Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trying to clean Bosses laptop. Www.mysearch.com for sure, seems like a lot more


  • Please log in to reply
9 replies to this topic

#1 Big_O

Big_O

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 02:30 PM

My wife volunteered me to help clean up her laptop. Right away I noticed they tried to download a ton of anti virus programs and weren't up to date with window updates. I'm afraid there are a ton of issues with this laptop as it's used by her kidd for gaming as well. I've downloaded Farbar and run the scan. I'm fairly computer literate but not versed with this type of work. I'd appreciate any help I can get at this point.


Edited by hamluis, 20 May 2018 - 02:30 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 02:46 PM

I'm trying to get the log txt copied into this post but the browser is virtually unusable, typing this from my phone.

#3 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 02:53 PM

Also getting pop up. "Reimage: crashed program" livecomm.exe has recently crashed. Wanting me to scan now. I just force close it.

#4 JohnC_21

JohnC_21

  • Members
  • 24,448 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 20 May 2018 - 03:13 PM

What browser are you using?

 

Did you by chance see the BC guide on removing this infection?

 

https://www.bleepingcomputer.com/virus-removal/remove-my-search.com-search-redirect

 

You can download Rkill on another computer and save to a flash drive.



#5 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 03:21 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by mom (administrator) on MOMSCOMPUTER (20-05-2018 14:07:08)
Running from C:\Users\mom\Downloads
Loaded Profiles: mom (Available Profiles: UpdatusUser & mom & jaedi_000 & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(CompuClever Systems Inc.) C:\Users\mom\AppData\Local\CompuClever\Program Management Console\ccmanagementservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAOsvc.exe
(ConsumerInput) C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAO.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
() C:\Program Files (x86)\SuperPCCleaner\PerformanceMonitor.exe
(CompuClever Systems Inc.) C:\Users\mom\AppData\Local\CompuClever\Program Management Console\pmc.exe
Failed to access process -> WebUpdater.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Users\mom\AppData\Roaming\Gameo\gameo.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Slimware Utilities Holdings, Inc.) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink Corp\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink Corp\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\32\dynamiclinkmanager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\32\Adobe QT32 Server.exe
Failed to access process -> iCloudDrive.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Users\mom\AppData\Roaming\Gameo\gameo.exe
() C:\Users\mom\AppData\Roaming\Gameo\gameo.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(CompuClever Systems Inc) C:\Program Files (x86)\CompuClever\PC Clean Maestro\pccum.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
() C:\Program Files\ByteFence\rsLggr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
() C:\Program Files\WebUpdater\1.0.42.0\WebUpdater.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(PC Drivers Headquarters LP) C:\Program Files (x86)\Driver Support\DriverSupport.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\mcafee\VirusScan\mcods.exe
Failed to access process -> CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(McAfee, Inc.) C:\Program Files\mcafee\VirusScan\McVsShld.exe
() C:\Program Files\WebUpdater\1.0.42.0\WebUpdater.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Google) C:\Users\mom\AppData\Local\Google\Chrome\User Data\SwReporter\29.155.200\software_reporter_tool.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-09-07] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-11] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285680 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink Corp\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179928 2013-01-02] (cyberlink)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [835224 2011-09-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [Gameo] => C:\Users\mom\AppData\Roaming\Gameo\gameo.exe [42482176 2015-02-22] ()
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [148112 2015-07-31] ()
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [GoogleChromeAutoLaunch_F4C120E005E04571F6DAAA3455CFF710] => C:\Users\mom\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-03] (The Chromium Authors)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26179864 2015-12-15] (Slimware Utilities Holdings, Inc.)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1454864 2016-02-04] (Lavasoft)
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Run: [InetStat] => C:\Users\mom\AppData\Roaming\InetStat\inetstat.exe
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\MountPoints2: {37a98f40-d55c-11e4-be91-681729747e70} - "E:\Setup.exe" 
AppInit_DLLs-x32: C:/PROGRA~3/{D2163~1/193~1.1/neto.dll => C:\ProgramData\{D2163AD5-8294-EB53-3312-9BD1E390485F}\1.9.3.1\neto.dll [1010688 2015-03-24] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-08]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PlutoTV.lnk [2016-01-23]
ShortcutTarget: PlutoTV.lnk -> C:\Program Files (x86)\Pluto TV\PlutoTV.exe ()
Startup: C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2013-09-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * aswBoot.exe /M:7be9a52d /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-02-04] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-02-04] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-02-04] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-02-04] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2016-02-04] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2 192.168.1.1
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{17C41D36-44E8-4B62-917D-BB5D75BB3DB2}: [DhcpNameServer] 71.10.216.1 71.10.216.2 192.168.1.1
Tcpip\..\Interfaces\{3FE5E8CF-E82A-4ABB-ABEA-0220DE3AB2B5}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{B1263468-28B6-4A2D-BB3C-7F827FE40C61}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{B1263468-28B6-4A2D-BB3C-7F827FE40C61}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{C4A6FCFE-DD59-4D90-9667-C0C7394ED75A}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{C4A6FCFE-DD59-4D90-9667-C0C7394ED75A}: [DhcpNameServer] 82.163.143.157
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKLM -> DefaultScope {2530D994-2B03-4A3D-AA83-83B9E5B1A45C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-3b76d5ee&q={searchTerms}
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_ir_16_03&cd=2XzuyEtN2Y1L1Qzu0EtD0D0ByDyD0AzztC0BtCtDzzyDtCzztN0D0Tzu0StCyEzztAtN1L2XzutAtFtCyBtFyEtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0F0CtC0CtAtCtDtGyC0EzytCtGzztBtC0AtGyCzytBtCtGyD0AyDyEtA0E0EyC0Dzy0A0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyB0CyEyC0FzztAtGzy0A0C0EtGyE0ByByCtGzyyD0C0CtGyB0FyC0F0F0Czy0FtC0FtD0A2QtN0A0LzuyE&cr=636762230&ir=&q={searchTerms}
SearchScopes: HKLM -> {2530D994-2B03-4A3D-AA83-83B9E5B1A45C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_ggbg_15_13&cd=2XzuyEtN2Y1L1Qzu0EtD0D0ByDyD0AzztC0BtCtDzzyDtCzztN0D0Tzu0StCtCyBzztN1L2XzutAtFzztFtAtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCyBzzzytDyByD0BtGzytD0BtDtGyEtC0BtDtG0FyDtAtCtGtAyE0C0F0EtA0EzyyDtC0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyByD0B0D0FtCzytGtCyEzz0BtGyEtC0D0AtGzzyByC0FtGzyyE0Azy0EyD0AyD0EtCtC0E2Q&cr=102383386&ir=
SearchScopes: HKLM-x32 -> DefaultScope {2530D994-2B03-4A3D-AA83-83B9E5B1A45C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {2530D994-2B03-4A3D-AA83-83B9E5B1A45C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> DefaultScope {CE21142D-538C-4BD1-9BDD-18949F5BC512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = 
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {2530D994-2B03-4A3D-AA83-83B9E5B1A45C} URL = 
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {6586d803-df30-46d3-a89a-4136c8571d45} URL = 
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {CE21142D-538C-4BD1-9BDD-18949F5BC512} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3007767440-1319116421-455852504-1002 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-08-20] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll [2013-06-07] (Amazon Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll => No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-08-04] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-11-03] [Legacy] [not signed]
FF HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12297.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-20] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-08-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-3007767440-1319116421-455852504-1002: @nsroblox.roblox.com/launcher -> C:\Users\mom\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3007767440-1319116421-455852504-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\mom\AppData\Local\Roblox\Versions\version-8756646edb404aaf\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default [2018-05-20]
CHR Extension: (Slides) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Docs) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Google Drive) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-20]
CHR Extension: (YouTube) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Sheets) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-05-20]
CHR Extension: (Google Docs Offline) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Gmail) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0232421526835438mcinstcleanup; C:\WINDOWS\TEMP\023242~1.EXE [1031928 2018-05-20] (McAfee, Inc.)
R2 AdobeActiveFileMonitor10.0; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-11] (AVAST Software)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [147936 2017-04-03] (Byte Technologies LLC)
R2 CCManagementService; C:\Users\mom\AppData\Local\CompuClever\Program Management Console\ccmanagementservice.exe [160200 2015-08-20] (CompuClever Systems Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 CLKMSVC10_8ED54134; C:\Program Files (x86)\CyberLink Corp\PowerDVD10\NavFilter\kmsvc.exe [245888 2013-01-02] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2015-03-24] (ConsumerInput) <==== ATTENTION
S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2015-03-24] (ConsumerInput) <==== ATTENTION
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DSAO; C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe [2033104 2016-10-22] (PC Drivers HeadQuarters LP)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.) [File not signed]
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-02-04] (Lavasoft Limited) [File not signed]
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2013-11-13] (LeapFrog Enterprises, Inc.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [404376 2017-04-18] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037680 2018-04-25] (Reimage®)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2016-02-04] () [File not signed]
S2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe [556304 2015-05-02] () <==== ATTENTION
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [245016 2015-12-15] (SlimWare Utilities, Inc.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe [889016 2018-05-20] (Enigma Software Group USA, LLC.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-04-10] (Dell Inc.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [162256 2015-03-24] (RaMMicHaeL) [File not signed]
S2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [478992 2015-05-02] () <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 wusvc; C:\Program Files\WebUpdater\webupdaterservice.exe [61952 2017-03-07] (Web Updater Media) [File not signed]
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-06-21] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1436160 2012-11-29] (Wyse Technology.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 cae99edb; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptStats.dll",ENT
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-11] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-11] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-11] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-11] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-11] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-11] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-01-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457896 2018-01-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-11] (AVAST Software)
R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows ® Win 7 DDK provider)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 CompuCleverBootor; C:\Program Files (x86)\CompuClever\PC TuneUp Maestro\Bootor64.sys [24240 2015-08-20] (<Compuclever>)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2018-05-20] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 rtcrfilt64; C:\WINDOWS\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-07] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-07] (Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [13920 2017-08-24] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U1 aswbdisk; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-20 14:07 - 2018-05-20 14:15 - 000040158 _____ C:\Users\mom\Downloads\FRST.txt
2018-05-20 14:02 - 2018-05-20 14:07 - 000000000 ____D C:\FRST
2018-05-20 14:00 - 2018-05-20 14:00 - 002413056 _____ (Farbar) C:\Users\mom\Downloads\FRST64.exe
2018-05-20 13:52 - 2018-05-20 13:52 - 001773568 _____ (Farbar) C:\Users\mom\Downloads\FRST.exe
2018-05-20 13:50 - 2018-05-20 13:50 - 000003522 _____ C:\WINDOWS\System32\Tasks\McAfee DAT Built in test
2018-05-20 13:43 - 2018-05-20 13:43 - 000000000 _____ C:\autoexec.bat
2018-05-20 13:41 - 2018-05-20 13:41 - 000003326 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2018-05-20 13:41 - 2018-05-20 13:41 - 000001105 _____ C:\Users\mom\Desktop\SpyHunter.lnk
2018-05-20 13:41 - 2018-05-20 13:41 - 000000000 ____D C:\Users\mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2018-05-20 13:41 - 2018-05-20 13:41 - 000000000 ____D C:\sh4ldr
2018-05-20 13:41 - 2018-05-20 13:41 - 000000000 ____D C:\ProgramData\Enigma Software Group
2018-05-20 13:40 - 2018-05-20 13:40 - 000022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2018-05-20 13:40 - 2018-05-20 13:40 - 000000000 ____D C:\Program Files\Enigma Software Group
2018-05-20 13:39 - 2018-05-20 13:39 - 005800224 _____ (Enigma Software Group USA, LLC.) C:\Users\mom\Downloads\SpyHunter-Installer.exe
2018-05-20 12:56 - 2018-05-20 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-05-20 12:48 - 2018-05-20 12:48 - 000002318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-20 12:48 - 2018-05-20 12:48 - 000002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-20 12:44 - 2018-05-20 13:17 - 000003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-20 12:44 - 2018-05-20 13:17 - 000003204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-20 12:43 - 2018-05-20 12:47 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-20 12:41 - 2018-05-20 12:43 - 000000000 ____D C:\Users\mom\AppData\Local\Deployment
2018-05-20 12:41 - 2018-05-20 12:41 - 000000000 ____D C:\Users\mom\AppData\Local\Apps\2.0
2018-05-20 11:53 - 2018-05-20 13:17 - 000004466 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-20 11:40 - 2018-05-20 11:40 - 000000000 ____D C:\ProgramData\SWCUTemp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-20 14:18 - 2015-03-24 17:13 - 000000990 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job
2018-05-20 14:11 - 2015-03-24 17:11 - 000000324 _____ C:\WINDOWS\Tasks\Wse_binkiland.job
2018-05-20 14:04 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-20 13:55 - 2015-12-28 16:56 - 000000000 ____D C:\Users\mom\AppData\Local\7F1AC57F-17B5-415B-9B5E-C0ABDBFEF646.aplzod
2018-05-20 13:48 - 2016-08-04 17:32 - 000000000 ____D C:\Users\mom\AppData\Local\Google
2018-05-20 13:47 - 2013-08-15 19:03 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3007767440-1319116421-455852504-1002
2018-05-20 13:41 - 2016-07-24 16:06 - 000000000 ____D C:\Users\mom\AppData\Local\{A52C9397-807E-FEE1-EB48-D933379A240D}
2018-05-20 13:37 - 2016-12-11 21:37 - 000001006 _____ C:\WINDOWS\Tasks\Bing Search Engine rotef.job
2018-05-20 13:23 - 2016-01-23 21:05 - 000002463 _____ C:\Users\mom\Desktop\Chromium.lnk
2018-05-20 13:21 - 2015-12-28 16:35 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2018-05-20 13:18 - 2017-04-22 08:13 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3007767440-1319116421-455852504-1007
2018-05-20 13:18 - 2017-04-21 23:35 - 000003616 _____ C:\WINDOWS\System32\Tasks\PCKeeper updater
2018-05-20 13:18 - 2016-12-18 22:31 - 000003314 _____ C:\WINDOWS\System32\Tasks\Super PC Cleaner Run Delay
2018-05-20 13:18 - 2016-12-18 22:31 - 000003254 _____ C:\WINDOWS\System32\Tasks\Super PC Cleaner Monitor
2018-05-20 13:18 - 2016-02-04 19:05 - 000003790 _____ C:\WINDOWS\System32\Tasks\PC Clean Maestro Scan
2018-05-20 13:18 - 2016-02-04 19:05 - 000003750 _____ C:\WINDOWS\System32\Tasks\PC TuneUp Maestro Scan
2018-05-20 13:18 - 2016-02-04 19:05 - 000003712 _____ C:\WINDOWS\System32\Tasks\PC TuneUp Maestro Disk Defrag Analysis
2018-05-20 13:18 - 2016-02-04 19:05 - 000003510 _____ C:\WINDOWS\System32\Tasks\PC TuneUp Maestro Scan SecondTime
2018-05-20 13:18 - 2016-02-04 19:05 - 000003504 _____ C:\WINDOWS\System32\Tasks\PC Clean Maestro Scan FirstTime
2018-05-20 13:18 - 2016-02-04 19:05 - 000003344 _____ C:\WINDOWS\System32\Tasks\PC Clean Maestro Startup
2018-05-20 13:18 - 2016-02-04 19:05 - 000003342 _____ C:\WINDOWS\System32\Tasks\Program Management Console Startup
2018-05-20 13:18 - 2016-02-04 19:05 - 000003308 _____ C:\WINDOWS\System32\Tasks\PC TuneUp Maestro Startups
2018-05-20 13:18 - 2016-02-04 19:03 - 000003824 _____ C:\WINDOWS\System32\Tasks\WebUpdater Task
2018-05-20 13:18 - 2016-02-04 19:03 - 000003300 _____ C:\WINDOWS\System32\Tasks\WebUpdater LaunchTask
2018-05-20 13:18 - 2016-01-23 21:06 - 000002996 _____ C:\WINDOWS\System32\Tasks\SlimCleaner Plus (Scheduled Scan - mom)
2018-05-20 13:18 - 2016-01-23 21:06 - 000000360 _____ C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - mom).job
2018-05-20 13:18 - 2015-12-28 17:12 - 000003244 _____ C:\WINDOWS\System32\Tasks\Optscan
2018-05-20 13:18 - 2015-12-28 17:12 - 000000362 _____ C:\WINDOWS\Tasks\Optscan.job
2018-05-20 13:18 - 2015-12-28 16:35 - 000003564 _____ C:\WINDOWS\System32\Tasks\System Healer Task
2018-05-20 13:18 - 2015-12-28 16:35 - 000003306 _____ C:\WINDOWS\System32\Tasks\SystemHealer Run Delay
2018-05-20 13:18 - 2015-12-28 16:35 - 000003240 _____ C:\WINDOWS\System32\Tasks\SystemHealer Monitor
2018-05-20 13:18 - 2015-12-28 16:35 - 000002840 _____ C:\WINDOWS\System32\Tasks\System HealerPeriod
2018-05-20 13:18 - 2015-12-28 16:35 - 000002544 _____ C:\WINDOWS\System32\Tasks\System HealerStartUp
2018-05-20 13:18 - 2015-12-28 16:35 - 000000294 _____ C:\WINDOWS\Tasks\System HealerStartUp.job
2018-05-20 13:18 - 2015-12-28 16:35 - 000000294 _____ C:\WINDOWS\Tasks\System HealerPeriod.job
2018-05-20 13:18 - 2015-03-24 18:00 - 000004278 _____ C:\WINDOWS\System32\Tasks\ReimageUpdater
2018-05-20 13:18 - 2015-03-24 18:00 - 000003434 _____ C:\WINDOWS\System32\Tasks\Reimage Reminder
2018-05-20 13:18 - 2015-03-24 17:17 - 000003248 _____ C:\WINDOWS\System32\Tasks\Super Optimizer Schedule
2018-05-20 13:18 - 2015-03-24 17:11 - 000003498 _____ C:\WINDOWS\System32\Tasks\UPDTEXE4_WDR
2018-05-20 13:18 - 2015-03-24 17:11 - 000002648 _____ C:\WINDOWS\System32\Tasks\Wse_binkiland
2018-05-20 13:18 - 2015-01-02 14:01 - 000003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D35F809-FF2C-4D91-90BC-3C5DA133333B}
2018-05-20 13:18 - 2013-08-06 01:07 - 000002982 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2018-05-20 13:17 - 2017-04-21 23:30 - 000003480 _____ C:\WINDOWS\System32\Tasks\ByteFence Scan
2018-05-20 13:17 - 2017-04-21 23:30 - 000003380 _____ C:\WINDOWS\System32\Tasks\ByteFence
2018-05-20 13:17 - 2016-12-11 21:37 - 000004006 _____ C:\WINDOWS\System32\Tasks\Bing Search Engine rotef
2018-05-20 13:17 - 2016-11-03 11:29 - 000003084 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2018-05-20 13:17 - 2016-11-03 11:28 - 000003308 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2018-05-20 13:17 - 2016-02-04 19:05 - 000003740 _____ C:\WINDOWS\System32\Tasks\DriverRestore_ScheduledScan
2018-05-20 13:17 - 2016-02-04 19:05 - 000003592 _____ C:\WINDOWS\System32\Tasks\DriverRestore_DailyScan
2018-05-20 13:17 - 2016-01-23 21:03 - 000003352 _____ C:\WINDOWS\System32\Tasks\DriverUpdate Scan
2018-05-20 13:17 - 2016-01-23 21:03 - 000002854 _____ C:\WINDOWS\System32\Tasks\DriverUpdate Startup
2018-05-20 13:17 - 2016-01-23 21:03 - 000000494 _____ C:\WINDOWS\Tasks\DriverUpdate Scan.job
2018-05-20 13:17 - 2016-01-23 21:03 - 000000440 _____ C:\WINDOWS\Tasks\DriverUpdate Startup.job
2018-05-20 13:17 - 2015-05-13 19:59 - 000003914 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-05-20 13:17 - 2015-03-24 17:53 - 000011194 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMScan
2018-05-20 13:17 - 2015-03-24 17:53 - 000007456 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMUpdater
2018-05-20 13:17 - 2015-03-24 17:53 - 000007444 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMRules
2018-05-20 13:17 - 2015-03-24 17:53 - 000003724 _____ C:\WINDOWS\System32\Tasks\Driver Support
2018-05-20 13:17 - 2015-03-24 17:41 - 000003688 _____ C:\WINDOWS\System32\Tasks\boosterpop
2018-05-20 13:17 - 2015-03-24 17:41 - 000003686 _____ C:\WINDOWS\System32\Tasks\IEError
2018-05-20 13:17 - 2015-03-24 17:41 - 000003502 _____ C:\WINDOWS\System32\Tasks\AI_Updater
2018-05-20 13:17 - 2015-03-24 17:13 - 000003860 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2018-05-20 13:17 - 2015-03-24 17:13 - 000003624 _____ C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2018-05-20 13:17 - 2015-03-24 17:13 - 000000986 _____ C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job
2018-05-20 13:17 - 2015-03-24 17:12 - 000003726 _____ C:\WINDOWS\System32\Tasks\gameo_update
2018-05-20 13:17 - 2015-03-24 17:11 - 000003656 _____ C:\WINDOWS\System32\Tasks\IE_ERR4WDR
2018-05-20 13:17 - 2015-03-24 17:11 - 000003632 _____ C:\WINDOWS\System32\Tasks\HDNINSTSCHD
2018-05-20 13:17 - 2014-08-03 21:33 - 000003170 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2018-05-20 13:17 - 2014-08-03 21:33 - 000003170 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2018-05-20 13:17 - 2013-12-01 12:49 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-05-20 13:17 - 2013-08-18 12:15 - 000003172 _____ C:\WINDOWS\System32\Tasks\IBurn
2018-05-20 13:17 - 2013-08-17 09:59 - 000003506 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MomsComputer-mom
2018-05-20 13:17 - 2013-08-06 01:28 - 000003228 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2018-05-20 13:10 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-20 12:37 - 2017-04-21 23:28 - 000000000 ____D C:\Program Files\ByteFence
2018-05-20 12:36 - 2016-02-04 19:03 - 000055027 _____ C:\wulog.txt
2018-05-20 12:30 - 2016-01-23 20:59 - 000000000 ____D C:\Users\mom\AppData\Local\PlutoTV
2018-05-20 12:26 - 2015-03-24 17:59 - 000000000 ____D C:\ProgramData\Reimage Protector
2018-05-20 12:03 - 2015-03-24 17:59 - 000000165 _____ C:\WINDOWS\Reimage.ini
2018-05-20 11:55 - 2016-12-18 22:32 - 000000000 ____D C:\ProgramData\{BE83C18D-0928-7626-741E-6E781C014800}
2018-05-20 11:55 - 2016-12-18 22:32 - 000000000 ____D C:\ProgramData\{A9A5CFA7-1E0E-780C-C281-08434C31B938}
2018-05-20 11:54 - 2017-01-22 14:59 - 000000000 ____D C:\ProgramData\{E11F20C9-56B4-9762-9449-04BDCE30DBA0}
2018-05-20 11:54 - 2017-01-22 14:59 - 000000000 ____D C:\ProgramData\{A2EA30C5-1541-876E-23C8-B2F3D4D3F16C}
2018-05-20 11:54 - 2017-01-22 14:59 - 000000000 ____D C:\ProgramData\{9694742C-213F-C387-789E-7DCB78FF08DB}
2018-05-20 11:53 - 2017-01-22 14:59 - 000000000 ____D C:\ProgramData\{BE5EA5E4-09F5-124F-88BC-20D1FD00846C}
2018-05-20 11:51 - 2017-01-22 14:59 - 000000000 ____D C:\ProgramData\{27872E88-902C-9923-6A78-E8B949677A1C}
2018-05-20 11:51 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-20 11:51 - 2013-08-06 01:40 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-05-20 11:50 - 2017-06-16 18:50 - 020872192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-05-20 11:50 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-20 11:49 - 2016-12-18 22:42 - 000000000 ____D C:\ProgramData\{0FF900B6-B852-B71D-C18A-7E73C378C594}
2018-05-20 11:48 - 2013-08-17 08:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-20 11:47 - 2015-12-28 16:54 - 000000000 ___RD C:\Users\mom\iCloudDrive
2018-05-20 11:46 - 2014-09-24 02:15 - 000005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-20 11:39 - 2013-08-22 08:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-05-20 11:37 - 2013-08-22 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
 
==================== Files in the root of some directories =======
 
2017-01-22 15:06 - 2017-01-22 15:06 - 000000000 _____ () C:\Users\mom\AppData\Roaming\Fokofer
2016-11-03 10:04 - 2016-11-03 10:04 - 000187904 _____ () C:\Users\mom\AppData\Roaming\Setup36372.exe
2015-03-26 19:40 - 2018-01-11 19:40 - 000000523 _____ () C:\Users\mom\AppData\Roaming\WB.CFG
2015-03-28 10:09 - 2015-03-28 10:09 - 000274045 _____ () C:\Users\mom\AppData\Local\dsi1.dat
2015-03-28 10:09 - 2015-03-28 10:09 - 000161916 _____ () C:\Users\mom\AppData\Local\dsi2.dat
 
Some files in TEMP:
====================
2017-05-09 18:29 - 2017-05-09 18:29 - 000013312 _____ () C:\Users\jaedi_000\AppData\Local\Temp\rlri9ahl.dll
2017-01-22 16:40 - 2017-01-22 16:40 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\110143005.t.exe
2017-01-22 14:59 - 2017-01-22 14:59 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\117450723.t.exe
2017-01-22 22:37 - 2017-01-22 22:37 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\127580784.t.exe
2017-01-22 16:37 - 2017-01-22 16:37 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\130778259.t.exe
2017-01-22 14:59 - 2017-01-22 14:59 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\30942488.t.exe
2017-01-22 16:37 - 2017-01-22 16:37 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\31682959.t.exe
2017-05-07 18:05 - 2017-05-07 18:05 - 001812480 _____ () C:\Users\mom\AppData\Local\Temp\36318988.t.exe
2017-01-22 14:59 - 2017-01-22 14:59 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\36966890.t.exe
2017-01-22 22:37 - 2017-01-22 22:37 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\37140697.t.exe
2017-01-22 16:40 - 2017-01-22 16:40 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\55181502.t.exe
2017-05-09 15:44 - 2017-05-09 15:44 - 001812480 _____ () C:\Users\mom\AppData\Local\Temp\5766852.t.exe
2017-01-22 14:59 - 2017-01-22 14:59 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\80532497.t.exe
2017-01-22 22:40 - 2017-01-22 22:40 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\85023960.t.exe
2017-05-09 15:44 - 2017-05-09 15:44 - 001812480 _____ () C:\Users\mom\AppData\Local\Temp\85205644.t.exe
2017-05-07 18:05 - 2017-05-07 18:05 - 001812480 _____ () C:\Users\mom\AppData\Local\Temp\86415265.t.exe
2017-01-22 22:40 - 2017-01-22 22:40 - 001178112 _____ () C:\Users\mom\AppData\Local\Temp\91597516.t.exe
2014-12-01 00:04 - 2014-12-01 00:04 - 000211064 _____ (383 Media, Inc.) C:\Users\mom\AppData\Local\Temp\DRHelper_installFinish.exe
2014-12-01 00:04 - 2014-12-01 00:04 - 000211064 _____ (383 Media, Inc.) C:\Users\mom\AppData\Local\Temp\DRHelper_installStart.exe
2017-01-08 17:58 - 2015-12-28 11:48 - 000059496 _____ (apple) C:\Users\mom\AppData\Local\Temp\nsr6C1.tmp.exe
2015-12-28 17:12 - 2015-12-28 17:12 - 004407760 _____ (PCUtilities Software Limited                                ) C:\Users\mom\AppData\Local\Temp\optprosetup.exe
2015-08-20 22:51 - 2015-08-20 22:51 - 001451000 _____ (CompuClever Systems Inc.) C:\Users\mom\AppData\Local\Temp\programmanagementconsole_setup.exe
2016-01-23 21:03 - 2016-01-23 21:03 - 000205656 _____ (SlimWare Utilities, Inc.) C:\Users\mom\AppData\Local\Temp\scp72B5.tmp.exe
2017-04-21 22:59 - 2017-04-21 22:59 - 002642518 _____ (Web Updater                                                 ) C:\Users\mom\AppData\Local\Temp\web_updater_8d4890a110b157a.exe
2017-04-21 23:05 - 2017-04-21 23:05 - 002642518 _____ (Web Updater                                                 ) C:\Users\mom\AppData\Local\Temp\web_updater_8d4890adb7ff96f.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-01-11 21:42
 
==================== End of FRST.txt ============================


#6 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 03:22 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by mom (20-05-2018 14:21:27)
Running from C:\Users\mom\Downloads
Windows 8.1 (Update) (X64) (2015-01-02 18:58:31)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3007767440-1319116421-455852504-500 - Administrator - Disabled)
Guest (S-1-5-21-3007767440-1319116421-455852504-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3007767440-1319116421-455852504-1006 - Limited - Enabled)
jaedi_000 (S-1-5-21-3007767440-1319116421-455852504-1007 - Administrator - Enabled) => C:\Users\jaedi_000
mom (S-1-5-21-3007767440-1319116421-455852504-1002 - Administrator - Enabled) => C:\Users\mom
UpdatusUser (S-1-5-21-3007767440-1319116421-455852504-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
AccountService (HKLM\...\{B2CD1132-75C5-427F-8B06-9DA507A5A2B6}) (Version: 1.1.69 - Essentware) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Bing Search Engine (HKLM-x32\...\{F7651FA5-A7E5-CE25-1665-BEA5C6E56D25}) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Booking.com version 1.3.0.5019 (HKLM-x32\...\{958A475F-037D-401A-AC05-209725973E11}_is1) (Version: 1.3.0.5019 - Booking.com) <==== ATTENTION
Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version:  - Alactro LLC) <==== ATTENTION
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 3.8.0.5 - Byte Technologies LLC) <==== ATTENTION
Chromium (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Chromium) (Version: 46.0.2472.0 - Chromium)
Consumer Input (HKLM-x32\...\Setup Support for Consumer Input) (Version: 1.0 - Sono Control Inc.) <==== ATTENTION
Consumer Input (remove only) (HKLM-x32\...\Consumer Input Installer) (Version:  - Compete Inc.) <==== ATTENTION
Consumer Input Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.307 - Compete Inc.) Hidden <==== ATTENTION
Corel PaintShop Pro X5 (HKLM-x32\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.0.0.183 - Corel Corporation)
Corel PaintShop Pro X5 (HKLM-x32\...\{15180A90-1FC0-47E4-A150-3AECEF07B3B6}) (Version: 15.2.0.12 - Corel Corporation) Hidden
CyberLink Media Suite Premium (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.13 - Synaptics Incorporated)
Driver Restore (HKLM\...\Driver Restore) (Version: 2.3.0.0 - 383 Media, Inc.)
Driver Support (HKLM-x32\...\DriverSupport) (Version: 10.1.4.37 - PC Drivers HeadQuarters LP) <==== ATTENTION
DriverUpdate (HKLM-x32\...\{44E388BE-45EC-4DE3-B837-E2BEF5F9FA5C}) (Version: 2.5.4 - Slimware Utilities Holdings, Inc.)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Gameo (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Gameo) (Version: 0.13.7 - IronSource Ltd.) <==== ATTENTION
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
ICA (HKLM-x32\...\{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.0.0.183 - Corel Corporation) Hidden
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
InetStat (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.4.1001 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IPM_PSP_COM (HKLM-x32\...\{154B0B16-ABCD-4A06-B0B7-8146B7A89B25}) (Version: 15.0.0.183 - Corel Corporation) Hidden
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
LeapFrog Connect (HKLM-x32\...\{1FDAD156-EB67-4B2A-96AB-F27ADA06996A}) (Version: 5.2.1.18456 - LeapFrog) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.2.1.18456 - LeapFrog)
LeapFrog LeapPad Explorer Plugin (HKLM-x32\...\{732E3F74-FF24-42BC-B1A2-3244BBEBEB5D}) (Version: 5.2.1.18456 - LeapFrog) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.190 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4953.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft Packages (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Minecraft Packages) (Version:  - ) <==== ATTENTION
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited) <==== ATTENTION
PC Clean Maestro (HKLM-x32\...\PC Clean Maestro) (Version: 4.1.3.144 - CompuClever Systems Inc.)
PC TuneUp Maestro (HKLM-x32\...\PC TuneUp Maestro) (Version: 6.3.3.286 - CompuClever Systems Inc.)
PCKeeper Antivirus (HKLM\...\{12566E87-FA0D-44E4-B235-9707B4E65FF3}) (Version: 1.1.1050 - Essentware) Hidden
Photo Transfer App (HKLM-x32\...\com.erclab.air.phototransferapp) (Version: 2.1.0 - UNKNOWN)
Pluto TV version 0.1.5 (HKLM-x32\...\Pluto TV_is1) (Version: 0.1.5 - Pluto TV)
PocketCloud (HKLM-x32\...\{AAF1E996-6AE6-4684-88A8-41F4E98E2899}) (Version: 2.6.21 - Wyse Technology)
PRE10STI64Installer (HKLM-x32\...\{9F06F464-479A-403E-AF92-70CBB8D674A1}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Program Management Console (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Program Management Console) (Version: 2.0.3.30 - CompuClever Systems Inc.)
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PSPPContent (HKLM-x32\...\{1522E36C-3739-41E4-8CD3-A4AFEA70086A}) (Version: 15.2.0.12 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{153DD765-C8C6-4893-8CEF-D965351D82EC}) (Version: 15.0.0.183 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{1551A29F-B1B0-43CA-90B5-E6E5186F683E}) (Version: 15.0.0.183 - Corel Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.1.4 - Reimage) <==== ATTENTION
ROBLOX Player for mom (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Search the Web (Yahoo) (HKLM-x32\...\{7C2694E6-2CA6-4566-9D26-35E64DA6E666}) (Version:  - ) <==== ATTENTION
Search the Web (Yahoo) (HKLM-x32\...\a92e2408) (Version:  - ) <==== ATTENTION
Setup (HKLM-x32\...\{15002A1B-C1E7-4E91-A3EC-5502BF924A32}) (Version: 15.0.0.183 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shutterfly Express Uploader (HKLM-x32\...\{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}) (Version: 1.2.0 - Shutterfly, Inc.) Hidden
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.)
SlimCleaner Plus (HKLM\...\{B4061DDF-7078-4CBE-BC1B-9E5F0AFF609E}) (Version: 2.5.1 - Slimware Utilities Holdings, Inc.)
SmartSound Common Data (HKLM-x32\...\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) Hidden
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.28.7.4850 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strong Signal (HKLM-x32\...\Strong Signal) (Version: 2.0.5561.26278 - Strong Signal) <==== ATTENTION
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd) <==== ATTENTION
Super PC Cleaner (HKLM-x32\...\SuperPCCleaner) (Version: 4.4.0.3 - SuperPCCleaner)
System Healer (HKLM-x32\...\SystemHealer) (Version: 4.1.0.0 - SystemHealer) <==== ATTENTION
Unchecky v0.3.7.2 (HKLM-x32\...\Unchecky) (Version: 0.3.7.2 - RaMMicHaeL)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
Wajam (HKLM-x32\...\WajaNetEn) (Version: 1.60.1.13 (i1.0) - Wajam) <==== ATTENTION
WeatherApp (HKLM-x32\...\{40060F30-F802-40C3-AA01-D084924B60C7}) (Version: 1.0.0.0 - Portable WeatherApp)
Web Companion (HKLM-x32\...\{af3006de-a5d7-401e-b2c5-ed5aecac3f26}) (Version: 2.2.1337.2613 - Lavasoft)
Web Updater version 1.0.42.0 (HKLM\...\{E440E2C7-6EA3-46E1-8991-FB53C40AEF5F}_is1) (Version: 1.0.42.0 - Web Updater)
WinCleaner OneClick Professional Version 12 (HKLM-x32\...\WinCleaner OneClick Professional_is1) (Version: 12.6.0.0 - Business Logic Corporation) <==== ATTENTION
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WSE_Binkiland (HKLM-x32\...\WSE_Binkiland) (Version:  - WSE_Binkiland) <==== ATTENTION
WSE_Binkiland (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\WSE_Binkiland) (Version:  - WSE_Binkiland) <==== ATTENTION
Your download is ready Packages (HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\Your download is ready Packages) (Version:  - ) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\mom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\mom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\mom\AppData\Local\Roblox\Versions\version-8756646edb404aaf\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\mom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007767440-1319116421-455852504-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\mom\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-11] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-11] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-12] (Cyberlink)
ContextMenuHandlers1: [Corel PaintShop Pro X5] -> {D6D67107-2AFB-41D4-97E3-4F6ED2A21FF8} => C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll [2012-07-20] (Corel Software, Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\MSC\McCtxMenuFrmWrk.dll [2016-07-07] (McAfee, Inc.)
ContextMenuHandlers1-x32: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt32.dll [2016-08-03] (Essentware)
ContextMenuHandlers1-x32: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt64.dll [2016-08-03] (Essentware)
ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-11-17] (Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-12] (Cyberlink)
ContextMenuHandlers2: [Corel PaintShop Pro X5] -> {D6D67107-2AFB-41D4-97E3-4F6ED2A21FF8} => C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll [2012-07-20] (Corel Software, Inc.)
ContextMenuHandlers2-x32: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt32.dll [2016-08-03] (Essentware)
ContextMenuHandlers2-x32: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt64.dll [2016-08-03] (Essentware)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-11] (AVAST Software)
ContextMenuHandlers4: [Corel PaintShop Pro X5] -> {D6D67107-2AFB-41D4-97E3-4F6ED2A21FF8} => C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll [2012-07-20] (Corel Software, Inc.)
ContextMenuHandlers4-x32: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt32.dll [2016-08-03] (Essentware)
ContextMenuHandlers4-x32: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt64.dll [2016-08-03] (Essentware)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2013-10-23] (NVIDIA Corporation)
ContextMenuHandlers5-x32: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt32.dll [2016-08-03] (Essentware)
ContextMenuHandlers5-x32: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt64.dll [2016-08-03] (Essentware)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-11] (AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\MSC\McCtxMenuFrmWrk.dll [2016-07-07] (McAfee, Inc.)
ContextMenuHandlers6-x32: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt32.dll [2016-08-03] (Essentware)
ContextMenuHandlers6-x32: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => C:\Program Files\Essentware\PCKAV\PCKAVShellExt64.dll [2016-08-03] (Essentware)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {006D241D-D8EF-4EF0-B81B-EC20B9F75A1B} - System32\Tasks\PocketCloudUpdater => C:\Program [Argument = Files (x86)\Wyse\PocketCloud\Updater.exe]
Task: {039D910F-5D99-442A-BBDE-5D605CAC523E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [2017-06-16] (Microsoft Corporation)
Task: {04CE626D-513E-4097-9FFD-BB4045A70829} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== ATTENTION
Task: {0DF837D3-F53A-4679-BDF9-5BFF68434DDE} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-12-01] () <==== ATTENTION
Task: {121E072D-2312-49AF-903F-9B937FFCC7C1} - System32\Tasks\Super PC Cleaner Run Delay => C:\Program Files (x86)\SuperPCCleaner\SuperPCCleaner.exe [2016-12-14] ()
Task: {127BD36A-EC50-40F3-AB2F-54945E0E6719} - System32\Tasks\PC Clean Maestro Startup => C:\Program Files (x86)\CompuClever\PC Clean Maestro\pccum.exe [2015-08-21] (CompuClever Systems Inc)
Task: {1306D8EE-F389-4370-9945-6180E907D147} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - mom) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [2015-12-15] (Slimware Utilities Holdings, Inc.)
Task: {14439BF2-7F94-4FD5-ABE7-A75C62E7A9BC} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WPCRDPVirtualChannelServer.exe
Task: {154AD188-12A1-40B5-9197-B25737C1A47E} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-03-24] (ConsumerInput) <==== ATTENTION
Task: {163C2C28-D535-4E4B-93DD-F4ED74EF8CDB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {1B3D32D6-0008-43C4-BE39-87050E2C153E} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe [2014-12-15] () <==== ATTENTION
Task: {1BF5150D-5223-4FC0-A851-590AB4A656ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {1CFFDC7D-D146-4291-8283-C9370379993A} - System32\Tasks\IBurn => C:\Program Files (x86)\CyberLink Corp\InstantBurn\Win2K\IBurn.exe
Task: {208A6C53-4C94-44A9-9F85-74CF980AB214} - System32\Tasks\WebUpdater Task => C:\Program Files\WebUpdater\webupdaterservice.exe [2017-03-07] (Web Updater Media)
Task: {219834A7-9F92-491F-BE2F-08CD8647CA59} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {251FAA84-3E5C-448E-B857-683660E8D88E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-08-20] (Microsoft Corporation)
Task: {29C2A0D6-BC2B-404C-A0DE-F70553EDBC74} - System32\Tasks\PC TuneUp Maestro Disk Defrag Analysis => C:\Program Files (x86)\CompuClever\PC TuneUp Maestro\pctum.exe [2015-08-20] (CompuClever Systems Inc)
Task: {2CEC7DAF-F454-4978-AA25-1606F23ED02A} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-12-01] () <==== ATTENTION
Task: {336C4132-3509-4CEC-9AC6-7C1F3D9AE44D} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.5.243\mcdatrep.exe [2018-01-11] (McAfee, LLC.)
Task: {337B6BC1-FCBA-4F87-8684-1D0E16AACA96} - System32\Tasks\PC TuneUp Maestro Scan SecondTime => C:\Program Files (x86)\CompuClever\PC TuneUp Maestro\pctum.exe [2015-08-20] (CompuClever Systems Inc)
Task: {358F1B06-E0D1-4CE4-AB3F-52F545B9AD92} - System32\Tasks\SystemHealer Monitor => C:\Program Files (x86)\SystemHealer\HealerConsole.exe <==== ATTENTION
Task: {3A1710FB-75C0-4B28-BBA0-0460C1BC1FF7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2018-05-20] (Enigma Software Group USA, LLC.)
Task: {3AFB861B-08DD-44F2-985B-6759A4036A46} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2016-01-19] (SlimWare Utilities, Inc.)
Task: {3B2DB99A-2AA8-4117-9DFD-2940CBC89DBC} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {3C6BBEAC-E175-478E-86D5-6243BE3E626D} - System32\Tasks\PocketCloud => C:\Program [Argument = Files (x86)\Wyse\PocketCloud\ConfigUtility.exe -l "C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe"]
Task: {3E33D0AA-C5AE-449E-ABEF-699FC63F962B} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {3ED731EA-6BB5-4EB3-A266-E6EE0506D2B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-20] (AVAST Software)
Task: {42E88A7D-DCB7-4664-A20F-2577D1A59BFB} - System32\Tasks\PC TuneUp Maestro Scan => C:\Program Files (x86)\CompuClever\PC TuneUp Maestro\pctum.exe [2015-08-20] (CompuClever Systems Inc)
Task: {438CB840-CC5F-4203-A9F4-EBCC0117AA2A} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-01-22] (PC Drivers Headquarters LP)
Task: {4849BE89-836F-48B3-8053-C6E1B65B79C0} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== ATTENTION
Task: {48F470FA-C393-4D65-B17D-C8DC95BF977C} - System32\Tasks\gameo_update => C:\Users\mom\AppData\Roaming\Gameo\gameo.exe [2015-02-22] () <==== ATTENTION
Task: {4EB4A20B-3DCF-446F-8345-C9EE3C1060B4} - System32\Tasks\System HealerStartUp => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2015-12-17] () <==== ATTENTION
Task: {4FF5576D-BB28-4485-9FC8-B579AA4A76B1} - System32\Tasks\SystemHealer Run Delay => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2015-12-17] () <==== ATTENTION
Task: {520D0097-38C7-4565-B969-B2B6724B5C41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-20] (Google Inc.)
Task: {5EC93E79-167D-4D2E-B50F-741F39E5ED0E} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-03-16] (Reimage ltd.) <==== ATTENTION
Task: {624EA4DE-5CAE-42A6-9958-3EECF6CB3F3A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink Corp\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {63D80B0F-38D5-4C7E-8467-634100E53B7B} - System32\Tasks\HDNINSTSCHD => C:\WINDOWS\PCBHDNW\hdnInstaller.exe [2014-12-15] () <==== ATTENTION
Task: {6B33E279-0F17-4697-AC7F-CA79A54C7B27} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe <==== ATTENTION
Task: {6D95467E-ACDC-41F3-B5FD-3A60CEE75530} - System32\Tasks\DriverUpdate Scan => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2016-01-19] (SlimWare Utilities, Inc.)
Task: {79F03149-4343-4CA4-9C79-0865A6BC0BA5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-20] (Adobe Systems Incorporated)
Task: {8528CC8D-79C0-493E-8915-DEE18AC006F5} - System32\Tasks\WebUpdater LaunchTask => C:\Program Files\WebUpdater\webupdaterservice.exe [2017-03-07] (Web Updater Media)
Task: {8718BB3D-8F58-456D-8BD1-38A84D8873D1} - System32\Tasks\PC Clean Maestro Scan FirstTime => C:\Program Files (x86)\CompuClever\PC Clean Maestro\pccum.exe [2015-08-21] (CompuClever Systems Inc)
Task: {874EA60F-8B88-4DDC-AFC3-A43BE73C7FB5} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {894E85A9-4DEC-46D8-A1D9-8103DCE85C4B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink Corp\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {8986B01D-4090-404B-A7E8-66D3B92931E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-20] (Google Inc.)
Task: {93935B30-EE71-4549-A91A-2A27B35AC48B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-11] (AVAST Software)
Task: {952CC5DA-5B2F-4C00-A933-17AB5F600D0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-20] (Adobe Systems Incorporated)
Task: {952D23F2-6934-4360-8432-475810D3671E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-11] (AVAST Software)
Task: {A3F95097-510F-49BC-8CC9-4660F38AC33E} - System32\Tasks\Program Management Console Startup => C:\Users\mom\AppData\Local\CompuClever\Program Management Console\pmc.exe [2015-08-20] (CompuClever Systems Inc.)
Task: {A581AC5D-7075-4AB2-A0F8-0EBEA0D45E7E} - System32\Tasks\AdobeAAMUpdater-1.0-MomsComputer-mom => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {A7D84EDF-E23C-4E4E-8E0D-7495E7039623} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe
Task: {AB8ABF1D-07C6-48A9-9D94-7D007D2D1E10} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe [2014-12-15] (Portable WeatherApp) <==== ATTENTION
Task: {B43376AE-4C4D-47E7-AD20-24468FBA8322} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2015-03-24] (ConsumerInput) <==== ATTENTION
Task: {BA7C2979-A6CA-4C55-8B2A-1252653FF4F1} - \{0A0E0A47-7F7D-0B0F-0F11-0578047E110C} -> No File <==== ATTENTION
Task: {BB8CF0EC-6E54-4135-9830-A994E797141B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-04-10] (Dell Inc.)
Task: {BC42093F-FAAE-405B-BCFD-0E52CCCE98C2} - System32\Tasks\System HealerPeriod => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2015-12-17] () <==== ATTENTION
Task: {BFEB5993-F241-4974-AA1A-7E053615F903} - System32\Tasks\PC TuneUp Maestro Startups => C:\Program Files (x86)\CompuClever\PC TuneUp Maestro\Startups.exe [2015-08-20] (Compuclever System Inc)
Task: {C78BA1DC-1DDA-4ED8-A886-221ADA375C98} - System32\Tasks\boosterpop => C:\Program Files (x86)\Tuneup computer\Probsalert.exe
Task: {C91D5944-7BE4-4BAB-A1AA-CF10186DCF63} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {D10BC29B-CCE5-404F-BDCF-2EF0FFE9D607} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {D165D285-8C37-4972-B973-266BF19857E9} - System32\Tasks\System Healer Task => C:\Program Files (x86)\SystemHealer\RescueMonitor.exe [2015-12-17] () <==== ATTENTION
Task: {D238C784-62A6-4B89-BF31-A6210C013047} - System32\Tasks\Bing Search Engine rotef => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{5558903B-DF1A-1AFD-59DC-84BFC39E0F71}\dodo.txt" "687474703a2f2f77617662736c792e636f6d" "433a5c50726f6772616d446174615c7b35353538393033422d444631412d314146442d353944432d3834424643333945304637317d5c6c697365726f" "433a5c50726f6772616d446174615c7b35353538393033422d444631412d314146442d35 (the data entry has 82 more characters). <==== ATTENTION
Task: {D5CE53E0-305C-48A8-AFF0-837B88A39F57} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-01-22] (PC Drivers Headquarters LP)
Task: {D7DF3196-1E68-4FF5-85F9-231A02AA4CB5} - System32\Tasks\PCKeeper updater => C:\ProgramData\Essentware\installer.exe [2017-04-21] (Essentware) <==== ATTENTION
Task: {D88F7D7A-15EB-4F22-9443-6328056B250E} - System32\Tasks\Wse_binkiland => C:\Users\mom\AppData\Roaming\WSE_BI~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E16FBA8B-C41C-4361-9449-C60056611376} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-03-13] (McAfee, Inc.)
Task: {E2BFCC1E-2C19-480E-9E86-E07C63F9390B} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe
Task: {E4A30E3F-2334-4D9C-9EF3-8BE3EFB684A5} - System32\Tasks\Optscan => c:\programdata\{7130e9b8-807e-50fa-7130-0e9b8807a6e2}\hqghumeaylnlf.exe [2014-12-28] (PC Utilities Software Limited) <==== ATTENTION
Task: {EA260BC6-9B88-483F-AFD5-EB12DE103944} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2018-04-25] (Reimage®) <==== ATTENTION
Task: {F14DDA6A-863A-4B25-B52C-367B04C0C2FC} - System32\Tasks\Super PC Cleaner Monitor => C:\Program Files (x86)\SuperPCCleaner\PerformanceMonitor.exe [2016-12-14] ()
Task: {F4A51EEA-435A-4B82-A2F9-7E69439BC704} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {F5345801-0F46-4B7A-9CE2-0BAC2EE24444} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-01-22] (PC Drivers Headquarters LP)
Task: {FB316F9F-1FB3-47E7-98D5-617A9C8C2561} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\DriverSupport.exe [2017-01-22] (PC Drivers Headquarters LP)
Task: {FF5AF5E1-07A5-455A-894B-C2443D18D3BD} - System32\Tasks\PC Clean Maestro Scan => C:\Program Files (x86)\CompuClever\PC Clean Maestro\pccum.exe [2015-08-21] (CompuClever Systems Inc)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Bing Search Engine rotef.job => Wscript.exe  C:\ProgramData\{5558903B-DF1A-1AFD-59DC-84BFC39E0F71}\dodo.txt <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DriverUpdate Scan.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\WINDOWS\Tasks\Optscan.job => c:\programdata\{7130e9b8-807e-50fa-7130-0e9b8807a6e2}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - mom).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\System HealerPeriod.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\System HealerStartUp.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wse_binkiland.job => C:\Users\mom\AppData\Roaming\WSE_BI~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-12-18 15:42 - 2013-12-18 15:42 - 000013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-02 13:36 - 2013-10-23 03:20 - 000102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-25 07:38 - 2016-05-25 07:38 - 000129304 _____ () C:\Program Files\ByteFence\x64\lz4_x64.dll
2014-04-27 16:47 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-06 01:37 - 2012-04-24 21:43 - 000254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-02-04 19:03 - 2016-02-04 19:03 - 000017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2016-02-04 19:03 - 2016-02-04 19:03 - 000008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2016-02-04 19:03 - 2016-02-04 19:03 - 000028944 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2013-06-21 20:46 - 2013-06-21 20:46 - 000016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-06-21 20:35 - 2013-06-21 20:35 - 000032256 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-06-21 20:31 - 2013-06-21 20:31 - 000035840 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2017-04-21 23:30 - 2017-04-21 23:30 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-06 01:41 - 2013-04-19 17:51 - 000020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-08-06 01:41 - 2013-04-19 17:52 - 000049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-08-06 01:41 - 2013-04-19 17:51 - 000019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-08-06 01:41 - 2013-04-19 17:51 - 000034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2016-12-14 08:23 - 2016-12-14 08:23 - 002211840 _____ () C:\Program Files (x86)\SuperPCCleaner\PerformanceMonitor.exe
2015-03-24 17:11 - 2015-02-22 02:53 - 042482176 _____ () C:\Users\mom\AppData\Roaming\Gameo\gameo.exe
2015-12-15 14:42 - 2015-12-15 14:42 - 000755992 _____ () C:\Program Files\SlimService\MyDefragDll.dll
2013-08-06 01:41 - 2013-04-19 17:51 - 000023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2017-03-07 13:18 - 2017-03-07 13:18 - 000582936 _____ () C:\Program Files\ByteFence\rsLggr.exe
2017-04-22 07:25 - 2017-03-07 11:19 - 021822976 _____ () C:\Program Files\WebUpdater\1.0.42.0\WebUpdater.exe
2017-04-22 07:25 - 2015-12-30 09:15 - 000255488 _____ () C:\Program Files\WebUpdater\1.0.42.0\isa_x64.dll
2015-08-20 23:59 - 2015-08-20 23:59 - 000785864 _____ () C:\Users\mom\AppData\Local\CompuClever\Program Management Console\CommonLib_WTL.dll
2017-06-02 11:17 - 2017-06-02 11:17 - 000016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\1d3af56712efbe535429f40a6793c6d8\PSIClient.ni.dll
2013-08-06 01:26 - 2012-06-25 12:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2018-01-11 21:00 - 2018-01-11 21:00 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-11 21:00 - 2018-01-11 21:00 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-11 21:00 - 2018-01-11 21:00 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-08-20 23:17 - 2017-08-20 23:17 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-11 21:00 - 2018-01-11 21:00 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-11 20:59 - 2018-01-11 20:59 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-11-17 02:29 - 2016-11-17 02:29 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-08-03 21:33 - 2012-06-07 22:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink Corp\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink Corp\Power2Go8\CLMLSvcPS.dll
2017-08-20 22:56 - 2017-08-20 22:56 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2011-09-14 22:25 - 2011-09-14 22:25 - 001839256 _____ () C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\32\ImageRenderer.dll
2013-08-06 01:41 - 2013-05-02 18:01 - 001813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll
2013-12-18 15:42 - 2013-12-18 15:42 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-24 17:11 - 2015-02-22 02:53 - 001311232 _____ () C:\Users\mom\AppData\Roaming\Gameo\libglesv2.dll
2015-03-24 17:11 - 2015-02-22 02:53 - 000212992 _____ () C:\Users\mom\AppData\Roaming\Gameo\libegl.dll
2015-03-24 17:11 - 2015-02-22 02:53 - 000986624 _____ () C:\Users\mom\AppData\Roaming\Gameo\ffmpegsumo.dll
2018-05-20 11:48 - 2016-03-17 15:11 - 000246272 _____ () C:\Users\mom\AppData\Local\Temp\nw8480_31339\node_modules\gameo_utils\Build\Release\gameo_utils_node.node
2018-05-20 11:48 - 2016-03-17 15:11 - 000090112 _____ () C:\Users\mom\AppData\Local\Temp\nw8480_31339\node_modules\gameo_utils\Build\Release\gameo_utils.dll
2011-11-26 03:42 - 2011-11-26 03:42 - 000568032 _____ () C:\Program Files (x86)\CompuClever\PC Clean Maestro\sqlite3.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\driversupport.com -> hxxps://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3007767440-1319116421-455852504-1002\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2018-05-20 11:38 - 000007906 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3007767440-1319116421-455852504-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\mom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 71.10.216.1 - 71.10.216.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{CF918050-1A9D-4A66-AC6B-0D5A5EEC4BE9}] => (Allow) C:\Program Files (x86)\CyberLink Corp\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{28BBC735-85F0-43BB-96C1-BA717D6E6A25}] => (Allow) C:\Program Files (x86)\CyberLink Corp\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{4BFA664E-D286-4458-8512-01B756B54061}] => (Allow) C:\Program Files (x86)\CyberLink Corp\PowerDirector10\PDR10.EXE
FirewallRules: [{D5228BAA-DFD0-470F-8C10-6F28A429E2AE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0619CDCE-C32F-48D3-92F3-AC97E632DFCF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B15E3C2F-2F01-4BDE-A715-792353D5F0B7}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{AD6E49AA-9917-4678-84B8-79375E87CEA1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C45C64AB-E484-46E7-9F42-F29E0F17C72A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B39DE7BC-F73B-4EE3-A8F6-9DEAF0D6B166}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{3436DF13-44D1-445E-BBDE-C448D5AD961D}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\AetherWindowsService.exe
FirewallRules: [{26419EF2-80FA-4664-BD6E-158C25597AD0}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{70CE3241-05DD-4D37-B3F3-603DEA5553EF}] => (Allow) C:\Users\mom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0477654C-6316-4249-8BB9-8C58E2181CE3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{057216E6-1AEC-41F4-A147-8864A349B471}] => (Allow) LPort=1900
FirewallRules: [{B04B03A7-27C7-4F0C-BD20-399064BDE1BB}] => (Allow) LPort=2869
FirewallRules: [{FCE8F03E-6C22-445E-A789-EA963636CEBE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FC3375FD-AD9A-4DDD-9B1D-A66EA36B5805}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{BD6419C1-D163-4683-B6CC-A97EBABD36CA}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{016E298F-87E8-4033-86FA-87B179459F54}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{9F94984E-B984-4AC5-8D81-42D5438C5FD3}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{CA55EDA7-2489-458A-B725-58E6C171A610}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4AFBEECD-65FB-4515-8F4B-0E21EECD6DF0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{888D49B3-AEAE-4B73-BD89-B8BC404296AB}] => (Allow) C:\Program Files (x86)\Business Logic Corporation\WinCleaner OneClick Pro\WCClean.exe
FirewallRules: [{B6CD204B-FC75-4BD0-9E8F-8EA4045093DE}] => (Allow) C:\Program Files (x86)\Business Logic Corporation\WinCleaner OneClick Pro\WCClean.exe
FirewallRules: [{C8C75653-A6C6-4CEE-AF76-621B89860ECD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C920FB52-4DD2-409B-9328-3349377C48F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7D6F9E6-1D2D-47FB-B1D0-22D9A62449AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3D414F65-2AFA-4C4F-ABC7-2805C060BC48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{023CDADD-7D40-4096-8BE2-A1150213AEF9}] => (Allow) C:\Users\mom\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{F4E38428-076E-4646-A25F-6DCD0FE2E313}] => (Allow) C:\Program Files (x86)\Business Logic Corporation\WinCleaner OneClick Pro\WCClean.exe
FirewallRules: [{B22FA2ED-489E-4A6B-8F02-C9CE4E8AD040}] => (Allow) C:\Program Files (x86)\Business Logic Corporation\WinCleaner OneClick Pro\WCClean.exe
FirewallRules: [{0AD56220-C436-43E4-9B05-9EFE3B62D9D3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FE7D77E0-389D-40B1-AF98-2BB99C97DD0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{94809A36-80D9-48D1-B720-215687B1D250}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9EEE49AD-4DDC-4232-9B27-5E0BC82B90C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E6CE3F81-08FE-405B-B9A9-3B2B4DAFFF6F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D1F99C5A-2C5E-4498-9EB4-D44BA4F3DDA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{74F5189B-60EE-4F38-8B94-CAF61CD1D86A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{61D00A76-F075-440B-B7F2-7B1A5D979E64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
01-06-2017 21:44:18 Windows Update
16-06-2017 19:42:25 Windows Update
31-12-2017 15:21:00 Windows Update
11-01-2018 21:42:17 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/20/2018 02:22:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 8ec
 
Start Time: 01d3f06f18c23fb3
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 12c37f53-5c63-11e8-bf15-681729747e70
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/20/2018 02:08:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 414c
 
Start Time: 01d3f06d3ecbfbd1
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 32f222be-5c61-11e8-bf15-681729747e70
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/20/2018 02:02:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3fc8
 
Start Time: 01d3f06c609b5e1d
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 54568c35-5c60-11e8-bf15-681729747e70
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/20/2018 01:57:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3e78
 
Start Time: 01d3f06bb67a292d
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\wwahost.exe
 
Report Id: acf76d52-5c5f-11e8-bf15-681729747e70
 
Faulting package full name: DellInc.DellShop_2.2.0.0_neutral__htrsf667h5kn2
 
Faulting package-relative application ID: App
 
Error: (05/20/2018 01:57:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 3db0
 
Start Time: 01d3f06b995ab15b
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 8d3d9fd6-5c5f-11e8-bf15-681729747e70
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/20/2018 01:55:59 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "c:\program files\essentware\pckav\PCKAV.exe".Error in manifest or policy file "c:\program files\essentware\pckav\PCKAV.exe.Config" on line 0.
Invalid Xml syntax.
 
Error: (05/20/2018 01:55:59 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "c:\program files\essentware\pckav\PCKAVService.exe".Error in manifest or policy file "c:\program files\essentware\pckav\PCKAVService.exe.Config" on line 0.
Invalid Xml syntax.
 
Error: (05/20/2018 01:42:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 24ec
 
Start Time: 01d3f0699e0693a3
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 944eea26-5c5d-11e8-bf15-681729747e70
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
 
System errors:
=============
Error: (05/20/2018 11:51:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:50:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:50:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:49:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:49:20 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.
 
Error: (05/20/2018 11:49:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:48:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (05/20/2018 11:47:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
 
Windows Defender:
===================================
Date: 2013-08-26 21:07:36.458
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {132728CF-8E08-43B2-B80A-3A140E7F77E4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2013-08-25 12:15:55.955
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {1D9C87F6-177A-4316-9714-103793C02CB7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2013-08-25 11:53:00.493
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {D7B4B34B-FD0F-4FCC-8D48-76E4BE205F1A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2016-11-03 11:28:32.391
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee2
Error description: The operation timed out 
 
Date: 2016-11-03 11:28:32.391
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee2
Error description: The operation timed out 
 
Date: 2016-11-03 11:28:32.391
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee2
Error description: The operation timed out 
 
Date: 2016-11-03 11:18:00.282
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2016-11-03 11:18:00.282
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
CodeIntegrity:
===================================
 
Date: 2018-05-20 14:22:25.058
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:24.674
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:24.239
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:23.597
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:22.880
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:22.388
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:21.696
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-05-20 14:22:19.486
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 85%
Total physical RAM: 8058.5 MB
Available physical RAM: 1138.59 MB
Total Virtual: 10281.91 MB
Available Virtual: 1059.52 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:447.09 GB) (Free:130.32 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
 
\\?\Volume{727ad540-8d44-4801-8b09-4a475efef787}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{30d56dff-6cdb-4a9b-bba5-71412eb7a74f}\ (PBR Image) (Fixed) (Total:17.09 GB) (Free:0.69 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 85161C10)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 7DD126D9)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#7 JohnC_21

JohnC_21

  • Members
  • 24,448 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 20 May 2018 - 03:32 PM

Since you are obviously infected and have posted the FRST logs I would PM a moderator and have this thread moved to the Virus Removal Forum where a removal expert can look at your logs.



#8 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 20 May 2018 - 03:33 PM

What browser are you using?
 
Did you by chance see the BC guide on removing this infection?
 
https://www.bleepingcomputer.com/virus-removal/remove-my-search.com-search-redirect
 
You can download Rkill on another computer and save to a flash drive.


She has IE and Chrome installed. I have better luck with IE so far. I'll get to work on that link right now, thank you. This laptop has lots of issues I think.

Since you are obviously infected and have posted the FRST logs I would PM a moderator and have this thread moved to the Virus Removal Forum where a removal expert can look at your logs.


Will do, thanks

#9 JohnC_21

JohnC_21

  • Members
  • 24,448 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 20 May 2018 - 04:50 PM

For some reason you got bounced back to the Am I Infected Forum. I would suggest you follow the removal guide I linked to. I also noticed you have Avast as well as Mcafee for a AV. I would remove one, probably Mcafee. 

 

You may be able to browse with a portable browser. On another computer you can download firefox portable and install to a flash drive. Attach the flash drive to the computer and browse by double clicking the firefox.exe in the unzipped folder on the flash drive.

 

If the computer came pre-installed with Windows 8 or 8.1 you can always do a clean install after backing up your personal data but you would need to reinstall all your programs. Windows 8.1 also allows doing a Refresh with the option to keep files but if the computer was upgraded from Windows 8 this option may not be available.

 

Edit: Link to portable firefox.

 

https://portableapps.com/apps/internet/firefox_portable


Edited by JohnC_21, 20 May 2018 - 04:51 PM.


#10 Big_O

Big_O
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 29 May 2018 - 06:04 PM

I have completed the removal process you linked to above.  The laptop is finally usable, thank you.  I will now start to address the virus issues and PM a mod.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users