Thank you for your warm welcome and help. They are both very much appreciated.
Farbar has created two additional FRST and Addition logs without any action on my part. I will post them, consecutively, if you so request.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016
Ran by Trevor (administrator) on TREVOR-PC (13-10-2016 21:19:41)
Running from C:\Users\Trevor\Desktop
Loaded Profiles: Trevor (Available Profiles: Trevor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
() C:\Windows\Runservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alienware) C:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
( Inc.) C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\qw.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-11-06] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [Launch Keyboard CI] => C:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe [3438088 2009-05-28] (Alienware)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-04-22] (Logitech, Inc.)
HKLM\...\Run: [Malwarebytes Anti-Ransomware] => C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe [722896 2016-08-26] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [6613872 2016-10-12] (McAfee Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2013-09-09] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\!SASWinLogon: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-08-31] (SUPERAntiSpyware)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AWMouseCI.lnk [2016-09-01]
ShortcutTarget: AWMouseCI.lnk -> C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe ( Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79904027-AA3E-4099-9322-97F672ACDDDC}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://outlook.live.com/owa/
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://support.alienware.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: LastPass Browser Helper Object -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPBar64.dll [2011-10-17] (LastPass)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> G:\Games\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: LastPass Browser Helper Object -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPBar.dll [2011-10-17] (LastPass)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-01] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll [2011-10-17] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll [2011-10-17] (LastPass)
DPF: HKLM {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883}
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10}
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 7akasbd1.default-1367016688725
FF ProfilePath: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 [2016-10-13]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> Search Provided by Yahoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> Search Provided by Yahoo
FF Homepage: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> hxxps://outlook.live.com/owa/?path=/mail/inbox
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\amznUWL2@amazon.com.xpi [2016-06-05]
FF Extension: (Canadian English Dictionary) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\en-CA@dictionaries.addons.mozilla.org [2016-03-14]
FF Extension: (Ghostery) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\firefox@ghostery.com.xpi [2016-08-11]
FF Extension: (YouTube™ Enhancer Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2016-08-12]
FF Extension: (FlashStopper) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\flashstopper@byo.co.il.xpi [2016-09-26]
FF Extension: (FoxyProxy Standard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\foxyproxy@eric.h.jung [2016-08-31]
FF Extension: (Webmail Ad Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\gmailnoads@mywebber.com.xpi [2015-09-18]
FF Extension: (Image and Flash Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\imgflashblocker@shimon.chohen.xpi [2016-04-27]
FF Extension: (Ad-blocker for Gmail) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid0-AocRXUCRsLTCYvn6bgJERnwfuqw@jetpack.xpi [2016-04-28]
FF Extension: (Location Guard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid1-HdwPLukcGQeOSh@jetpack.xpi [2016-10-09]
FF Extension: (YouTube™ Downloader Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid1-HfCj61J5q2gaGQ@jetpack.xpi [2015-12-12]
FF Extension: (Outlook Web App Notifications) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\owa_notifications@mihai-chezan.github.com.xpi [2016-10-06]
FF Extension: (YouTube Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\particle@particlecore.github.io.xpi [2016-07-27]
FF Extension: (Status-4-Evar) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\status4evar@caligonstudios.com.xpi [2016-10-12]
FF Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\support@lastpass.com [2016-03-11]
FF Extension: (TinyURL Generator) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\tinyurl.addon@fast-chat.co.uk.xpi [2016-04-27]
FF Extension: (Google Translator for Firefox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (UnPlug) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\unplug@compunach.xpi [2015-12-21]
FF Extension: (View as text) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\viewastext@john.tyree.xpi [2016-04-27]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-25]
FF Extension: (Forecastfox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-04-27]
FF Extension: (Webutation) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2016-04-27]
FF Extension: (Print Hint) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{4ca88e02-7bbb-43fe-ae41-5103893fa10c}.xpi [2016-04-27]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2016-04-28]
FF Extension: (EPUBReader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-08-17]
FF Extension: (NoScript) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09]
FF Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: (Clean Video) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2016-04-28]
FF ProfilePath: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor [2016-10-13]
FF Keyword.URL: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> hxxp://ca.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> socks_remote_dns", true
FF DefaultSearchEngineuser_pref("browser.search.defaultenginename","Google");: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> user_pref("browser.search.defaultenginename","Google");
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> Search Provided by Yahoo
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\amznUWL2@amazon.com.xpi [2013-01-02] [not signed]
FF Extension: (Canadian English Dictionary) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\en-CA@dictionaries.addons.mozilla.org [2013-05-17] [not signed]
FF Extension: (Tube Enhancer Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\firefoxaddon@youtubeenhancer.com [2013-05-17] [not signed]
FF Extension: (FoxyProxy Standard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\foxyproxy@eric.h.jung [2013-05-17] [not signed]
FF Extension: (Webmail Ad Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\gmailnoads@mywebber.com.xpi [2012-09-26] [not signed]
FF Extension: (Image and Flash Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\imgflashblocker@shimon.chohen.xpi [2012-07-29] [not signed]
FF Extension: (Status-4-Evar) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\status4evar@caligonstudios.com.xpi [2013-02-18] [not signed]
FF Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\support@lastpass.com [2013-05-17] [not signed]
FF Extension: (TinyURL Generator) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\tinyurl.addon@fast-chat.co.uk.xpi [2012-11-13] [not signed]
FF Extension: (View as text) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\viewastext@john.tyree.xpi [2012-09-30] [not signed]
FF Extension: (YouTube Cinema Mode .) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\youtube-cinemode@gmail.com.xpi [2013-04-18] [not signed]
FF Extension: (Forecastfox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-05-17] [not signed]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2012-07-31] [not signed]
FF Extension: (EPUBReader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-05-17] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-15] [not signed]
FF Extension: (Youtube Hide Annotations) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2013-04-18] [not signed]
FF Extension: (DownThemAll!) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-04-06] [not signed]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\gmailnoads@mywebber.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\viewastext@john.tyree.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\amznUWL2@amazon.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\status4evar@caligonstudios.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\foxyproxy@eric.h.jung [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Common Files\McAfee\SystemCore [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\youtube-cinemode@gmail.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\firefoxaddon@youtubeenhancer.com [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\support@lastpass.com [not found]
FF SearchPlugin: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\searchplugins\startpage-https---uk.xml [2013-05-05]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-08-23] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-08-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2013-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> G:\Games\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-18] (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Trevor\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Trevor\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2011-10-17]
StartMenuInternet: Google Chrome - C:\Users\Trevor\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2013-10-27]
OPR Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-10-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S3 ArcService; G:\Games\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [915736 2013-06-10] (BitRaider, LLC)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [130976 2011-08-15] (Futuremark Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-21] (GOG.com)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-13] (SurfRight B.V.)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2010-03-05] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe [3291088 2016-08-26] (Malwarebytes)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-08] (Electronic Arts)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [30944 2009-07-27] (Intel Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [200448 2016-04-15] (Broadcom Corporation.)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [75048 2013-06-10] (BitRaider)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-08] (REALiX(tm))
R0 MB3SwissArmy; C:\Windows\System32\drivers\MB3SwissArmy.sys [228800 2016-10-12] (Malwarebytes)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mio; C:\Windows\System32\DRIVERS\mio.sys [7680 2011-05-04] (Dell/Alienware)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S2 mrtRate; C:\Windows\SysWow64\Drivers\mrtRate.sys [34916 1999-08-12] (Marimba, Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; E:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2010-02-18] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28400 2016-03-30] () [File not signed]
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2009-07-29] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2009-07-29] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2009-07-29] (Silicon Image, Inc)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-12] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\Trevor\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Farbar has created two additional FRST and Addition logs without any action on my part. I will post them, consecutively, if you so request.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016
Ran by Trevor (administrator) on TREVOR-PC (13-10-2016 21:19:41)
Running from C:\Users\Trevor\Desktop
Loaded Profiles: Trevor (Available Profiles: Trevor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
() C:\Windows\Runservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alienware) C:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
( Inc.) C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\qw.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16407296 2015-11-06] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [Launch Keyboard CI] => C:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe [3438088 2009-05-28] (Alienware)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-04-22] (Logitech, Inc.)
HKLM\...\Run: [Malwarebytes Anti-Ransomware] => C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe [722896 2016-08-26] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [6613872 2016-10-12] (McAfee Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2013-09-09] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\!SASWinLogon: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-08-31] (SUPERAntiSpyware)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AWMouseCI.lnk [2016-09-01]
ShortcutTarget: AWMouseCI.lnk -> C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe ( Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79904027-AA3E-4099-9322-97F672ACDDDC}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://outlook.live.com/owa/
HKU\S-1-5-21-1645592776-1552282287-2170224798-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://support.alienware.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: LastPass Browser Helper Object -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPBar64.dll [2011-10-17] (LastPass)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> G:\Games\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: LastPass Browser Helper Object -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPBar.dll [2011-10-17] (LastPass)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-01] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll [2011-10-17] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll [2011-10-17] (LastPass)
DPF: HKLM {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: HKLM-x32 {140E4DF8-9E14-4A34-9577-C77561ED7883}
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10}
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 7akasbd1.default-1367016688725
FF ProfilePath: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 [2016-10-13]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> Search Provided by Yahoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> Search Provided by Yahoo
FF Homepage: Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725 -> hxxps://outlook.live.com/owa/?path=/mail/inbox
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\amznUWL2@amazon.com.xpi [2016-06-05]
FF Extension: (Canadian English Dictionary) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\en-CA@dictionaries.addons.mozilla.org [2016-03-14]
FF Extension: (Ghostery) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\firefox@ghostery.com.xpi [2016-08-11]
FF Extension: (YouTube™ Enhancer Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2016-08-12]
FF Extension: (FlashStopper) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\flashstopper@byo.co.il.xpi [2016-09-26]
FF Extension: (FoxyProxy Standard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\foxyproxy@eric.h.jung [2016-08-31]
FF Extension: (Webmail Ad Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\gmailnoads@mywebber.com.xpi [2015-09-18]
FF Extension: (Image and Flash Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\imgflashblocker@shimon.chohen.xpi [2016-04-27]
FF Extension: (Ad-blocker for Gmail) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid0-AocRXUCRsLTCYvn6bgJERnwfuqw@jetpack.xpi [2016-04-28]
FF Extension: (Location Guard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid1-HdwPLukcGQeOSh@jetpack.xpi [2016-10-09]
FF Extension: (YouTube™ Downloader Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\jid1-HfCj61J5q2gaGQ@jetpack.xpi [2015-12-12]
FF Extension: (Outlook Web App Notifications) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\owa_notifications@mihai-chezan.github.com.xpi [2016-10-06]
FF Extension: (YouTube Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\particle@particlecore.github.io.xpi [2016-07-27]
FF Extension: (Status-4-Evar) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\status4evar@caligonstudios.com.xpi [2016-10-12]
FF Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\support@lastpass.com [2016-03-11]
FF Extension: (TinyURL Generator) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\tinyurl.addon@fast-chat.co.uk.xpi [2016-04-27]
FF Extension: (Google Translator for Firefox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (UnPlug) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\unplug@compunach.xpi [2015-12-21]
FF Extension: (View as text) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\viewastext@john.tyree.xpi [2016-04-27]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-25]
FF Extension: (Forecastfox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-04-27]
FF Extension: (Webutation) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2016-04-27]
FF Extension: (Print Hint) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{4ca88e02-7bbb-43fe-ae41-5103893fa10c}.xpi [2016-04-27]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2016-04-28]
FF Extension: (EPUBReader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-08-17]
FF Extension: (NoScript) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09]
FF Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: (Clean Video) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\7akasbd1.default-1367016688725\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2016-04-28]
FF ProfilePath: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor [2016-10-13]
FF Keyword.URL: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> hxxp://ca.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> socks_remote_dns", true
FF DefaultSearchEngineuser_pref("browser.search.defaultenginename","Google");: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> user_pref("browser.search.defaultenginename","Google");
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hkuihaap.Trevor -> Search Provided by Yahoo
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\amznUWL2@amazon.com.xpi [2013-01-02] [not signed]
FF Extension: (Canadian English Dictionary) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\en-CA@dictionaries.addons.mozilla.org [2013-05-17] [not signed]
FF Extension: (Tube Enhancer Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\firefoxaddon@youtubeenhancer.com [2013-05-17] [not signed]
FF Extension: (FoxyProxy Standard) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\foxyproxy@eric.h.jung [2013-05-17] [not signed]
FF Extension: (Webmail Ad Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\gmailnoads@mywebber.com.xpi [2012-09-26] [not signed]
FF Extension: (Image and Flash Blocker) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\imgflashblocker@shimon.chohen.xpi [2012-07-29] [not signed]
FF Extension: (Status-4-Evar) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\status4evar@caligonstudios.com.xpi [2013-02-18] [not signed]
FF Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\support@lastpass.com [2013-05-17] [not signed]
FF Extension: (TinyURL Generator) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\tinyurl.addon@fast-chat.co.uk.xpi [2012-11-13] [not signed]
FF Extension: (View as text) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\viewastext@john.tyree.xpi [2012-09-30] [not signed]
FF Extension: (YouTube Cinema Mode .) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\youtube-cinemode@gmail.com.xpi [2013-04-18] [not signed]
FF Extension: (Forecastfox) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-05-17] [not signed]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2012-07-31] [not signed]
FF Extension: (EPUBReader) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-05-17] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-15] [not signed]
FF Extension: (Youtube Hide Annotations) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2013-04-18] [not signed]
FF Extension: (DownThemAll!) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-04-06] [not signed]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\gmailnoads@mywebber.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\viewastext@john.tyree.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\amznUWL2@amazon.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\status4evar@caligonstudios.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\foxyproxy@eric.h.jung [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [not found]
FF Extension: (No Name) - C:\Program Files (x86)\Common Files\McAfee\SystemCore [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\youtube-cinemode@gmail.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\firefoxaddon@youtubeenhancer.com [not found]
FF Extension: (No Name) - C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\onsugnew.default\extensions\support@lastpass.com [not found]
FF SearchPlugin: C:\Users\Trevor\AppData\Roaming\Mozilla\Firefox\Profiles\hkuihaap.Trevor\searchplugins\startpage-https---uk.xml [2013-05-05]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-08-23] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-08-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2013-10-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> G:\Games\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-03-18] (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Trevor\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Trevor\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1645592776-1552282287-2170224798-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - C:\Program Files (x86)\LastPass\lpchrome.crx [2011-10-17]
StartMenuInternet: Google Chrome - C:\Users\Trevor\AppData\Local\Google\Chrome\Application\chrome.exe
Opera:
=======
OPR Extension: (LastPass) - C:\Users\Trevor\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2013-10-27]
OPR Extension: (Adblock Plus) - C:\Users\Trevor\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-10-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
S3 ArcService; G:\Games\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [915736 2013-06-10] (BitRaider, LLC)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [130976 2011-08-15] (Futuremark Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-21] (GOG.com)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-02-13] (SurfRight B.V.)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2010-03-05] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe [3291088 2016-08-26] (Malwarebytes)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-08] (Electronic Arts)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [30944 2009-07-27] (Intel Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [200448 2016-04-15] (Broadcom Corporation.)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [75048 2013-06-10] (BitRaider)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-08] (REALiX(tm))
R0 MB3SwissArmy; C:\Windows\System32\drivers\MB3SwissArmy.sys [228800 2016-10-12] (Malwarebytes)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mio; C:\Windows\System32\DRIVERS\mio.sys [7680 2011-05-04] (Dell/Alienware)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S2 mrtRate; C:\Windows\SysWow64\Drivers\mrtRate.sys [34916 1999-08-12] (Marimba, Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; E:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2010-02-18] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28400 2016-03-30] () [File not signed]
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2009-07-29] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2009-07-29] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2009-07-29] (Silicon Image, Inc)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-12] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\Trevor\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)