Freepchelp.co.uk

laptop running slow

2016-07-25

hi all, im looking for a bit of help with my laptop, its a dell n5010 windows 7 i3 home premium 64bit, up until a few months ago it was great but has started to run so slow and the fan is running all the time on what seems like the highest speed possible, i have run scans but it never finds anything so im hoping someone can give me help in fixing whatever is wrong, thanks tom

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 25/07/2016

Scan Time: 12:19

Logfile:

Administrator: Yes

Version: 2.2.1.1043

Malware Database: v2016.07.25.01

Rootkit Database: v2016.05.27.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: tom

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 318064

Time Elapsed: 31 min, 33 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2016

Ran by tom (2016-07-25 12:55:21)

Running from C:\Users\tom\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2011-08-13 18:42:38)

Boot Mode: Normal

================================================== ========

==================== Accounts: =============================

Administrator (S-1-5-21-2134292529-3043326613-3165962306-500 - Administrator - Disabled)

Guest (S-1-5-21-2134292529-3043326613-3165962306-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2134292529-3043326613-3165962306-1004 - Limited - Enabled)

tom (S-1-5-21-2134292529-3043326613-3165962306-1000 - Administrator - Enabled) => C:\Users\tom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)

Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)

Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)

Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{F1D737AB-71A7-4D25-BB94-79DB090D6FF9}) (Version: 1.5.402.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.1 - ArcSoft)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.66 - ArcSoft)

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.6 - Dell Inc.)

Dell Stage (HKLM-x32\...\{FC45E4D6-FEA5-4091-B172-4351D130C2E1}) (Version: 1.7.209.0 - Fingertapps)

Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)

Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.50 - ArcSoft)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)

Dell System Detect (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell)

Dell System Detect (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\73f463568823ebbe) (Version: 6.0.0.18 - Dell)

Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1719 - CyberLink Corp.)

Dell VideoStage (x32 Version: 1.2.0.1719 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)

Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)

Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)

iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)

Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)

Media Go Video Playback Engine 2.20.107.05220 (HKLM-x32\...\{7348D0F2-3DAC-0BE7-4E7C-64844D2E3CA9}) (Version: 2.20.107.05220 - Sony)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6043 - Mozilla)

MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 P****r (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 P****r (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 P****r (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)

Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)

Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{C075A9B4-E717-44C9-B02C-9A5AD2101BFB}) (Version: 6.5 - Silicon Laboratories, Inc.)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)

TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)

Unity Web Player (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)

Unity Web Player (HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)

Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)

WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)

Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (HKLM\...\AF09E130E2FD4D1BEFD1B9132AE624BAE0364719 ) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)

Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC ) (Version: 01/18/2013 2.08.28 - FTDI)

Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43 ) (Version: 07/12/2013 2.08.30 - FTDI)

Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD ) (Version: 01/18/2013 2.08.28 - FTDI)

Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7 ) (Version: 07/12/2013 2.08.30 - FTDI)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB485BE-5741-4F3D-B5AD-9DA95113A4D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

Task: {1C6B80E7-FFF4-4134-95C5-2A2109206BDB} - System32\Tasks\{82E728B3-2AB5-4AAD-B0AC-BFB56DCE8259} => C:\Program Files (x86)\iTunes\iTunes.exe

Task: {23F6F42D-8510-43FD-B011-1D71AA1BA0F4} - System32\Tasks\{483136C7-0B2A-40C2-9E80-BB8D1E21F464} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29] (Broadcom Corporation.)

Task: {2EDB67EB-F188-444A-BAE8-E2A8D95E29C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

Task: {4CBC8E58-075E-4D56-9576-D565500E4B1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

Task: {56F63896-0ACD-416D-930A-75DEDF654AD3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)

Task: {671FE88A-3FB6-4A62-B0FD-E23A9BFF6900} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

Task: {705A1533-D9C2-4C52-BCE5-D00D0910A558} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)

Task: {78E40194-2C45-45F4-A309-BDA80CD546DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000Core => C:\Users\tom\AppData\Local\Google\Update\GoogleUpd ate.exe [2015-08-27] (Google Inc.)

Task: {81C3693F-2587-4815-A697-F8107C366088} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2134292529-3043326613-3165962306-1000

Task: {908501F3-7AE1-4BD7-989F-12205723EB60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000UA => C:\Users\tom\AppData\Local\Google\Update\GoogleUpd ate.exe [2015-08-27] (Google Inc.)

Task: {99B4E9F1-4745-4EB6-B259-67B9CE53CF0F} - System32\Tasks\{CE452736-F199-473C-95EB-AC5FC148D878} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29] (Broadcom Corporation.)

Task: {A87EB778-2210-4C0D-A34D-BCD411B1B25F} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - tom) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

Task: {B3119ED5-8F43-4B4E-80B5-66546DD42D90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2016-07-16] (Adobe Systems Incorporated)

Task: {D75374AA-EFEB-4104-9114-9A3582DAA52C} - System32\Tasks\{A85CB27A-652A-4E2B-9C3C-F6A55BF156E5} => pcalua.exe -a C:\Users\tom\Desktop\tazusb.exe -d C:\Users\tom\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000Core.job => C:\Users\tom\AppData\Local\Google\Update\GoogleUpd ate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134292529-3043326613-3165962306-1000UA.job => C:\Users\tom\AppData\Local\Google\Update\GoogleUpd ate.exe

Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-03-05 15:21 - 2010-03-05 15:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2010-03-05 15:21 - 2010-03-05 15:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-10-18 03:42 - 2014-10-18 03:42 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\Isd iInterop\9419a7c2030ade01725f8fd9344e218d\IsdiInte rop.ni.dll

2011-04-05 05:04 - 2010-06-08 16:44 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2016-07-13 09:24 - 2016-07-16 12:44 - 19483328 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_ 209.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\dell.com -> dell.com

IE trusted site: HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\tom\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper.jpg

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\tom\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: Apple Mobile Device => 2

MSCONFIG\Services: Apple Mobile Device Service => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: btwdins => 2

MSCONFIG\Services: iPod Service => 3

MSCONFIG\Services: Motorola Device Manager => 2

MSCONFIG\Services: PST Service => 2

MSCONFIG\Services: Skype C2C Service => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup

MSCONFIG\startupreg: "C: =>

MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\tom\AppData\Local\Smartbar\Application\Sn apDo.exe startup

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot

MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup

MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

MSCONFIG\startupreg: Google Update => "C:\Users\tom\AppData\Local\Google\Update\GoogleUp date.exe" /c

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe

MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{05AE64F2-6A2D-4C5C-A4A8-8AE9FD7EFD26}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{72E8EBF2-A34E-42EC-A0BC-CD7635C4F37E}] => (Allow) LPort=2869

FirewallRules: [{451DAC05-AD0D-472A-86A6-E1CC5206C0A8}] => (Allow) LPort=1900

FirewallRules: [{84912534-AE37-426C-AAB2-9F08BECD3D99}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{3C102034-E254-4A94-ABF3-898786A1D24C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{E7D8199A-1551-43CD-AA10-794791902E75}] => (Allow) C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe

FirewallRules: [{F28D5B0C-8A06-48CC-9969-21C80B30CAC5}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe

FirewallRules: [{621AC1DA-2898-4FD8-92CA-1D789B32E414}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

FirewallRules: [{703FFDAF-D681-4BB3-9E90-DE5F5D58B469}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

FirewallRules: [{76F8072E-FD5A-41D7-8272-CE2857934A8F}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

FirewallRules: [{20FD5C2B-7969-4903-9FB6-2A96967451D3}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe

FirewallRules: [{F50A4FE6-2654-4C39-8874-6CBAB729343A}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe

FirewallRules: [{B5128131-AE95-4110-B9D1-E23EBD2EC4FD}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe

FirewallRules: [{8A1E8301-A23B-4A54-B4F4-1B5E63E0A1EE}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

FirewallRules: [{00331F2F-7707-4646-820C-881A0645CD4C}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

FirewallRules: [{039CD0F8-BEDB-42B5-A077-56AC461A21F0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe

FirewallRules: [TCP Query User{70F565E6-18B5-4943-BCC0-170ABF8339FD}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe

FirewallRules: [UDP Query User{C6211A41-55EF-4045-8AE8-233ED224FD3A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe

FirewallRules: [{56651B52-E0E1-4590-95B9-4FE67BB94E14}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{740F4469-5E7B-40AF-8C6A-3FA5969F6B27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{5B816F27-A75B-4C7F-B8FF-0FA3C3AA45BF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [UDP Query User{B8B19FE9-5B61-441E-88D7-2D0C141AC097}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [{B891C989-0CD1-4321-A2B4-0DD14C8233C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{5DF98BE5-8199-45BB-8763-B75A65835A9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{62CE9313-0FB2-4767-A99C-DF968AD0D778}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{DBD84127-A398-4E05-B175-0654CEF019EB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{657F80A3-07DD-40D1-916F-F5DEE0854170}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{2007F8A5-241A-4B46-990D-3D0B7AEABF20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{B6298AF6-FC78-4845-983A-BCCD72FFB496}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B6DDD8F8-C593-427D-9AF6-A3F2A0180F1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{9FF1CFC9-593B-42C6-9E16-BDA2E8CBFFEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{B69A3D43-0144-4999-9561-5708F13AE533}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{02C3863E-EF75-4CC2-9FE0-B9A89147431C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

FirewallRules: [{95A01505-2811-4187-B257-BF6EEBB72F94}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

FirewallRules: [{0812E9CE-DA66-40BD-AAC7-AA432B6ECF94}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{9A1137EF-D6EF-4285-BED1-F880DD4711BF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{7C1180EF-3259-4B4D-BC2A-E44D1B9F6962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

01-07-2016 19:07:27 Windows Update

06-07-2016 08:54:05 Windows Update

10-07-2016 08:23:21 Windows Update

14-07-2016 08:19:46 Windows Update

18-07-2016 09:23:11 Windows Update

25-07-2016 09:08:27 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1292016

Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1292016

Error: (07/25/2016 10:44:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6365

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6365

Error: (07/25/2016 10:22:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5148

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5148

Error: (07/25/2016 10:22:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/25/2016 10:22:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4119

System errors:

=============

Error: (07/25/2016 12:57:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:55:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:47:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:45:07 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:40:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:39:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:35:13 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:33:49 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:23:36 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (07/25/2016 12:22:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

CodeIntegrity:

===================================

Date: 2015-06-21 12:59:47.314

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\u sbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-21 12:59:47.254

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\u sbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz

Percentage of memory in use: 48%

Total physical RAM: 5942.68 MB

Available physical RAM: 3084.61 MB

Total Virtual: 11883.57 MB

Available Virtual: 8051.37 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:162.74 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

================================================== ======

Disk: 0 (Size: 298.1 GB) (Disk ID: AA0FE720)

Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)

Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-07-2016

Ran by tom (administrator) on TOM-PC (25-07-2016 12:53:58)

Running from C:\Users\tom\Downloads

Loaded Profiles: tom & (Available Profiles: tom)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

() C:\Program Files (x86)\Mozilla Firefox\updated\firefox.exe

() C:\Program Files (x86)\Mozilla Firefox\updated\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_22_0_0_209.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_22_0_0_209.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [831064 2016-07-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: E - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {025db067-cccf-11e4-85f5-90004ee68264} - E:\Startme.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {552f8fc4-7050-11e1-9192-90004ee68264} - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b1217a04-8e42-11e1-890f-90004ee68264} - E:\Setup.exe

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{1708D2F1-AD0E-4BDE-9091-51BC6CF47129}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{D2D53E3B-C461-4EBC-B1B8-3526FA91A15A}: [NameServer] 0.0.0.0

Internet Explorer:

==================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.co.uk/

HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.co.uk/

SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =

SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-07] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-07] (Oracle Corporation)

FireFox:

========

FF ProfilePath: C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661

FF Homepage: hxxps://www.google.com/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_ 209.dll [2016-07-16] ()

FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-15] (Microsoft Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_ 209.dll [2016-07-16] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146 .dll [2013-10-25] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-07] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-07] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-15] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npgoo gletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @talk.google.com/O1DPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npo1d .dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @tools.google.com/Google Update;version=3 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @tools.google.com/Google Update;version=9 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tom\AppData\LocalLow\Unity\WebPlayer\load er\npUnity3D32.dll [2016-07-16] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npgoo gletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\tom\AppData\Roaming\Mozilla\plugins\npo1d .dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\tom\AppData\Local\Google\Update\1.3.29.5\ npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tom\AppData\LocalLow\Unity\WebPlayer\load er\npUnity3D32.dll [2016-07-16] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

FF Plugin ProgramFiles/Appdata: C:\Users\tom\AppData\Roaming\mozilla\plugins\npgoo gletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\tom\AppData\Roaming\mozilla\plugins\npo1d .dll [2015-12-08] (Google)

FF Extension: Classic Theme Restorer - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\extensions\ClassicThemeRestorer@Aris T2Noia4dev.xpi [2016-07-08]

FF Extension: Open In Chrome - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\extensions\openinchrome@griffeltavla .wordpress.com.xpi [2016-07-11]

FF Extension: Clear Console - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\extensions\clearConsole@penzil.com.x pi [2016-07-11]

FF Extension: British English Dictionary - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\Extensions\en-GB@dictionaries.addons.mozilla.org [2016-07-08] [not signed]

FF Extension: WhatsApp™ Desktop - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\Extensions\jid1-uqwEAwSca3FXUo@jetpack.xpi [2016-07-08]

FF Extension: Adblock Plus - C:\Users\tom\AppData\Roaming\Mozilla\Firefox\Profi les\9ol2l4o2.default-1467098080661\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-28]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-07-19] [not signed]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-07-19] [not signed]

Chrome:

=======

CHR Profile: C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2016-07-09]

CHR Extension: (Google Docs) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2016-07-09]

CHR Extension: (Google Drive) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-07-09]

CHR Extension: (YouTube) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-07-09]

CHR Extension: (Google Sheets) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2016-07-09]

CHR Extension: (Windows Classic Theme) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjofahcbdnggbogjamfaafkgn olfnpc [2016-07-09]

CHR Extension: (Avira Browser Safety) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjkl bdgfkk [2016-07-09]

CHR Extension: (Google Docs Offline) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2016-07-09]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmig mmcbeh [2016-07-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2016-07-09]

CHR Extension: (Gmail) - C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-07-09]

CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tom\AppData\Local\Google\Drive\apdfllckaa habafndbhieahigkjlhalf_live.crx [2014-12-27]

CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Ext ension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\tom\AppData\Local\Google\Drive\apdfllckaa habafndbhieahigkjlhalf_live.crx [2014-12-27]

CHR HKU\S-1-5-21-2134292529-3043326613-3165962306-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Ext ension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-07-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [472112 2016-07-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [472112 2016-07-25] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1453696 2016-07-25] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)

S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-25] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-25] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)

S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)

S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

S3 ALSysIO; \??\C:\Users\tom\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-25 12:53 - 2016-07-25 12:54 - 00021791 _____ C:\Users\tom\Downloads\FRST.txt

2016-07-25 11:53 - 2016-07-25 11:53 - 03712064 _____ C:\Users\tom\Downloads\AdwCleaner.exe

2016-07-25 11:52 - 2016-07-25 12:53 - 00000000 ____D C:\FRST

2016-07-25 11:51 - 2016-07-25 11:51 - 02394112 _____ (Farbar) C:\Users\tom\Downloads\FRST64.exe

2016-07-19 21:34 - 2016-07-23 08:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-07-18 19:41 - 2016-07-18 19:41 - 00262144 _____ C:\Windows\Minidump\071816-23758-01.dmp

2016-07-16 16:40 - 2016-07-16 16:40 - 00000976 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk

2016-07-16 16:40 - 2016-07-16 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

2016-07-16 16:39 - 2016-07-16 16:40 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect

2016-07-16 16:39 - 2016-07-16 16:39 - 30341736 _____ (TomTom International B.V.) C:\Users\tom\Downloads\InstallMyDriveConnect(1).ex e

2016-07-09 08:02 - 2016-07-18 19:42 - 00002221 _____ C:\Users\tom\Desktop\Google Chrome.lnk

2016-07-09 08:00 - 2016-07-09 08:00 - 00987728 _____ (Google Inc.) C:\Users\tom\Downloads\ChromeSetup.exe

2016-06-28 08:14 - 2016-06-28 08:14 - 00000000 ____D C:\Users\tom\Desktop\Old Firefox Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-25 12:33 - 2011-09-13 16:24 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-07-25 12:21 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-07-25 12:21 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-07-25 12:19 - 2016-04-12 10:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-07-25 12:18 - 2015-10-15 13:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-07-25 12:18 - 2015-09-27 19:04 - 00000000 ____D C:\AdwCleaner

2016-07-25 10:44 - 2014-11-06 11:26 - 00000362 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - tom).job

2016-07-25 09:57 - 2012-04-11 12:36 - 00000000 ___RD C:\Users\tom\Desktop\sales

2016-07-25 08:24 - 2012-10-19 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2016-07-25 08:22 - 2013-03-30 11:58 - 00171752 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2016-07-25 08:22 - 2013-03-30 11:58 - 00145984 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2016-07-25 00:01 - 2011-09-13 16:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-07-23 08:21 - 2012-05-29 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-07-18 19:47 - 2009-07-14 06:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI

2016-07-18 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf

2016-07-18 19:42 - 2013-06-25 08:58 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2016-07-18 19:41 - 2011-11-25 23:01 - 00000000 ____D C:\Windows\Minidump

2016-07-18 19:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-07-18 19:40 - 2016-06-23 06:59 - 534751017 _____ C:\Windows\MEMORY.DMP

2016-07-16 12:44 - 2015-10-15 13:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-07-16 12:44 - 2014-08-21 15:54 - 00000000 ____D C:\Users\tom\AppData\Local\Adobe

2016-07-16 12:44 - 2012-04-24 20:41 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-07-16 12:44 - 2011-08-21 10:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-07-13 09:24 - 2012-04-24 20:41 - 00000000 ____D C:\Windows\system32\Macromed

2016-07-13 09:24 - 2011-04-05 05:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2016-07-09 08:01 - 2011-09-13 16:24 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-07-08 20:18 - 2014-08-12 06:42 - 00000000 ____D C:\ProgramData\Package Cache

2016-06-28 08:13 - 2013-10-18 13:21 - 09564672 ___SH C:\Users\tom\Desktop\Thumbs.db

2016-06-28 06:39 - 2013-06-10 17:15 - 00000000 ___RD C:\Users\tom\Desktop\tom Briefcase

==================== Files in the root of some directories =======

2013-05-18 09:32 - 2013-05-18 09:32 - 0019881 _____ () C:\Users\tom\AppData\Roaming\UserTile.png

2013-08-10 15:31 - 2013-08-10 15:31 - 0000037 ___SH () C:\Users\tom\AppData\Local\70149b02515b3bb20dd492. 47983420

2011-09-13 16:29 - 2012-01-23 13:56 - 0006144 _____ () C:\Users\tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2012-02-03 16:32 - 2016-04-15 13:00 - 0007651 _____ () C:\Users\tom\AppData\Local\resmon.resmoncfg

2015-02-13 03:47 - 2015-02-13 03:47 - 0000000 _____ () C:\Users\tom\AppData\Local\{316096C7-958D-4518-9F5F-D0FAC7A30825}

2012-02-05 22:56 - 2011-12-07 22:56 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:

====================

C:\ProgramData\hash.dat

Some files in TEMP:

====================

C:\Users\tom\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\W