018-02-12 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-02-12 09:42 - 2018-02-12 09:42 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-02-12 09:35 - 2018-02-12 09:38 - 191206408 _____ (Sophos Limited) C:\Users\Optical\Downloads\Sophos Virus Removal Tool.exe
2018-02-12 09:23 - 2018-02-12 09:23 - 000000801 _____ C:\Users\Optical\Desktop\JRT.txt
2018-02-12 09:18 - 2018-02-12 09:18 - 001790024 _____ (Malwarebytes) C:\Users\Optical\Downloads\JRT.exe
2018-02-12 09:13 - 2018-02-12 10:26 - 000000000 ____D C:\AdwCleaner
2018-02-12 09:12 - 2018-02-12 09:12 - 008222496 _____ (Malwarebytes) C:\Users\Optical\Downloads\AdwCleaner.exe
2018-02-12 08:59 - 2018-02-12 08:59 - 000448512 _____ (OldTimer Tools) C:\Users\Optical\Downloads\TFC.exe
2018-01-29 14:39 - 2018-01-29 14:39 - 001874538 _____ C:\Users\Optical\Downloads\2018 G-4008 Bell Traditional 10%.pdf
2018-01-26 11:02 - 2018-01-26 11:02 - 000003823 _____ C:\Users\Optical\Downloads\annual-report-2017.xlsx
2018-01-26 10:47 - 2018-01-26 10:47 - 000001330 _____ C:\Users\Optical\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk
2018-01-26 10:39 - 2018-01-26 10:40 - 011605440 _____ (SurfRight B.V.) C:\Users\Optical\Downloads\HitmanPro_x64.exe
2018-01-26 10:37 - 2018-01-26 10:45 - 000000000 ____D C:\ProgramData\HitmanPro
2018-01-26 10:37 - 2018-01-26 10:37 - 011024040 _____ (SurfRight B.V.) C:\Users\Optical\Downloads\HitmanPro.exe
2018-01-26 10:31 - 2018-01-26 10:31 - 000000000 ____D C:\Users\Optical\Downloads\backups
2018-01-26 10:26 - 2018-01-26 10:26 - 000388608 _____ (Trend Micro Inc.) C:\Users\Optical\Downloads\HijackThis.exe
2018-01-26 10:15 - 2018-01-26 10:15 - 001874538 _____ C:\Users\Optical\Downloads\Untitled
2018-01-26 08:25 - 2018-01-26 08:25 - 000000000 ____D C:\Windows\UpdateAssistant
2018-01-24 12:38 - 2018-01-18 01:05 - 000108584 _____ (Microsoft Corporation) C:\Windows\system32\osrss.dll
2018-01-19 11:06 - 2018-01-19 11:06 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-19 11:06 - 2018-01-19 11:06 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-19 11:04 - 2018-01-19 11:15 - 000000000 ____D C:\Users\Optical\AppData\Local\Google
2018-01-19 11:04 - 2018-01-19 11:05 - 000000000 ____D C:\Program Files (x86)\Google
2018-01-19 11:04 - 2018-01-19 11:04 - 001129816 _____ (Google Inc.) C:\Users\Optical\Downloads\ChromeSetup.exe
2018-01-19 11:04 - 2018-01-19 11:04 - 000003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-19 11:04 - 2018-01-19 11:04 - 000003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-14 12:42 - 2018-01-09 11:13 - 000000000 ____D C:\Windows\INF
2018-02-14 10:43 - 2018-01-09 12:37 - 000000000 ____D C:\Windows\system32\MRT
2018-02-14 10:41 - 2018-01-09 12:37 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-14 10:41 - 2018-01-09 12:37 - 000000000 ____C C:\Windows\system32\MRT-KB890830.exe
2018-02-13 10:51 - 2018-01-10 22:03 - 000003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2018-02-13 10:49 - 2018-01-10 22:03 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2018-02-13 10:47 - 2015-09-11 23:30 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-02-13 08:38 - 2018-01-09 11:16 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-13 08:38 - 2018-01-09 11:16 - 000000000 ____D C:\Windows\AppReadiness
2018-02-12 15:22 - 2018-01-09 12:54 - 000000813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-02-12 15:22 - 2018-01-09 12:54 - 000000801 _____ C:\Users\Optical\Desktop\Windows 10 Update Assistant.lnk
2018-02-12 15:22 - 2018-01-09 12:54 - 000000000 ____D C:\Windows10Upgrade
2018-02-12 08:17 - 2015-09-11 23:22 - 000875126 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-12 08:12 - 2018-01-09 10:46 - 000000000 __SHD C:\Users\Optical\IntelGraphicsProfiles
2018-02-12 08:12 - 2018-01-09 10:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-12 08:09 - 2018-01-09 12:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-08 16:51 - 2018-01-09 12:37 - 000000000 ____D C:\Program Files\rempl
2018-02-07 17:16 - 2018-01-09 10:44 - 000032768 ___SH C:\Windows\system32\config\ELAM
2018-02-03 08:17 - 2015-09-11 23:37 - 000000000 ____D C:\ProgramData\Dell
2018-02-03 08:17 - 2015-09-11 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-02-03 08:17 - 2015-09-11 23:17 - 000000000 ____D C:\Program Files\Dell
2018-01-31 08:27 - 2018-01-09 10:22 - 000000000 ____D C:\Users\Optical
2018-01-29 13:18 - 2018-01-09 10:44 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-01-26 10:27 - 2018-01-09 10:22 - 000000000 ____D C:\Users\Optical\AppData\Local\VirtualStore
2018-01-26 10:11 - 2018-01-09 11:16 - 000000000 ____D C:\Windows\LiveKernelReports
2018-01-25 08:24 - 2018-01-09 10:34 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1855682022-172975426-4291586788-1001
2018-01-25 08:24 - 2018-01-09 10:31 - 000002371 _____ C:\Users\Optical\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-25 08:24 - 2018-01-09 10:31 - 000000000 ___RD C:\Users\Optical\OneDrive
2018-01-23 10:33 - 2015-09-11 23:30 - 000000000 ____D C:\Program Files\mcafee
2018-01-23 10:33 - 2015-09-11 23:30 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-01-23 09:07 - 2018-01-09 11:16 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-01-23 08:21 - 2018-01-09 12:28 - 000003446 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2018-01-18 11:16 - 2018-01-09 10:27 - 000000000 ____D C:\Windows\System32\Tasks\Dell
2018-01-18 11:15 - 2015-09-11 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-18 10:44 - 2018-01-09 10:22 - 000000000 ____D C:\Users\Optical\AppData\Local\Packages
2018-01-18 10:38 - 2015-09-11 23:30 - 000000000 ____D C:\ProgramData\McAfee
 
==================== Files in the root of some directories =======
 
2018-01-09 10:22 - 2018-02-13 08:37 - 000035248 _____ () C:\Users\Optical\AppData\Local\BTServer.log
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\MRT-KB890830.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-09 11:50
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Optical (15-02-2018 11:08:32)
Running from C:\Users\Optical\Downloads
Windows 10 Home 10240.17443 (X64) (2018-01-09 16:20:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1855682022-172975426-4291586788-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1855682022-172975426-4291586788-503 - Limited - Disabled)
Guest (S-1-5-21-1855682022-172975426-4291586788-501 - Limited - Disabled)
Optical (S-1-5-21-1855682022-172975426-4291586788-1001 - Administrator - Enabled) => C:\Users\Optical
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{8D7B279C-A661-465C-9658-F62FBD6A6B91}) (Version: 2.1.3.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.15 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R7 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.163 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1855682022-172975426-4291586788-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.31 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.1.506.2015 - Realtek)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6BFBB929-C278-42B3-8065-FF1178E071B8}) (Version: 13.218.243 - REALTEK Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
Windows Driver Package - Intel Corporation (iagpioe) System  (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System  (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System  (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-01-09] (Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1E9E6476-972E-4CFE-9155-77C40EFD488E} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2017-10-04] (McAfee, Inc.)
Task: {43501B12-1F66-46D3-890E-AD59141E897A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {47C35DAE-EEDD-4D36-A477-10F3B5197615} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-12-22] (Dell Inc.)
Task: {482EF1AD-6C2C-4E7F-A256-357C154974CF} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {5930BB46-8751-4896-A887-D8F675B1FD81} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {8D8D56B8-5623-42ED-8777-42ACCB5E40AC} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.5.243\mcdatrep.exe [2018-01-11] (McAfee, LLC.)
Task: {921038E8-2094-4D90-B401-D258F53000EA} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {97E8D05C-DADC-4418-B38A-3CF2D6449689} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-01-09] (Realtek Semiconductor)
Task: {A90BB5DC-56EA-4591-9A6D-4F225ECA4838} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-01-03] (McAfee, Inc.)
Task: {AD0EFE8C-7C90-4657-950F-272C84AF7EFF} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2017-11-23] (McAfee, Inc.)
Task: {AF85A221-4EDD-44C4-A5A6-B1D2DAF5B77C} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BED668F6-D590-49CF-86A1-219FF5F8411C} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {E625A90C-46A1-4FCF-895A-E5A0DE155EE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-19] (Google Inc.)
Task: {EF774FEB-FDB6-49DF-A64A-2DC45E89AC8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-19] (Google Inc.)
Task: {F0D17FC7-C1E6-442B-BD5F-A5C5B8B20A64} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-12 00:00 - 2015-09-12 00:00 - 000032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-11-08 17:13 - 2016-10-25 01:15 - 000404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-09-11 23:25 - 2015-06-02 11:25 - 000117976 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2017-06-29 10:26 - 2017-06-03 07:39 - 002495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-09-11 23:25 - 2014-07-03 10:22 - 000277720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe
2015-11-03 14:03 - 2015-09-16 23:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-06-29 10:27 - 2017-04-27 17:44 - 006569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-16 10:14 - 2016-11-19 00:06 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-29 10:26 - 2017-04-27 17:42 - 001808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-03 14:04 - 2015-09-16 23:43 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:00 - 2015-07-10 07:15 - 000210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2018-01-15 15:43 - 2017-12-21 10:53 - 001724384 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2018-01-15 15:43 - 2017-12-21 10:53 - 000584104 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2018-01-19 11:06 - 2018-01-03 03:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-19 11:06 - 2018-01-03 03:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2015-06-23 17:26 - 2015-06-23 17:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-11-21 13:50 - 2017-11-21 13:50 - 000134016 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 05:04 - 2015-07-10 05:02 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1855682022-172975426-4291586788-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{0463A59A-27B6-4D52-9985-D88A6606F78C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5AE68B28-23F4-428B-8AE6-C82882236D71}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{C57E5AE1-A988-4AD3-BECC-BF5C48D3AE09}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{1558A505-2953-4070-9582-3CE459A59FC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/14/2018 10:40:58 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x8004231f).
 
Error: (02/14/2018 10:40:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/13/2018 12:26:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/13/2018 12:21:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TFH2NRI)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2147023441 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/12/2018 09:19:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/12/2018 08:36:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Windows10UpgraderApp.exe version 1.4.9200.22350 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 22dc
 
Start Time: 01d3a40bf1e84045
 
Termination Time: 2606
 
Application Path: C:\Windows10Upgrade\Windows10UpgraderApp.exe
 
Report Id: 05c18433-1002-11e8-9bd7-4cbb58d247e4
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/12/2018 08:32:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TFH2NRI)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/07/2018 05:43:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (02/14/2018 11:36:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
Error: (02/14/2018 10:40:58 AM) (Source: volsnap) (EventID: 41) (User: )
Description: When preparing a new volume shadow copy for volume C:, the shadow copy storage on volume C: did not have sufficiently large contiguous blocks.  Consider deleting unnecessary files on the shadow copy storage volume or use a different shadow copy storage volume.
 
Error: (02/13/2018 12:27:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (02/13/2018 10:54:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
Error: (02/13/2018 10:46:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TFH2NRI)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (02/13/2018 08:42:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
Error: (02/12/2018 09:52:30 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (02/12/2018 09:00:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Security Assist service terminated unexpectedly.  It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2018-01-09 10:29:09.994
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N3050 @ 1.60GHz
Percentage of memory in use: 82%
Total physical RAM: 1959.65 MB
Available physical RAM: 346.43 MB
Total Virtual: 3111.65 MB
Available Virtual: 529.88 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:28.07 GB) (Free:0.06 GB) NTFS
 
\\?\Volume{d9b6085a-16d3-4f96-bd43-26d7d0db0bb1}\ (WINRETOOLS) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: EFEA2003)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 


BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:35 AM

Posted 15 February 2018 - 02:48 PM

Hello

  •   Welcome to Bleeping Computer.
  •   My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  •   Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  •   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  •   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  •   In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  •   Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will start to update its database...please wait until complete.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

 

2.

ZN3USrZ.png Emsisoft Emergency Kit

  • Click here to download Emsisoft Emergency Kit. The download will automatically start after a moment.
  • Save EmsisoftEmergencyKit.exe to your Desktop.
  • Double click on EmsisoftEmergencyKit.exe (Windows Vista/7/8 users: Accept UAC warning if it is enabled). A screen like this will appear:
    dQVDkTW.png
  • Leave everything as it is, then click Extract. This will unpack Emsisoft Emergency Kit to the EEK folder located in the root drive (usually C:\).
  • Once the extraction is done, an icon qwL1Upn.png will appear on your Desktop. Double click it to start Emsisoft Emergency Kit.
  • Wait for Emsisoft Emergency Kit to finish loading signatures. A screen like this should appear:
    yEgPemv.png
  • Choose Yes, then wait for EEK to finish updating.
  • Choose Malware Scan under the Scan button. When EEK asks to activate PUP detection, choose Yes.
  • Wait for the scan to finish.
    RUeRoi4.png
  • If EEK detects something, all detected items will be displayed. Place a checkmark before everything, then choose Quarantine Selected.
  • If Emsisoft Emergency Kit asks to reboot, please do so immediately.
  • The scan log is located in Logs -> Scan Logs. Click on the entry of the latest scan, choose Export and save the report on your Desktop.
    P7FSALs.png
  • Please Copy and Paste the contents of the scan log in your next reply.

 

Things to include in your next reply::

AdwCleaner log

Emsisoft log

How is your computer running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 aimster216

aimster216
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:35 AM

Posted 16 February 2018 - 11:58 AM

# AdwCleaner 7.0.8.0 - Logfile created on Fri Feb 16 16:57:13 2018
# Updated on 2018/08/02 by Malwarebytes 
# Database: 02-16-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2018/2/12 15:17:23]
C:/AdwCleaner/AdwCleaner[S1].txt - [1012 B] - [2018/2/12 16:26:18]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:35 AM

Posted 20 February 2018 - 02:57 PM

Can you please post the Emsisoft log


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:07:35 AM

Posted 01 March 2018 - 03:22 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users