Ginsyberg
Members-
Posts
14 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Hey, aura! Just did the fix, and the popup says: "" Fix completed. "Fixlog.txt" is saved in the same directory FRST is located The computer needs a restart. Please close all open windows. You will not get a notification from the tool after restart. Click OK to restart. "" Do I restart the PC or no??
-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01 Ran by Eric's Gaming PC (administrator) on DESKTOP-KPHM1QA (18-06-2018 22:18:46) Running from C:\Users\Eric's Gaming PC\Downloads Loaded Profiles: Eric's Gaming PC & PCPitstopSVC & OVRLibraryService (Available Profiles: Eric's Gaming PC & PCPitstopSVC & OVRLibraryService) Platform: Windows 10 Home Version 1709 16299.371 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHDCPSvc.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHeciSvc.exe (PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\wallpaper32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxEM.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe () C:\Program Files (x86)\Cyclists\democratize.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe () C:\Program Files (x86)\Cyclists\democratize.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Oculus VR, LLC) C:\Program Files\Oculus\Support\oculus-librarian\OVRLibrarian.exe (Oculus VR, LLC) C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8498392 2015-07-13] (Realtek Semiconductor) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [35576 2015-09-15] (Alienware) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2116352 2018-04-22] (PC Pitstop) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27822536 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [Chameleon System Monitor] => c:\program files (x86)\common files\Chameleon Manager\monitor.exe [8105088 2017-09-09] (NeoSoft Tools) HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd) HKU\S-1-5-21-3928081856-823122749-4048558740-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{64aa054e-f721-4e02-b1bc-a9ad84101bd5}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKU\S-1-5-21-3928081856-823122749-4048558740-1001 -> DefaultScope {7569A81D-8E91-4B4F-B6EA-B9C7F00102A6} URL = SearchScopes: HKU\S-1-5-21-3928081856-823122749-4048558740-1001 -> {7569A81D-8E91-4B4F-B6EA-B9C7F00102A6} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-17] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-02] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-02] (Oracle Corporation) BHO-x32: PCMatic AdBlocker -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll [2017-06-29] (PC Matic, LLC) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxps://files.pcpitstop.com/cab/pcmatic.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [noreply@pcpitstop.com] - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows FF Extension: (PC Matic) - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows [2017-08-03] [Legacy] FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-02] (Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://google.com/" CHR Profile: C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default [2018-06-18] CHR Extension: (Slides) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Docs) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-04] CHR Extension: (Search and Replace) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2017-12-20] CHR Extension: (YouTube) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-04] CHR Extension: (Sheets) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Google Docs Offline) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-04] CHR Extension: (WhatFont) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-11-20] CHR Extension: (Grammarly for Chrome) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-06-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08] CHR Extension: (PC Matic) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2018-04-08] CHR Extension: (Gmail) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-04] CHR Extension: (Chrome Media Router) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-04] CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [36088 2015-09-15] (Alienware) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8654504 2018-06-12] (Microsoft Corporation) S3 Dell Foundation Services; C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell) R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [36112 2015-07-02] (Alienware) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 IRMTService; c:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [181544 2015-04-30] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R3 iumsvc; c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-06] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) S3 MSIClock_CC; C:\Program Files\Alienware\OC Controls\ClockGen\MSIClockService.exe [4012496 2015-06-30] (MSI) S3 MSICOMM_CC; C:\Program Files\Alienware\OC Controls\MSICommService.exe [2122704 2015-06-30] (MSI) S3 MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\MSICPUService.exe [4173264 2015-06-30] (MSI) S3 MSICTL_CC; C:\Program Files\Alienware\OC Controls\MSIControlService.exe [2008016 2015-06-01] (MSI) S3 MSISaveLoad_CC; C:\Program Files\Alienware\OC Controls\MSISaveLoadService.exe [3964368 2015-02-09] (MSI) S3 MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\MSISMBService.exe [2066384 2015-06-30] (MSI) S3 MSIWMI_CC; C:\Program Files\Alienware\OC Controls\MSIWMIService.exe [188880 2015-08-24] (MSI) S3 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [84432 2014-12-23] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2201920 2018-06-12] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072328 2018-06-12] (Electronic Arts) S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [142264 2018-06-15] (Oculus VR, LLC) R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [480696 2018-06-15] (Oculus VR) R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [812800 2018-04-22] (PC Pitstop) R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198392 2017-06-29] (PC Pitstop LLC) S3 Product Registration; C:\Program Files\Alienware\Alienware Product Registration\PRSvc.exe [47144 2017-04-06] (Dell) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor) R2 ThermalsWindowsService; C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe [36088 2015-09-15] (Alienware) R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [346600 2017-12-23] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) R3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 3221B622; C:\WINDOWS\system32\drivers\3221B622.sys [255928 2018-06-12] (Malwarebytes) S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA) S4 flecrm; C:\WINDOWS\System32\drivers\igwad.sys [79064 2018-06-03] (Malwarebytes) R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-05-04] (LogMeIn Inc.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation) R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [24776 2014-01-23] (Intel Corporation) S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1059792 2017-07-12] (e2eSoft Corporation) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-15] (Malwarebytes) S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation) R3 NTIOLib_MSICEN; C:\Program Files\Alienware\Command Center\NTIOLib_Thermals_X64.sys [13808 2015-02-04] (MSI) S3 NTIOLib_MSICOMM_CC; C:\Program Files\Alienware\OC Controls\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIFrequency_CC; C:\Program Files\Alienware\OC Controls\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIRatio_CC; C:\Program Files\Alienware\OC Controls\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_ODD_Monitor; C:\Program Files (x86)\MSI\ODD Monitor\NTIOLib_X64.sys [13776 2014-12-23] (MSI) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_6fa5fcef104c0c27\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation) S3 OCULUSVRHEADSET; C:\WINDOWS\system32\DRIVERS\OCULUS119B.sys [1887232 2016-08-27] (OCULUS) R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2017-11-04] (Facebook Inc.) R3 OCUSBVID; C:\WINDOWS\System32\drivers\ocusbvid111.sys [69176 2016-08-26] (Oculus VR, LLC) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek ) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-03-28] (The OpenVPN Project) [File not signed] R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-06-13] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-06-13] (Zemana Ltd.) S4 kvzuwnma; System32\drivers\wingvoct.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-18 22:18 - 2018-06-18 22:18 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (2).exe 2018-06-15 13:21 - 2018-06-15 13:21 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-06-15 13:20 - 2018-06-18 22:18 - 000000000 ____D C:\ProgramData\RogueKiller 2018-06-15 13:20 - 2018-06-15 13:20 - 027075656 _____ (Adlice Software) C:\Users\Eric's Gaming PC\Downloads\RogueKiller_portable64.exe 2018-06-15 13:19 - 2018-06-15 13:19 - 000001425 _____ C:\Users\Eric's Gaming PC\Desktop\AdwCleaner[S02].txt 2018-06-15 13:09 - 2018-06-15 13:09 - 007271632 _____ (Malwarebytes) C:\Users\Eric's Gaming PC\Downloads\AdwCleaner.exe 2018-06-15 12:59 - 2018-06-15 12:59 - 000010567 _____ C:\Users\Eric's Gaming PC\Desktop\threat scan 76.txt 2018-06-14 19:40 - 2018-06-14 19:40 - 020300990 _____ C:\Users\Eric's Gaming PC\Downloads\Electra 1.0.4 (1).ipa 2018-06-14 19:18 - 2018-06-14 19:18 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iterate_GmbH 2018-06-14 19:18 - 2018-06-14 19:18 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Cyberduck 2018-06-14 19:17 - 2018-06-14 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck 2018-06-14 19:17 - 2018-06-14 19:17 - 000000000 ____D C:\Program Files (x86)\Cyberduck 2018-06-14 19:16 - 2018-06-14 19:16 - 048437304 _____ (iterate GmbH) C:\Users\Eric's Gaming PC\Downloads\Cyberduck-Installer-6.6.1.28146.exe 2018-06-14 19:16 - 2018-06-14 19:16 - 000005316 _____ C:\Users\Eric's Gaming PC\Downloads\delectra-master.zip 2018-06-13 22:49 - 2018-06-13 22:49 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\dsmxvzw 2018-06-13 22:26 - 2018-06-13 22:26 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\wiehudx 2018-06-13 22:23 - 2018-06-13 22:23 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\auicpmn 2018-06-13 20:09 - 2018-06-13 20:09 - 000000882 _____ C:\Users\Eric's Gaming PC\Downloads\Fixlog.txt 2018-06-13 20:00 - 2018-06-13 20:00 - 000001375 _____ C:\Users\Eric's Gaming PC\Downloads\1482674470_ThreatScan.txt 2018-06-13 19:57 - 2018-06-13 19:58 - 000065013 _____ C:\Users\Eric's Gaming PC\Downloads\Addition.txt 2018-06-13 19:54 - 2018-06-13 19:54 - 000001375 _____ C:\Users\Eric's Gaming PC\Desktop\Threat Scan.txt 2018-06-13 19:29 - 2018-06-18 22:22 - 000026125 _____ C:\Users\Eric's Gaming PC\Downloads\FRST.txt 2018-06-13 19:29 - 2018-06-18 22:18 - 000000000 ____D C:\FRST 2018-06-13 19:29 - 2018-06-13 19:29 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (1).exe 2018-06-13 16:27 - 2018-06-13 18:17 - 000000000 ____D C:\ProgramData\HitmanPro 2018-06-13 16:27 - 2018-06-13 16:27 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2018-06-13 16:26 - 2018-06-13 16:27 - 011609024 _____ (SurfRight B.V.) C:\Users\Eric's Gaming PC\Downloads\HitmanPro_x64.exe 2018-06-13 16:25 - 2018-06-13 16:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\atemdzg 2018-06-13 16:15 - 2018-06-13 16:17 - 000000000 ____D C:\AdwCleaner 2018-06-13 16:15 - 2018-06-13 16:15 - 007372496 _____ (Malwarebytes) C:\Users\Eric's Gaming PC\Downloads\adwcleaner_7.2.0.exe 2018-06-13 15:41 - 2018-06-18 22:22 - 033291574 _____ C:\WINDOWS\ZAM.krnl.trace 2018-06-13 15:41 - 2018-06-18 22:21 - 004392193 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2018-06-13 15:41 - 2018-06-13 15:41 - 006625600 _____ (Zemana Ltd. ) C:\Users\Eric's Gaming PC\Downloads\Zemana.AntiMalware.Setup.exe 2018-06-13 15:41 - 2018-06-13 15:41 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2018-06-13 15:41 - 2018-06-13 15:41 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2018-06-13 15:41 - 2018-06-13 15:41 - 000001179 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Zemana 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2018-06-13 15:39 - 2018-06-13 15:40 - 000002724 _____ C:\Users\Eric's Gaming PC\Desktop\Rkill.txt 2018-06-13 15:38 - 2018-06-13 15:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Eric's Gaming PC\Downloads\rkill.exe 2018-06-13 15:38 - 2018-06-13 15:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Eric's Gaming PC\Downloads\iExplore.exe 2018-06-13 07:23 - 2018-06-13 07:23 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\updnisz 2018-06-12 23:33 - 2018-06-12 23:33 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\pwahetc 2018-06-12 22:32 - 2018-06-12 22:32 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3221B622.sys 2018-06-12 22:27 - 2018-06-12 22:27 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\spnuzgo 2018-06-12 22:07 - 2018-06-15 12:40 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-06-12 22:04 - 2018-06-12 22:04 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\zaewcbk 2018-06-12 21:31 - 2018-06-12 21:31 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\sniaktl 2018-06-12 20:14 - 2018-06-12 20:14 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5912658B.sys 2018-06-12 20:12 - 2018-06-12 23:32 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-06-12 20:12 - 2018-06-12 23:23 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\mbar 2018-06-12 19:51 - 2018-06-12 19:51 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Eric's Gaming PC\Downloads\mbar-1.10.3.1001.exe 2018-06-12 19:46 - 2018-06-12 19:46 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\sbmgeit 2018-06-12 19:23 - 2018-06-12 19:23 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-06-12 19:23 - 2018-06-12 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-12 19:23 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-06-12 19:22 - 2018-06-12 19:22 - 077609632 _____ (Malwarebytes ) C:\Users\Eric's Gaming PC\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5448.exe 2018-06-12 19:17 - 2018-06-12 19:17 - 007391672 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eric's Gaming PC\Downloads\avg_antivirus_free_setup.exe 2018-06-12 19:13 - 2018-06-12 19:13 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\vsdlwao 2018-06-12 17:39 - 2018-06-12 17:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\remacix 2018-06-12 17:33 - 2018-06-12 17:33 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\csmilhn 2018-06-12 17:30 - 2018-06-12 17:30 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\nvcerus 2018-06-12 17:25 - 2018-06-12 17:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\codlube 2018-06-12 17:20 - 2018-06-12 17:20 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64.exe 2018-06-12 17:16 - 2018-06-12 17:16 - 009986176 _____ C:\Users\Eric's Gaming PC\Downloads\bitdefender_online (1).exe 2018-06-12 17:05 - 2018-06-12 17:05 - 009986176 _____ C:\Users\Eric's Gaming PC\Downloads\bitdefender_online.exe 2018-06-12 16:58 - 2018-06-12 19:57 - 000000000 ____D C:\Program Files\CCleaner 2018-06-12 16:58 - 2018-06-12 16:58 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-06-12 16:58 - 2018-06-12 16:58 - 000002892 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-06-12 16:58 - 2018-06-12 16:58 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2018-06-12 16:58 - 2018-06-12 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-06-12 16:55 - 2018-06-12 16:56 - 015835744 _____ (Piriform Ltd) C:\Users\Eric's Gaming PC\Downloads\ccsetup543pro.exe 2018-06-12 16:54 - 2018-06-12 16:56 - 172661090 _____ (alch ) C:\Users\Eric's Gaming PC\Downloads\clamwin-0.99.4-setup.exe 2018-06-12 16:42 - 2018-06-12 16:42 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\snbutwp 2018-06-12 16:16 - 2018-06-12 16:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\lmisxrt 2018-06-12 15:52 - 2018-06-12 15:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\ramhenb 2018-06-11 07:23 - 2015-01-01 04:20 - 004603904 _____ C:\Users\Eric's Gaming PC\Desktop\MOVI0001.avi 2018-06-11 07:21 - 2015-01-01 04:19 - 775028736 _____ C:\Users\Eric's Gaming PC\Desktop\MOVI0000.avi 2018-06-10 13:24 - 2018-06-10 13:24 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\usizkae 2018-06-09 11:10 - 2018-06-09 11:10 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\ninkvuz 2018-06-09 10:26 - 2018-06-09 10:26 - 003948280 _____ C:\Users\Eric's Gaming PC\Desktop\scan-1.pdn 2018-06-09 10:12 - 2018-06-09 10:12 - 001780800 _____ C:\Users\Eric's Gaming PC\Downloads\scan.zip 2018-06-09 10:08 - 2018-06-09 09:39 - 002304538 _____ C:\Users\Eric's Gaming PC\Desktop\scan.pdf 2018-06-08 20:16 - 2018-06-08 20:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\pssawer 2018-06-08 06:48 - 2018-06-14 22:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\containersvc 2018-06-06 18:11 - 2018-06-06 18:11 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-06-06 18:11 - 2018-06-06 18:11 - 000004412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-06-06 07:25 - 2018-06-06 07:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\lsnxwpm 2018-06-04 07:06 - 2018-06-04 07:06 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\nvnghow 2018-06-03 23:11 - 2018-06-03 23:11 - 000000000 ____D C:\Program Files\Malwarebytes 2018-06-03 16:45 - 2018-06-09 10:03 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iMazing 2018-06-03 16:45 - 2018-06-03 16:45 - 000001863 _____ C:\Users\Public\Desktop\iMazing.lnk 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\DigiDNA 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\ProgramData\DigiDNA 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\Program Files\DigiDNA 2018-06-03 16:44 - 2018-06-03 16:44 - 091793744 _____ (DigiDNA ) C:\Users\Eric's Gaming PC\Downloads\iMazing2forWindows.exe 2018-06-03 16:41 - 2018-06-03 16:41 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\igwad.sys 2018-06-03 10:33 - 2018-06-03 10:33 - 025569920 _____ C:\Users\Eric's Gaming PC\Downloads\GiffingTool-4.1-Buy-Later.zip 2018-06-03 10:31 - 2018-06-03 10:31 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\PlaceholderTileLogoFolder 2018-06-03 09:33 - 2018-06-03 10:36 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\DCIM 2018-06-03 09:15 - 2018-06-03 09:15 - 001782805 _____ C:\Users\Eric's Gaming PC\Desktop\White Water Park.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001664587 _____ C:\Users\Eric's Gaming PC\Desktop\Bumbly Beach.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001597022 _____ C:\Users\Eric's Gaming PC\Desktop\Dynamite Dunes.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001576196 _____ C:\Users\Eric's Gaming PC\Desktop\Leafy Lake.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001515152 _____ C:\Users\Eric's Gaming PC\Desktop\Forest Frontiers.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001295828 _____ C:\Users\Eric's Gaming PC\Desktop\Trinity Islands.sv6 2018-06-03 09:01 - 2018-06-03 09:01 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\minecraftWorlds 2018-06-03 08:41 - 2018-06-12 21:02 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-03 08:41 - 2018-06-12 21:02 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-06-03 07:49 - 2018-06-03 07:49 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\werxszd 2018-06-02 22:29 - 2018-06-15 12:59 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\wmcagent 2018-06-02 22:26 - 2018-06-14 22:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\svcpnak 2018-06-02 22:26 - 2018-06-02 22:26 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\spdzlrn 2018-06-02 22:24 - 2018-06-13 22:45 - 002888704 _____ C:\WINDOWS\system32\avcrzmwsvc.exe 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\csdphxo 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\WINDOWS\system32\csdphxo 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\et 2018-06-02 22:22 - 2018-06-05 17:25 - 000000000 ____D C:\Program Files (x86)\watering 2018-06-02 22:22 - 2018-06-05 17:25 - 000000000 ____D C:\Program Files (x86)\Quotation 2018-06-02 22:22 - 2018-06-04 06:59 - 000000000 ___HD C:\Program Files (x86)\Kung 2018-06-02 22:22 - 2018-06-04 06:55 - 000000000 ___HD C:\Program Files (x86)\elke 2018-06-02 22:22 - 2018-06-03 16:41 - 000000000 ____D C:\Program Files (x86)\woofer 2018-06-02 22:22 - 2018-06-02 22:22 - 000003836 _____ C:\WINDOWS\System32\Tasks\bonfield 2018-06-02 22:22 - 2018-06-02 22:22 - 000003832 _____ C:\WINDOWS\System32\Tasks\intercultural 2018-06-02 22:22 - 2018-06-02 22:22 - 000003730 _____ C:\WINDOWS\System32\Tasks\interculturalintercultural 2018-06-02 22:22 - 2018-06-02 22:22 - 000003724 _____ C:\WINDOWS\System32\Tasks\bonfieldbonfield 2018-06-02 22:22 - 2018-06-02 22:22 - 000000012 _____ C:\WINDOWS\b60062418 2018-06-02 22:22 - 2018-06-02 22:22 - 000000000 ____D C:\Program Files (x86)\Cyclists 2018-06-02 22:21 - 2018-06-03 07:53 - 000000000 ____D C:\Users\Eric's Gaming PC\Documents\Chameleon files 2018-06-02 22:21 - 2018-06-02 22:21 - 000003434 _____ C:\WINDOWS\System32\Tasks\Chameleon Monitor-startup-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000003038 _____ C:\WINDOWS\System32\Tasks\Chameleon Task Manager-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000003034 _____ C:\WINDOWS\System32\Tasks\Chameleon Monitor-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chameleon Task Manager 2018-06-02 22:21 - 2018-06-02 22:21 - 000000000 ____D C:\Program Files (x86)\Chameleon Task Manager 2018-06-02 22:20 - 2018-06-02 22:20 - 000554039 _____ C:\Users\Eric's Gaming PC\Downloads\PhoneRescue 370 Crack Plus License Code Free.zip 2018-06-02 22:07 - 2018-06-02 22:07 - 001038232 _____ (iMobie Inc.) C:\Users\Eric's Gaming PC\Downloads\phonerescue-ios-setup.exe 2018-06-02 22:07 - 2018-06-02 22:07 - 000001193 _____ C:\Users\Public\Desktop\PhoneRescue.lnk 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iMobie 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\iMobie_Inc 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Program Files (x86)\iMobie 2018-06-02 22:05 - 2018-06-02 22:05 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\imyfoneSet 2018-06-02 22:04 - 2018-06-02 22:04 - 000001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone D-Port Pro.lnk 2018-06-02 22:04 - 2018-06-02 22:04 - 000001239 _____ C:\Users\Public\Desktop\iMyFone D-Port Pro.lnk 2018-06-02 22:04 - 2018-06-02 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone 2018-06-02 22:04 - 2018-06-02 22:04 - 000000000 ____D C:\Program Files (x86)\iMyFone 2018-06-02 22:01 - 2018-06-02 22:04 - 036314573 _____ C:\Users\Eric's Gaming PC\Downloads\iMyFone D-Port Pro 3.0.0.29 Full Version - HaxOff.Net.rar 2018-06-02 21:52 - 2018-06-02 21:52 - 000001357 _____ C:\Users\Eric's Gaming PC\Desktop\iPhone Backup Extractor.lnk 2018-06-02 21:52 - 2018-06-02 21:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Reincubate 2018-06-02 21:52 - 2018-06-02 21:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate 2018-06-02 21:51 - 2018-06-02 21:51 - 023133416 _____ (Reincubate Ltd) C:\Users\Eric's Gaming PC\Downloads\iphonebackupextractor-latest (1).exe 2018-06-02 21:16 - 2018-06-02 21:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Reincubate Temporary Files 2018-06-02 21:11 - 2018-06-02 21:11 - 022392040 _____ (Reincubate Ltd) C:\Users\Eric's Gaming PC\Downloads\iphonebackupextractor-latest.exe 2018-06-02 12:25 - 2018-05-04 05:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe 2018-06-02 12:16 - 2018-06-02 12:16 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk 2018-06-02 12:16 - 2018-06-02 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-06-02 12:16 - 2018-06-02 12:16 - 000000000 ____D C:\Program Files\iPod 2018-06-02 12:15 - 2018-06-02 12:16 - 000000000 ____D C:\Program Files\iTunes 2018-06-02 12:00 - 2018-06-02 12:01 - 272259912 _____ (Apple Inc.) C:\Users\Eric's Gaming PC\Downloads\iTunes64Setup.exe 2018-06-02 11:58 - 2018-06-02 12:01 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\iTunes 2018-06-01 19:52 - 2018-06-01 20:04 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\x backup 11.1 2018-06-01 16:45 - 2018-06-01 16:52 - 2975229435 _____ C:\Users\Eric's Gaming PC\Downloads\iPhone10,3,iPhone10,6_11.3.1_15E302_Restore.ipsw 2018-05-31 20:20 - 2018-05-31 20:20 - 000027169 _____ C:\Users\Eric's Gaming PC\Downloads\3999615355580334_iPhone10,3_d22ap_11.4-15F79_63ed7f4745eb337a30a994a246815c2d901f68ef4e4b97db6f1cfa0bc396213c.shsh2 2018-05-29 20:08 - 2018-05-29 20:08 - 015271600 _____ C:\Users\Eric's Gaming PC\Downloads\lockpluspro.deb 2018-05-24 13:38 - 2018-05-25 05:05 - 002478236 _____ C:\Users\Eric's Gaming PC\Desktop\IMG_8720.MOV 2018-05-24 13:27 - 2018-05-25 05:05 - 002760824 _____ C:\Users\Eric's Gaming PC\Desktop\IMG_8721.MOV 2018-05-23 21:28 - 2018-05-23 21:28 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter (2).pdf 2018-05-23 21:27 - 2018-05-23 21:27 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter (1).pdf 2018-05-23 21:12 - 2018-05-23 21:12 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-18 22:21 - 2017-08-03 21:14 - 000000000 ____D C:\ProgramData\PCPitstopDat 2018-06-18 22:21 - 2016-05-03 20:00 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Oculus 2018-06-18 22:18 - 2018-01-31 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-06-18 22:18 - 2016-05-03 20:07 - 000000000 ____D C:\Program Files\Oculus 2018-06-18 18:20 - 2018-01-31 18:09 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9A2CEBC-0AF0-4D22-AFCF-27F4D819A010} 2018-06-18 17:18 - 2017-09-22 10:20 - 000000000 ____D C:\Program Files (x86)\Origin 2018-06-18 12:25 - 2017-07-12 23:18 - 000000000 ____D C:\ProgramData\NVIDIA 2018-06-18 00:03 - 2017-08-03 20:41 - 000000000 ____D C:\ProgramData\PCPitstop 2018-06-17 12:18 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-06-17 12:15 - 2017-09-29 09:44 - 000000000 ____D C:\WINDOWS\INF 2018-06-17 12:14 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-06-17 12:14 - 2016-03-31 08:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-06-15 15:28 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-15 15:28 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-06-15 14:08 - 2015-10-30 03:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-06-14 19:39 - 2018-01-22 19:59 - 000000600 _____ C:\Users\Eric's Gaming PC\AppData\Roaming\winscp.rnd 2018-06-14 19:17 - 2016-03-31 08:27 - 000000000 ____D C:\ProgramData\Package Cache 2018-06-14 19:14 - 2016-03-31 08:37 - 000000000 ____D C:\MSI 2018-06-14 19:13 - 2016-05-03 21:48 - 000000000 __SHD C:\Users\Eric's Gaming PC\IntelGraphicsProfiles 2018-06-14 19:12 - 2018-01-31 18:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-06-14 18:35 - 2017-09-29 04:45 - 027262976 _____ C:\WINDOWS\system32\config\HARDWARE 2018-06-14 18:35 - 2017-09-29 04:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-06-14 16:21 - 2018-03-08 18:35 - 019304283 _____ C:\Users\Eric's Gaming PC\Downloads\Impactor_0.9.44.zip 2018-06-14 16:21 - 2016-05-04 16:19 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\CrashDumps 2018-06-12 20:14 - 2016-05-14 22:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-12 20:07 - 2017-01-28 18:13 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\uTorrent 2018-06-12 20:07 - 2016-03-31 08:38 - 000000000 ____D C:\Program Files (x86)\Steam 2018-06-12 20:05 - 2018-01-22 14:59 - 000000000 ___DC C:\WINDOWS\Panther 2018-06-12 20:05 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-06-12 18:15 - 2016-05-04 16:05 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-06-12 18:11 - 2017-10-11 09:33 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-06-12 18:11 - 2016-05-04 16:05 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-06-10 13:08 - 2018-01-31 18:04 - 001246378 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-06-07 14:24 - 2017-09-29 09:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-06-06 18:11 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-06-06 18:11 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-06-05 19:24 - 2018-04-13 17:36 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-06-05 19:24 - 2018-04-13 17:36 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-06-03 23:11 - 2016-05-14 22:10 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2018-06-03 16:41 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\ModemLogs 2018-06-03 10:31 - 2018-01-31 17:53 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Packages 2018-06-03 08:41 - 2018-01-31 18:09 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-06-03 08:41 - 2018-01-31 18:09 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-06-03 08:41 - 2016-05-04 16:16 - 000000000 ____D C:\Program Files (x86)\Google 2018-06-03 00:57 - 2018-01-31 18:08 - 000032388 _____ C:\WINDOWS\diagwrn.xml 2018-06-03 00:57 - 2018-01-31 18:08 - 000032388 _____ C:\WINDOWS\diagerr.xml 2018-06-02 23:48 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\Registration 2018-06-02 23:47 - 2018-04-12 06:19 - 000000000 ___HD C:\$WINDOWS.~BT 2018-06-02 13:13 - 2017-10-17 21:46 - 000000000 ____D C:\Program Files\Java 2018-06-02 13:13 - 2016-05-04 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-06-02 13:12 - 2017-10-17 21:47 - 000111048 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2018-05-23 18:57 - 2017-09-22 10:20 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Origin ==================== Files in the root of some directories ======= 2016-06-02 15:44 - 2016-10-23 13:04 - 000000030 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\alsoft.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000129 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\Camdata.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000408 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamLayout.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000408 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamShapes.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000004583 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamStudio.cfg 2017-01-11 17:00 - 2017-02-19 00:03 - 005520256 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\MyTest.gcode 2017-02-17 17:05 - 2017-02-19 00:04 - 000006380 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\MyTest.json 2017-01-14 08:39 - 2017-02-17 17:11 - 000000044 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\temp.ree 2018-03-25 15:59 - 2018-04-28 19:02 - 000000096 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\version2.xml 2018-01-22 19:59 - 2018-06-14 19:39 - 000000600 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\winscp.rnd 2018-01-22 19:01 - 2018-01-22 19:01 - 000000600 _____ () C:\Users\Eric's Gaming PC\AppData\Local\PUTTY.RND 2018-01-07 00:12 - 2018-02-04 15:10 - 000007601 _____ () C:\Users\Eric's Gaming PC\AppData\Local\Resmon.ResmonCfg 2017-04-06 17:43 - 2017-04-06 17:43 - 000000552 _____ () C:\Users\Eric's Gaming PC\AppData\Local\TroubleshooterConfig.json Some files in TEMP: ==================== 2018-06-15 13:20 - 2018-03-13 03:02 - 001954048 ____N (Microsoft Corporation) C:\Users\Eric's Gaming PC\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-06-13 11:18 ==================== End of FRST.txt ============================
-
RougeKiller Log RogueKiller V12.12.21.0 (x64) [Jun 11 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Eric's Gaming PC [Administrator] Started from : C:\Users\Eric's Gaming PC\Downloads\RogueKiller_portable64.exe Mode : Delete -- Date : 06/15/2018 13:21:10 (Duration : 00:47:38) ¤¤¤ Processes : 1 ¤¤¤ [VT.Unknown] democratize.exe(10632) -- C:\Program Files (x86)\Cyclists\democratize.exe[-] -> Killed [TermProc] ¤¤¤ Registry : 7 ¤¤¤ [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Deleted [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell15.msn.com/?pc=DCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell15.msn.com/?pc=DCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell15.msn.com/?pc=DCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell15.msn.com/?pc=DCTE -> Not selected [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d970b658-6589-4a46-89be-b3fa15debdc9} | DhcpNameServer : 172.20.10.1 ([]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{da20e825-b4f5-4a89-8678-d26fb2d4d0ec} | DhcpNameServer : 10.13.109.99 ([]) -> Replaced () ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST1000DM003-1SB102 +++++ --- User --- [MBR] f134cb00595d0cb90535b679b75f1e5f [BSP] b8e45f054339396ae197b95f475a4ee9 : Empty|VT.Unknown MBR Code Partition table: 0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB 1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB 2 - Basic data partition | Offset (sectors): 1288192 | Size: 940550 MB 3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1927534592 | Size: 450 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1928456192 | Size: 12240 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Generic Flash Disk USB Device +++++ --- User --- [MBR] d9516da678a1d00f5c698e0e09f8a881 [BSP] a95ec4515f12d48cb7774c1f55ad32af : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 128 | Size: 1989 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) AdwCleaner[S02].txt