Jump to content

Ginsyberg

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hey, aura! Just did the fix, and the popup says: "" Fix completed. "Fixlog.txt" is saved in the same directory FRST is located The computer needs a restart. Please close all open windows. You will not get a notification from the tool after restart. Click OK to restart. "" Do I restart the PC or no??
  2. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01 Ran by Eric's Gaming PC (administrator) on DESKTOP-KPHM1QA (18-06-2018 22:18:46) Running from C:\Users\Eric's Gaming PC\Downloads Loaded Profiles: Eric's Gaming PC & PCPitstopSVC & OVRLibraryService (Available Profiles: Eric's Gaming PC & PCPitstopSVC & OVRLibraryService) Platform: Windows 10 Home Version 1709 16299.371 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHDCPSvc.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHeciSvc.exe (PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\wallpaper32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxEM.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Steam\SteamApps\common\wallpaper_engine\bin\webwallpaper32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe () C:\Program Files (x86)\Cyclists\democratize.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe () C:\Program Files (x86)\Cyclists\democratize.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Oculus VR, LLC) C:\Program Files\Oculus\Support\oculus-librarian\OVRLibrarian.exe (Oculus VR, LLC) C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8498392 2015-07-13] (Realtek Semiconductor) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [35576 2015-09-15] (Alienware) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2116352 2018-04-22] (PC Pitstop) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27822536 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [Chameleon System Monitor] => c:\program files (x86)\common files\Chameleon Manager\monitor.exe [8105088 2017-09-09] (NeoSoft Tools) HKU\S-1-5-21-3928081856-823122749-4048558740-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd) HKU\S-1-5-21-3928081856-823122749-4048558740-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{64aa054e-f721-4e02-b1bc-a9ad84101bd5}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKU\S-1-5-21-3928081856-823122749-4048558740-1001 -> DefaultScope {7569A81D-8E91-4B4F-B6EA-B9C7F00102A6} URL = SearchScopes: HKU\S-1-5-21-3928081856-823122749-4048558740-1001 -> {7569A81D-8E91-4B4F-B6EA-B9C7F00102A6} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-17] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-02] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-02] (Oracle Corporation) BHO-x32: PCMatic AdBlocker -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll [2017-06-29] (PC Matic, LLC) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxps://files.pcpitstop.com/cab/pcmatic.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-09] (Microsoft Corporation) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [noreply@pcpitstop.com] - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows FF Extension: (PC Matic) - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows [2017-08-03] [Legacy] FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-02] (Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://google.com/" CHR Profile: C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default [2018-06-18] CHR Extension: (Slides) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15] CHR Extension: (Docs) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-04] CHR Extension: (Search and Replace) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2017-12-20] CHR Extension: (YouTube) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-04] CHR Extension: (Sheets) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15] CHR Extension: (Google Docs Offline) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-04] CHR Extension: (WhatFont) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-11-20] CHR Extension: (Grammarly for Chrome) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-06-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08] CHR Extension: (PC Matic) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2018-04-08] CHR Extension: (Gmail) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-04] CHR Extension: (Chrome Media Router) - C:\Users\Eric's Gaming PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-04] CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [36088 2015-09-15] (Alienware) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8654504 2018-06-12] (Microsoft Corporation) S3 Dell Foundation Services; C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell) R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [36112 2015-07-02] (Alienware) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 IRMTService; c:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [181544 2015-04-30] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R3 iumsvc; c:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-06] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) S3 MSIClock_CC; C:\Program Files\Alienware\OC Controls\ClockGen\MSIClockService.exe [4012496 2015-06-30] (MSI) S3 MSICOMM_CC; C:\Program Files\Alienware\OC Controls\MSICommService.exe [2122704 2015-06-30] (MSI) S3 MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\MSICPUService.exe [4173264 2015-06-30] (MSI) S3 MSICTL_CC; C:\Program Files\Alienware\OC Controls\MSIControlService.exe [2008016 2015-06-01] (MSI) S3 MSISaveLoad_CC; C:\Program Files\Alienware\OC Controls\MSISaveLoadService.exe [3964368 2015-02-09] (MSI) S3 MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\MSISMBService.exe [2066384 2015-06-30] (MSI) S3 MSIWMI_CC; C:\Program Files\Alienware\OC Controls\MSIWMIService.exe [188880 2015-08-24] (MSI) S3 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [84432 2014-12-23] (MSI) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2201920 2018-06-12] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072328 2018-06-12] (Electronic Arts) S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [142264 2018-06-15] (Oculus VR, LLC) R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [480696 2018-06-15] (Oculus VR) R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [812800 2018-04-22] (PC Pitstop) R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198392 2017-06-29] (PC Pitstop LLC) S3 Product Registration; C:\Program Files\Alienware\Alienware Product Registration\PRSvc.exe [47144 2017-04-06] (Dell) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor) R2 ThermalsWindowsService; C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe [36088 2015-09-15] (Alienware) R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [346600 2017-12-23] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) R3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 3221B622; C:\WINDOWS\system32\drivers\3221B622.sys [255928 2018-06-12] (Malwarebytes) S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA) S4 flecrm; C:\WINDOWS\System32\drivers\igwad.sys [79064 2018-06-03] (Malwarebytes) R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-05-04] (LogMeIn Inc.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation) R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [24776 2014-01-23] (Intel Corporation) S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1059792 2017-07-12] (e2eSoft Corporation) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-15] (Malwarebytes) S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation) R3 NTIOLib_MSICEN; C:\Program Files\Alienware\Command Center\NTIOLib_Thermals_X64.sys [13808 2015-02-04] (MSI) S3 NTIOLib_MSICOMM_CC; C:\Program Files\Alienware\OC Controls\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIFrequency_CC; C:\Program Files\Alienware\OC Controls\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSIRatio_CC; C:\Program Files\Alienware\OC Controls\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI) S3 NTIOLib_MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI) S3 NTIOLib_ODD_Monitor; C:\Program Files (x86)\MSI\ODD Monitor\NTIOLib_X64.sys [13776 2014-12-23] (MSI) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvddi.inf_amd64_6fa5fcef104c0c27\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation) S3 OCULUSVRHEADSET; C:\WINDOWS\system32\DRIVERS\OCULUS119B.sys [1887232 2016-08-27] (OCULUS) R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2017-11-04] (Facebook Inc.) R3 OCUSBVID; C:\WINDOWS\System32\drivers\ocusbvid111.sys [69176 2016-08-26] (Oculus VR, LLC) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek ) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-03-28] (The OpenVPN Project) [File not signed] R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-06-13] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-06-13] (Zemana Ltd.) S4 kvzuwnma; System32\drivers\wingvoct.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-18 22:18 - 2018-06-18 22:18 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (2).exe 2018-06-15 13:21 - 2018-06-15 13:21 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-06-15 13:20 - 2018-06-18 22:18 - 000000000 ____D C:\ProgramData\RogueKiller 2018-06-15 13:20 - 2018-06-15 13:20 - 027075656 _____ (Adlice Software) C:\Users\Eric's Gaming PC\Downloads\RogueKiller_portable64.exe 2018-06-15 13:19 - 2018-06-15 13:19 - 000001425 _____ C:\Users\Eric's Gaming PC\Desktop\AdwCleaner[S02].txt 2018-06-15 13:09 - 2018-06-15 13:09 - 007271632 _____ (Malwarebytes) C:\Users\Eric's Gaming PC\Downloads\AdwCleaner.exe 2018-06-15 12:59 - 2018-06-15 12:59 - 000010567 _____ C:\Users\Eric's Gaming PC\Desktop\threat scan 76.txt 2018-06-14 19:40 - 2018-06-14 19:40 - 020300990 _____ C:\Users\Eric's Gaming PC\Downloads\Electra 1.0.4 (1).ipa 2018-06-14 19:18 - 2018-06-14 19:18 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iterate_GmbH 2018-06-14 19:18 - 2018-06-14 19:18 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Cyberduck 2018-06-14 19:17 - 2018-06-14 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck 2018-06-14 19:17 - 2018-06-14 19:17 - 000000000 ____D C:\Program Files (x86)\Cyberduck 2018-06-14 19:16 - 2018-06-14 19:16 - 048437304 _____ (iterate GmbH) C:\Users\Eric's Gaming PC\Downloads\Cyberduck-Installer-6.6.1.28146.exe 2018-06-14 19:16 - 2018-06-14 19:16 - 000005316 _____ C:\Users\Eric's Gaming PC\Downloads\delectra-master.zip 2018-06-13 22:49 - 2018-06-13 22:49 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\dsmxvzw 2018-06-13 22:26 - 2018-06-13 22:26 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\wiehudx 2018-06-13 22:23 - 2018-06-13 22:23 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\auicpmn 2018-06-13 20:09 - 2018-06-13 20:09 - 000000882 _____ C:\Users\Eric's Gaming PC\Downloads\Fixlog.txt 2018-06-13 20:00 - 2018-06-13 20:00 - 000001375 _____ C:\Users\Eric's Gaming PC\Downloads\1482674470_ThreatScan.txt 2018-06-13 19:57 - 2018-06-13 19:58 - 000065013 _____ C:\Users\Eric's Gaming PC\Downloads\Addition.txt 2018-06-13 19:54 - 2018-06-13 19:54 - 000001375 _____ C:\Users\Eric's Gaming PC\Desktop\Threat Scan.txt 2018-06-13 19:29 - 2018-06-18 22:22 - 000026125 _____ C:\Users\Eric's Gaming PC\Downloads\FRST.txt 2018-06-13 19:29 - 2018-06-18 22:18 - 000000000 ____D C:\FRST 2018-06-13 19:29 - 2018-06-13 19:29 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64 (1).exe 2018-06-13 16:27 - 2018-06-13 18:17 - 000000000 ____D C:\ProgramData\HitmanPro 2018-06-13 16:27 - 2018-06-13 16:27 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2018-06-13 16:26 - 2018-06-13 16:27 - 011609024 _____ (SurfRight B.V.) C:\Users\Eric's Gaming PC\Downloads\HitmanPro_x64.exe 2018-06-13 16:25 - 2018-06-13 16:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\atemdzg 2018-06-13 16:15 - 2018-06-13 16:17 - 000000000 ____D C:\AdwCleaner 2018-06-13 16:15 - 2018-06-13 16:15 - 007372496 _____ (Malwarebytes) C:\Users\Eric's Gaming PC\Downloads\adwcleaner_7.2.0.exe 2018-06-13 15:41 - 2018-06-18 22:22 - 033291574 _____ C:\WINDOWS\ZAM.krnl.trace 2018-06-13 15:41 - 2018-06-18 22:21 - 004392193 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2018-06-13 15:41 - 2018-06-13 15:41 - 006625600 _____ (Zemana Ltd. ) C:\Users\Eric's Gaming PC\Downloads\Zemana.AntiMalware.Setup.exe 2018-06-13 15:41 - 2018-06-13 15:41 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2018-06-13 15:41 - 2018-06-13 15:41 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2018-06-13 15:41 - 2018-06-13 15:41 - 000001179 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Zemana 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2018-06-13 15:41 - 2018-06-13 15:41 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2018-06-13 15:39 - 2018-06-13 15:40 - 000002724 _____ C:\Users\Eric's Gaming PC\Desktop\Rkill.txt 2018-06-13 15:38 - 2018-06-13 15:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Eric's Gaming PC\Downloads\rkill.exe 2018-06-13 15:38 - 2018-06-13 15:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Eric's Gaming PC\Downloads\iExplore.exe 2018-06-13 07:23 - 2018-06-13 07:23 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\updnisz 2018-06-12 23:33 - 2018-06-12 23:33 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\pwahetc 2018-06-12 22:32 - 2018-06-12 22:32 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3221B622.sys 2018-06-12 22:27 - 2018-06-12 22:27 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\spnuzgo 2018-06-12 22:07 - 2018-06-15 12:40 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-06-12 22:04 - 2018-06-12 22:04 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\zaewcbk 2018-06-12 21:31 - 2018-06-12 21:31 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\sniaktl 2018-06-12 20:14 - 2018-06-12 20:14 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5912658B.sys 2018-06-12 20:12 - 2018-06-12 23:32 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-06-12 20:12 - 2018-06-12 23:23 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\mbar 2018-06-12 19:51 - 2018-06-12 19:51 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Eric's Gaming PC\Downloads\mbar-1.10.3.1001.exe 2018-06-12 19:46 - 2018-06-12 19:46 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\sbmgeit 2018-06-12 19:23 - 2018-06-12 19:23 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-06-12 19:23 - 2018-06-12 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-12 19:23 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-06-12 19:22 - 2018-06-12 19:22 - 077609632 _____ (Malwarebytes ) C:\Users\Eric's Gaming PC\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5448.exe 2018-06-12 19:17 - 2018-06-12 19:17 - 007391672 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Eric's Gaming PC\Downloads\avg_antivirus_free_setup.exe 2018-06-12 19:13 - 2018-06-12 19:13 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\vsdlwao 2018-06-12 17:39 - 2018-06-12 17:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\remacix 2018-06-12 17:33 - 2018-06-12 17:33 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\csmilhn 2018-06-12 17:30 - 2018-06-12 17:30 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\nvcerus 2018-06-12 17:25 - 2018-06-12 17:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\codlube 2018-06-12 17:20 - 2018-06-12 17:20 - 002413056 _____ (Farbar) C:\Users\Eric's Gaming PC\Downloads\FRST64.exe 2018-06-12 17:16 - 2018-06-12 17:16 - 009986176 _____ C:\Users\Eric's Gaming PC\Downloads\bitdefender_online (1).exe 2018-06-12 17:05 - 2018-06-12 17:05 - 009986176 _____ C:\Users\Eric's Gaming PC\Downloads\bitdefender_online.exe 2018-06-12 16:58 - 2018-06-12 19:57 - 000000000 ____D C:\Program Files\CCleaner 2018-06-12 16:58 - 2018-06-12 16:58 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-06-12 16:58 - 2018-06-12 16:58 - 000002892 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-06-12 16:58 - 2018-06-12 16:58 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2018-06-12 16:58 - 2018-06-12 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-06-12 16:55 - 2018-06-12 16:56 - 015835744 _____ (Piriform Ltd) C:\Users\Eric's Gaming PC\Downloads\ccsetup543pro.exe 2018-06-12 16:54 - 2018-06-12 16:56 - 172661090 _____ (alch ) C:\Users\Eric's Gaming PC\Downloads\clamwin-0.99.4-setup.exe 2018-06-12 16:42 - 2018-06-12 16:42 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\snbutwp 2018-06-12 16:16 - 2018-06-12 16:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\lmisxrt 2018-06-12 15:52 - 2018-06-12 15:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\ramhenb 2018-06-11 07:23 - 2015-01-01 04:20 - 004603904 _____ C:\Users\Eric's Gaming PC\Desktop\MOVI0001.avi 2018-06-11 07:21 - 2015-01-01 04:19 - 775028736 _____ C:\Users\Eric's Gaming PC\Desktop\MOVI0000.avi 2018-06-10 13:24 - 2018-06-10 13:24 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\usizkae 2018-06-09 11:10 - 2018-06-09 11:10 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\ninkvuz 2018-06-09 10:26 - 2018-06-09 10:26 - 003948280 _____ C:\Users\Eric's Gaming PC\Desktop\scan-1.pdn 2018-06-09 10:12 - 2018-06-09 10:12 - 001780800 _____ C:\Users\Eric's Gaming PC\Downloads\scan.zip 2018-06-09 10:08 - 2018-06-09 09:39 - 002304538 _____ C:\Users\Eric's Gaming PC\Desktop\scan.pdf 2018-06-08 20:16 - 2018-06-08 20:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\pssawer 2018-06-08 06:48 - 2018-06-14 22:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\containersvc 2018-06-06 18:11 - 2018-06-06 18:11 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-06-06 18:11 - 2018-06-06 18:11 - 000004412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-06-06 07:25 - 2018-06-06 07:25 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\lsnxwpm 2018-06-04 07:06 - 2018-06-04 07:06 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\nvnghow 2018-06-03 23:11 - 2018-06-03 23:11 - 000000000 ____D C:\Program Files\Malwarebytes 2018-06-03 16:45 - 2018-06-09 10:03 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iMazing 2018-06-03 16:45 - 2018-06-03 16:45 - 000001863 _____ C:\Users\Public\Desktop\iMazing.lnk 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\DigiDNA 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\ProgramData\DigiDNA 2018-06-03 16:45 - 2018-06-03 16:45 - 000000000 ____D C:\Program Files\DigiDNA 2018-06-03 16:44 - 2018-06-03 16:44 - 091793744 _____ (DigiDNA ) C:\Users\Eric's Gaming PC\Downloads\iMazing2forWindows.exe 2018-06-03 16:41 - 2018-06-03 16:41 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\igwad.sys 2018-06-03 10:33 - 2018-06-03 10:33 - 025569920 _____ C:\Users\Eric's Gaming PC\Downloads\GiffingTool-4.1-Buy-Later.zip 2018-06-03 10:31 - 2018-06-03 10:31 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\PlaceholderTileLogoFolder 2018-06-03 09:33 - 2018-06-03 10:36 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\DCIM 2018-06-03 09:15 - 2018-06-03 09:15 - 001782805 _____ C:\Users\Eric's Gaming PC\Desktop\White Water Park.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001664587 _____ C:\Users\Eric's Gaming PC\Desktop\Bumbly Beach.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001597022 _____ C:\Users\Eric's Gaming PC\Desktop\Dynamite Dunes.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001576196 _____ C:\Users\Eric's Gaming PC\Desktop\Leafy Lake.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001515152 _____ C:\Users\Eric's Gaming PC\Desktop\Forest Frontiers.sv6 2018-06-03 09:15 - 2018-06-03 09:15 - 001295828 _____ C:\Users\Eric's Gaming PC\Desktop\Trinity Islands.sv6 2018-06-03 09:01 - 2018-06-03 09:01 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\minecraftWorlds 2018-06-03 08:41 - 2018-06-12 21:02 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-03 08:41 - 2018-06-12 21:02 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-06-03 07:49 - 2018-06-03 07:49 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\werxszd 2018-06-02 22:29 - 2018-06-15 12:59 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\wmcagent 2018-06-02 22:26 - 2018-06-14 22:39 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\svcpnak 2018-06-02 22:26 - 2018-06-02 22:26 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\spdzlrn 2018-06-02 22:24 - 2018-06-13 22:45 - 002888704 _____ C:\WINDOWS\system32\avcrzmwsvc.exe 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\csdphxo 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\WINDOWS\system32\csdphxo 2018-06-02 22:24 - 2018-06-02 22:24 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\et 2018-06-02 22:22 - 2018-06-05 17:25 - 000000000 ____D C:\Program Files (x86)\watering 2018-06-02 22:22 - 2018-06-05 17:25 - 000000000 ____D C:\Program Files (x86)\Quotation 2018-06-02 22:22 - 2018-06-04 06:59 - 000000000 ___HD C:\Program Files (x86)\Kung 2018-06-02 22:22 - 2018-06-04 06:55 - 000000000 ___HD C:\Program Files (x86)\elke 2018-06-02 22:22 - 2018-06-03 16:41 - 000000000 ____D C:\Program Files (x86)\woofer 2018-06-02 22:22 - 2018-06-02 22:22 - 000003836 _____ C:\WINDOWS\System32\Tasks\bonfield 2018-06-02 22:22 - 2018-06-02 22:22 - 000003832 _____ C:\WINDOWS\System32\Tasks\intercultural 2018-06-02 22:22 - 2018-06-02 22:22 - 000003730 _____ C:\WINDOWS\System32\Tasks\interculturalintercultural 2018-06-02 22:22 - 2018-06-02 22:22 - 000003724 _____ C:\WINDOWS\System32\Tasks\bonfieldbonfield 2018-06-02 22:22 - 2018-06-02 22:22 - 000000012 _____ C:\WINDOWS\b60062418 2018-06-02 22:22 - 2018-06-02 22:22 - 000000000 ____D C:\Program Files (x86)\Cyclists 2018-06-02 22:21 - 2018-06-03 07:53 - 000000000 ____D C:\Users\Eric's Gaming PC\Documents\Chameleon files 2018-06-02 22:21 - 2018-06-02 22:21 - 000003434 _____ C:\WINDOWS\System32\Tasks\Chameleon Monitor-startup-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000003038 _____ C:\WINDOWS\System32\Tasks\Chameleon Task Manager-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000003034 _____ C:\WINDOWS\System32\Tasks\Chameleon Monitor-Eric's Gaming PC 2018-06-02 22:21 - 2018-06-02 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chameleon Task Manager 2018-06-02 22:21 - 2018-06-02 22:21 - 000000000 ____D C:\Program Files (x86)\Chameleon Task Manager 2018-06-02 22:20 - 2018-06-02 22:20 - 000554039 _____ C:\Users\Eric's Gaming PC\Downloads\PhoneRescue 370 Crack Plus License Code Free.zip 2018-06-02 22:07 - 2018-06-02 22:07 - 001038232 _____ (iMobie Inc.) C:\Users\Eric's Gaming PC\Downloads\phonerescue-ios-setup.exe 2018-06-02 22:07 - 2018-06-02 22:07 - 000001193 _____ C:\Users\Public\Desktop\PhoneRescue.lnk 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\iMobie 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\iMobie_Inc 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2018-06-02 22:07 - 2018-06-02 22:07 - 000000000 ____D C:\Program Files (x86)\iMobie 2018-06-02 22:05 - 2018-06-02 22:05 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\imyfoneSet 2018-06-02 22:04 - 2018-06-02 22:04 - 000001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone D-Port Pro.lnk 2018-06-02 22:04 - 2018-06-02 22:04 - 000001239 _____ C:\Users\Public\Desktop\iMyFone D-Port Pro.lnk 2018-06-02 22:04 - 2018-06-02 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone 2018-06-02 22:04 - 2018-06-02 22:04 - 000000000 ____D C:\Program Files (x86)\iMyFone 2018-06-02 22:01 - 2018-06-02 22:04 - 036314573 _____ C:\Users\Eric's Gaming PC\Downloads\iMyFone D-Port Pro 3.0.0.29 Full Version - HaxOff.Net.rar 2018-06-02 21:52 - 2018-06-02 21:52 - 000001357 _____ C:\Users\Eric's Gaming PC\Desktop\iPhone Backup Extractor.lnk 2018-06-02 21:52 - 2018-06-02 21:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Reincubate 2018-06-02 21:52 - 2018-06-02 21:52 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate 2018-06-02 21:51 - 2018-06-02 21:51 - 023133416 _____ (Reincubate Ltd) C:\Users\Eric's Gaming PC\Downloads\iphonebackupextractor-latest (1).exe 2018-06-02 21:16 - 2018-06-02 21:16 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Reincubate Temporary Files 2018-06-02 21:11 - 2018-06-02 21:11 - 022392040 _____ (Reincubate Ltd) C:\Users\Eric's Gaming PC\Downloads\iphonebackupextractor-latest.exe 2018-06-02 12:25 - 2018-05-04 05:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe 2018-06-02 12:16 - 2018-06-02 12:16 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk 2018-06-02 12:16 - 2018-06-02 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-06-02 12:16 - 2018-06-02 12:16 - 000000000 ____D C:\Program Files\iPod 2018-06-02 12:15 - 2018-06-02 12:16 - 000000000 ____D C:\Program Files\iTunes 2018-06-02 12:00 - 2018-06-02 12:01 - 272259912 _____ (Apple Inc.) C:\Users\Eric's Gaming PC\Downloads\iTunes64Setup.exe 2018-06-02 11:58 - 2018-06-02 12:01 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\iTunes 2018-06-01 19:52 - 2018-06-01 20:04 - 000000000 ____D C:\Users\Eric's Gaming PC\Desktop\x backup 11.1 2018-06-01 16:45 - 2018-06-01 16:52 - 2975229435 _____ C:\Users\Eric's Gaming PC\Downloads\iPhone10,3,iPhone10,6_11.3.1_15E302_Restore.ipsw 2018-05-31 20:20 - 2018-05-31 20:20 - 000027169 _____ C:\Users\Eric's Gaming PC\Downloads\3999615355580334_iPhone10,3_d22ap_11.4-15F79_63ed7f4745eb337a30a994a246815c2d901f68ef4e4b97db6f1cfa0bc396213c.shsh2 2018-05-29 20:08 - 2018-05-29 20:08 - 015271600 _____ C:\Users\Eric's Gaming PC\Downloads\lockpluspro.deb 2018-05-24 13:38 - 2018-05-25 05:05 - 002478236 _____ C:\Users\Eric's Gaming PC\Desktop\IMG_8720.MOV 2018-05-24 13:27 - 2018-05-25 05:05 - 002760824 _____ C:\Users\Eric's Gaming PC\Desktop\IMG_8721.MOV 2018-05-23 21:28 - 2018-05-23 21:28 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter (2).pdf 2018-05-23 21:27 - 2018-05-23 21:27 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter (1).pdf 2018-05-23 21:12 - 2018-05-23 21:12 - 000160060 _____ C:\Users\Eric's Gaming PC\Downloads\2018_All_ATHLETIC_incl_DMVOutdoor_Adv_Specialists_letter.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-18 22:21 - 2017-08-03 21:14 - 000000000 ____D C:\ProgramData\PCPitstopDat 2018-06-18 22:21 - 2016-05-03 20:00 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Oculus 2018-06-18 22:18 - 2018-01-31 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-06-18 22:18 - 2016-05-03 20:07 - 000000000 ____D C:\Program Files\Oculus 2018-06-18 18:20 - 2018-01-31 18:09 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B9A2CEBC-0AF0-4D22-AFCF-27F4D819A010} 2018-06-18 17:18 - 2017-09-22 10:20 - 000000000 ____D C:\Program Files (x86)\Origin 2018-06-18 12:25 - 2017-07-12 23:18 - 000000000 ____D C:\ProgramData\NVIDIA 2018-06-18 00:03 - 2017-08-03 20:41 - 000000000 ____D C:\ProgramData\PCPitstop 2018-06-17 12:18 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-06-17 12:15 - 2017-09-29 09:44 - 000000000 ____D C:\WINDOWS\INF 2018-06-17 12:14 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-06-17 12:14 - 2016-03-31 08:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-06-15 15:28 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-15 15:28 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-06-15 14:08 - 2015-10-30 03:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-06-14 19:39 - 2018-01-22 19:59 - 000000600 _____ C:\Users\Eric's Gaming PC\AppData\Roaming\winscp.rnd 2018-06-14 19:17 - 2016-03-31 08:27 - 000000000 ____D C:\ProgramData\Package Cache 2018-06-14 19:14 - 2016-03-31 08:37 - 000000000 ____D C:\MSI 2018-06-14 19:13 - 2016-05-03 21:48 - 000000000 __SHD C:\Users\Eric's Gaming PC\IntelGraphicsProfiles 2018-06-14 19:12 - 2018-01-31 18:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-06-14 18:35 - 2017-09-29 04:45 - 027262976 _____ C:\WINDOWS\system32\config\HARDWARE 2018-06-14 18:35 - 2017-09-29 04:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-06-14 16:21 - 2018-03-08 18:35 - 019304283 _____ C:\Users\Eric's Gaming PC\Downloads\Impactor_0.9.44.zip 2018-06-14 16:21 - 2016-05-04 16:19 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\CrashDumps 2018-06-12 20:14 - 2016-05-14 22:10 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-12 20:07 - 2017-01-28 18:13 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\uTorrent 2018-06-12 20:07 - 2016-03-31 08:38 - 000000000 ____D C:\Program Files (x86)\Steam 2018-06-12 20:05 - 2018-01-22 14:59 - 000000000 ___DC C:\WINDOWS\Panther 2018-06-12 20:05 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-06-12 18:15 - 2016-05-04 16:05 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-06-12 18:11 - 2017-10-11 09:33 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-06-12 18:11 - 2016-05-04 16:05 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-06-10 13:08 - 2018-01-31 18:04 - 001246378 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-06-07 14:24 - 2017-09-29 09:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-06-06 18:11 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-06-06 18:11 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-06-05 19:24 - 2018-04-13 17:36 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-06-05 19:24 - 2018-04-13 17:36 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-06-03 23:11 - 2016-05-14 22:10 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2018-06-03 16:41 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\ModemLogs 2018-06-03 10:31 - 2018-01-31 17:53 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Local\Packages 2018-06-03 08:41 - 2018-01-31 18:09 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-06-03 08:41 - 2018-01-31 18:09 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-06-03 08:41 - 2016-05-04 16:16 - 000000000 ____D C:\Program Files (x86)\Google 2018-06-03 00:57 - 2018-01-31 18:08 - 000032388 _____ C:\WINDOWS\diagwrn.xml 2018-06-03 00:57 - 2018-01-31 18:08 - 000032388 _____ C:\WINDOWS\diagerr.xml 2018-06-02 23:48 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\Registration 2018-06-02 23:47 - 2018-04-12 06:19 - 000000000 ___HD C:\$WINDOWS.~BT 2018-06-02 13:13 - 2017-10-17 21:46 - 000000000 ____D C:\Program Files\Java 2018-06-02 13:13 - 2016-05-04 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-06-02 13:12 - 2017-10-17 21:47 - 000111048 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2018-05-23 18:57 - 2017-09-22 10:20 - 000000000 ____D C:\Users\Eric's Gaming PC\AppData\Roaming\Origin ==================== Files in the root of some directories ======= 2016-06-02 15:44 - 2016-10-23 13:04 - 000000030 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\alsoft.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000129 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\Camdata.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000408 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamLayout.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000000408 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamShapes.ini 2018-03-25 16:02 - 2018-04-28 19:03 - 000004583 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\CamStudio.cfg 2017-01-11 17:00 - 2017-02-19 00:03 - 005520256 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\MyTest.gcode 2017-02-17 17:05 - 2017-02-19 00:04 - 000006380 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\MyTest.json 2017-01-14 08:39 - 2017-02-17 17:11 - 000000044 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\temp.ree 2018-03-25 15:59 - 2018-04-28 19:02 - 000000096 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\version2.xml 2018-01-22 19:59 - 2018-06-14 19:39 - 000000600 _____ () C:\Users\Eric's Gaming PC\AppData\Roaming\winscp.rnd 2018-01-22 19:01 - 2018-01-22 19:01 - 000000600 _____ () C:\Users\Eric's Gaming PC\AppData\Local\PUTTY.RND 2018-01-07 00:12 - 2018-02-04 15:10 - 000007601 _____ () C:\Users\Eric's Gaming PC\AppData\Local\Resmon.ResmonCfg 2017-04-06 17:43 - 2017-04-06 17:43 - 000000552 _____ () C:\Users\Eric's Gaming PC\AppData\Local\TroubleshooterConfig.json Some files in TEMP: ==================== 2018-06-15 13:20 - 2018-03-13 03:02 - 001954048 ____N (Microsoft Corporation) C:\Users\Eric's Gaming PC\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-06-13 11:18 ==================== End of FRST.txt ============================
  3. RougeKiller Log RogueKiller V12.12.21.0 (x64) [Jun 11 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Eric's Gaming PC [Administrator] Started from : C:\Users\Eric's Gaming PC\Downloads\RogueKiller_portable64.exe Mode : Delete -- Date : 06/15/2018 13:21:10 (Duration : 00:47:38) ¤¤¤ Processes : 1 ¤¤¤ [VT.Unknown] democratize.exe(10632) -- C:\Program Files (x86)\Cyclists\democratize.exe[-] -> Killed [TermProc] ¤¤¤ Registry : 7 ¤¤¤ [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Deleted [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell15.msn.com/?pc=DCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell15.msn.com/?pc=DCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell15.msn.com/?pc=DCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3928081856-823122749-4048558740-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell15.msn.com/?pc=DCTE -> Not selected [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d970b658-6589-4a46-89be-b3fa15debdc9} | DhcpNameServer : 172.20.10.1 ([]) -> Replaced () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{da20e825-b4f5-4a89-8678-d26fb2d4d0ec} | DhcpNameServer : 10.13.109.99 ([]) -> Replaced () ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST1000DM003-1SB102 +++++ --- User --- [MBR] f134cb00595d0cb90535b679b75f1e5f [BSP] b8e45f054339396ae197b95f475a4ee9 : Empty|VT.Unknown MBR Code Partition table: 0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB 1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB 2 - Basic data partition | Offset (sectors): 1288192 | Size: 940550 MB 3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1927534592 | Size: 450 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1928456192 | Size: 12240 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Generic Flash Disk USB Device +++++ --- User --- [MBR] d9516da678a1d00f5c698e0e09f8a881 [BSP] a95ec4515f12d48cb7774c1f55ad32af : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 128 | Size: 1989 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) AdwCleaner[S02].txt
  4. just wondering, i used the premium version, since i still have the trial, but the items are just in quarantine, not removed, is that ok?? or should i delete from quarantine
  5. just to add, there have been other things such as those in this attachment. When deleted, they come back every reboot
  6. Here are the files you asked for Addition.txt FRST.txt Threat Scan.txt
  7. NO matter how many times I run Malwarebytes, this folder wmcagent, will not be deleted by Malwarebytes. I've run nearly 4 scans and every time I reboot it reinstalls itself or just never disappears. how do I get rid of this problem??
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.