Inactive Assist here please..FRST.txt and Addition.txt

Macky Recaido · Aug 23, 2016

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by 64Bit Standard (administrator) on ACER47524G (23-08-2016 22:39:03)
Running from C:\Users\64Bit Standard\Desktop
Loaded Profiles: 64Bit Standard (Available Profiles: 64Bit Standard)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleanService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Wifi\GenieWifiService.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Windows\System32\dmwu.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer) C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Mobogenie.com) C:\Program Files (x86)\Mobogenie3\MobogenieService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TODO: <公司名>) C:\Program Files (x86)\Blazers\Watsvc.exe
() C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe
() C:\Program Files (x86)\Blazers\wac.exe
() C:\Windows\SysWOW64\mjcm\dnkt.exe
() C:\Windows\System32\tprb\dnkt.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleaner.exe
(Oppoos.com) C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleaner.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [961184 2011-08-02] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [798880 2011-08-02] (Atheros Commnucations)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [2347008 2011-11-02] (Zbshareware Lab)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-12-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-10] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-16] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [766656 2014-01-09] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [Facebook Update] => C:\Users\64Bit Standard\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-11] (Facebook Inc.)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [Google Update] => C:\Users\64Bit Standard\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\64Bit Standard\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [GenieFloater] => C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe [1850520 2015-02-06] (Oppoos.com)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [Google Photos Backup] => C:\Users\64Bit Standard\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3961968 2016-06-10] (Tonec Inc.)
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {15bedbba-a344-11e3-b79b-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {2e58bdd5-5c8b-11e3-b4a6-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {3b10255c-8bb6-11e4-98f6-c0188508e944} - F:\LaunchU3.exe -a
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {84fc388b-0b51-11e4-97dd-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {84fc3896-0b51-11e4-97dd-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {dabff73f-24e2-11e4-95d9-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {ea969c82-5b13-11e3-9ca8-c0188508e944} - F:\AutoRun.exe
HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\MountPoints2: {ea969c95-5b13-11e3-9ca8-001e101f4e71} - F:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Mobile Partner] => C:\Program Files (x86)\Tattoo\Tattoo
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetycrt.dll
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\64Bit Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2016-07-05]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2016-07-05]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33B0A8AA-558B-4DA0-AA57-8E1B6BDD8C78}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5F7A0CFB-41F7-42FB-A27B-4CEE032EC486}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7666F337-9385-438B-BD22-53C1A3F97774}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9004E00D-FF64-48F5-A52E-515992158449}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{B9724432-5B49-4C0D-8643-D1EF391DC7F4}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D931273D-0EC7-4F67-B8F0-90A9CE51BCF1}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10016&barid={D5B1B3BF-7297-11E2-B37C-C0188508E944}
HKU\S-1-5-21-203507500-883022594-3238906040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071413
HKU\S-1-5-21-203507500-883022594-3238906040-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://arabic.arabia.msn.com/?C=SA
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={D5B1B3BF-7297-11E2-B37C-C0188508E944}
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10016&barid={D5B1B3BF-7297-11E2-B37C-C0188508E944}
SearchScopes: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92830952916117790
SearchScopes: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> BBC00BFB83C24DEBBF48A90BD2415880 URL = hxxp://isearch.avg.com/search?cid={35C12767-6D80-45EE-BC45-878C330E4CC7}&mid=69c45bf1447b47d1bf0a5cf8300b4423-44b62a31c6e4d7cc9a9c8373559e0e6a3350018c&lang=en&ds=AVG&pr=pr&d=&v=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071413&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23&did=10963&UPN2=92830952916117790
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-05] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-05] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-12-10] (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-24] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKU\S-1-5-21-203507500-883022594-3238906040-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} hxxp://hani.dipmap.com/cab/OCXChecker_8500.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&did=10963&&st=23&UPN2=92830952916117790
FF SelectedSearchEngine: Sweetpacks Search
FF Homepage: hxxp://www.sweetpacks-search.com/?barid=&src=10&did=10963&&st=23&UPN2=92830952916117790
about:home
FF Keyword.URL: hxxp://mysearch.sweetpacks.com?src=6&barid=&did=10963&&st=23&UPN2=92830952916117790&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-21] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-26] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-21] (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-12-13] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2011-11-24] (Yahoo! Inc.)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-12-10] (RealPlayer)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-203507500-883022594-3238906040-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\64Bit Standard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-203507500-883022594-3238906040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\64Bit Standard\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-203507500-883022594-3238906040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\64Bit Standard\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-12-10] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-12-10] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-10] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\ask-search.xml [2015-10-09]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\ask-web-search.xml [2014-12-25]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\Ask.xml [2014-07-14]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\bingp.xml [2013-07-15]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\MyStart Search.xml [2015-11-20]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\MyStart.xml [2013-09-17]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\sweetim.xml [2013-02-09]
FF SearchPlugin: C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\searchplugins\Sweetpacks Search.xml [2016-08-23]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2014-07-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-05-02]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-08] [not signed]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-06-08]
FF Extension: Adblock Plus - C:\Users\64Bit Standard\AppData\Roaming\Mozilla\Firefox\Profiles\v9t9xa8x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-05]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-05-16] [not signed]
FF HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\64Bit Standard\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\64Bit Standard\AppData\Roaming\IDM\idmmzcc5 [2016-08-23] [not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-02] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (internet Download Manager For Chrome) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blhjobkfabeopalncconblmakfcllmhk [2016-06-18]
CHR Extension: (YouTube) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Google Search) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Elite Unzip) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea [2015-03-21]
CHR Extension: (NetBeans Connector) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2016-07-21]
CHR Extension: (Internet Download Manager) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaimklihemgfpichkhlcbcbhfkmkcip [2016-06-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-11]
CHR Extension: (Skype) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-13]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-10]
CHR Extension: (Gmail) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-10]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2013-02-09]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-24]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
StartMenuInternet: Google Chrome.2GVSDOFDZMDVKYCDOSUCPWJDBI - C:\Users\64Bit Standard\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-18] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [103584 2011-08-02] (Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GenieCleanService; C:\Program Files (x86)\Genie Soft\Genie Cleaner\GenieCleanService.exe [53400 2015-02-06] (Oppoos.com) [File not signed]
R2 GenieWifiService; C:\Program Files (x86)\Genie Soft\Genie Wifi\GenieWifiService.exe [51352 2015-03-05] (Oppoos.com) [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [3039536 2015-01-06] ()
S2 InstallerWrapperService; C:\Program Files\TrueKey\InstallerWrapperService.exe [47688 2016-07-20] (McAfee, Inc.)
R2 ITbrain Agent; C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe [5567488 2015-11-27] (TeamViewer) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [293128 2016-05-31] (McAfee, Inc.)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [105664 2014-08-14] () [File not signed]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 MobogenieService; C:\Program Files (x86)\Mobogenie3\MobogenieService.exe [127680 2015-05-28] (Mobogenie.com) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [File not signed]
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-23] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
R2 Watsvc; C:\Program Files (x86)\Blazers\Watsvc.exe [107160 2015-04-16] (TODO: <公司名>) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [115856 2016-04-14] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204192 2016-03-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [249296 2015-05-26] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-23] ()
S3 HtcUsbMdmV64; C:\Windows\System32\DRIVERS\HtcUsbMdmV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-23 22:39 - 2016-08-23 22:41 - 00035060 _____ C:\Users\64Bit Standard\Desktop\FRST.txt
2016-08-23 22:37 - 2016-08-23 22:39 - 00000000 ____D C:\FRST
2016-08-23 22:36 - 2016-08-23 22:35 - 02396672 _____ (Farbar) C:\Users\64Bit Standard\Desktop\FRST64.exe
2016-08-23 21:51 - 2016-08-23 21:51 - 00000000 _____ C:\autoexec.bat
2016-08-23 21:50 - 2016-08-23 21:50 - 00003366 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-08-23 21:50 - 2016-08-23 21:50 - 00000937 _____ C:\Users\64Bit Standard\Desktop\SpyHunter.lnk
2016-08-23 21:50 - 2016-08-23 21:50 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-08-23 21:50 - 2016-08-23 21:50 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\Enigma Software Group
2016-08-23 21:48 - 2016-08-23 21:49 - 00000000 ____D C:\sh4ldr
2016-08-23 21:34 - 2016-08-23 21:34 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-08-23 21:32 - 2016-08-23 21:32 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-08-20 23:21 - 2016-08-20 23:21 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-08-20 23:21 - 2016-08-20 23:21 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-20 21:05 - 2016-08-20 21:05 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-08-20 21:05 - 2016-08-20 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-20 21:05 - 2016-08-20 21:05 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-08-15 15:33 - 2016-08-15 15:33 - 00000000 ____D C:\Users\64Bit Standard\.fontconfig
2016-08-09 00:36 - 2016-08-09 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2016-08-09 00:13 - 2016-08-23 22:38 - 00000000 ____D C:\Program Files (x86)\ITbrain Agent
2016-08-09 00:13 - 2016-08-09 00:13 - 00000000 __HDC C:\ProgramData\{651038AD-E038-410A-BD90-28FB006FD850}
2016-08-09 00:13 - 2016-08-09 00:13 - 00000000 ____D C:\Users\Default\AppData\Local\PackageAware
2016-08-09 00:13 - 2016-08-09 00:13 - 00000000 ____D C:\Users\Default User\AppData\Local\PackageAware
2016-08-09 00:06 - 2016-08-09 00:06 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-07 10:36 - 2016-08-07 10:36 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-08-07 10:36 - 2016-08-07 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-07 10:36 - 2016-08-07 10:36 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-08-05 08:59 - 2016-08-05 09:00 - 00000000 ____D C:\Program Files\Defraggler
2016-08-05 08:59 - 2016-08-05 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-08-05 08:56 - 2016-08-15 23:48 - 00000000 ____D C:\Program Files\Recuva
2016-08-05 08:56 - 2016-08-05 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2016-08-05 08:50 - 2016-08-05 08:50 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\CEF
2016-08-05 08:49 - 2016-08-05 08:49 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-08-05 08:49 - 2016-08-05 08:49 - 00000000 ____D C:\ProgramData\McAfee
2016-08-05 08:48 - 2016-08-05 08:48 - 00000000 ____D C:\Program Files\TrueKey
2016-08-05 08:47 - 2016-08-05 23:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 23:15 - 2016-08-05 08:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 04:10 - 2016-07-24 04:10 - 00003260 _____ C:\Windows\System32\Tasks\{ADD6E3C7-939C-4FF3-B4EE-157E0DA5FDC8}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-23 22:21 - 2014-03-23 17:02 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\DMCache
2016-08-23 22:10 - 2014-03-23 17:02 - 00000000 ____D C:\Users\64Bit Standard\Downloads\Compressed
2016-08-23 21:55 - 2012-12-10 01:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-23 21:50 - 2012-12-12 06:46 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA.job
2016-08-23 21:23 - 2012-12-11 17:18 - 00000964 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA.job
2016-08-23 21:23 - 2009-07-14 13:13 - 00717892 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-23 21:23 - 2009-07-14 12:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-23 21:23 - 2009-07-14 12:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-23 21:23 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2016-08-23 21:22 - 2012-02-08 23:25 - 00000000 ____D C:\ProgramData\MFAData
2016-08-23 21:18 - 2015-03-23 15:50 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-08-23 21:17 - 2015-04-23 12:59 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\cmsiex
2016-08-23 21:17 - 2014-01-18 23:56 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\newnext.me
2016-08-23 21:17 - 2013-09-17 16:52 - 00018688 _____ C:\Users\64Bit Standard\AppData\LocalLow\SkwConfig.bin
2016-08-23 21:17 - 2012-02-08 23:16 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\Skype
2016-08-23 21:16 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-23 12:56 - 2012-12-11 18:59 - 00000220 _____ C:\Windows\popcinfo.dat
2016-08-23 12:53 - 2014-08-14 13:13 - 00000000 ___HD C:\Users\64Bit Standard\Desktop\my movies
2016-08-22 14:49 - 2012-12-11 17:18 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core.job
2016-08-21 01:16 - 2014-03-23 17:02 - 00000000 ____D C:\Users\64Bit Standard\Desktop\Video
2016-08-21 00:05 - 2012-12-11 19:04 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\vlc
2016-08-20 23:21 - 2012-02-08 22:45 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-20 23:04 - 2012-02-08 22:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-20 22:25 - 2012-12-25 14:19 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\CrashDumps
2016-08-20 20:43 - 2016-06-18 00:20 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\IDM
2016-08-16 00:40 - 2016-06-15 08:28 - 00000000 ____D C:\Users\64Bit Standard\Downloads\SHAREit
2016-08-15 23:51 - 2012-02-08 21:59 - 00000000 ____D C:\Users\64Bit Standard
2016-08-12 10:42 - 2014-09-24 16:51 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\SWDS
2016-08-11 19:50 - 2012-12-12 06:46 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core.job
2016-08-09 09:57 - 2012-12-10 01:37 - 00002419 _____ C:\Users\64Bit Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 00:36 - 2016-06-15 08:28 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\Lenovo
2016-08-09 00:36 - 2016-06-15 08:27 - 00001113 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-08-09 00:07 - 2016-07-02 01:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-07 00:12 - 2014-08-14 10:32 - 00000000 ____D C:\Program Files (x86)\Mobogenie3
2016-08-05 08:56 - 2012-12-14 18:30 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\Media Player Classic
2016-08-05 08:56 - 2012-02-09 00:02 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\uTorrent
2016-08-05 08:56 - 2012-02-08 22:42 - 00000000 ____D C:\Users\64Bit Standard\AppData\Roaming\Winamp
2016-08-05 08:50 - 2012-12-10 01:40 - 00000000 ____D C:\Users\64Bit Standard\AppData\Local\Adobe
2016-08-05 08:48 - 2015-01-02 12:16 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-05 08:46 - 2012-12-10 01:40 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-05 08:46 - 2012-02-08 22:29 - 00000000 ____D C:\ProgramData\Adobe
2016-08-05 08:40 - 2012-12-11 17:21 - 00000000 ____D C:\Program Files\Java
2016-08-05 08:39 - 2016-06-23 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-05 08:39 - 2016-06-23 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-08-05 08:36 - 2016-06-23 02:28 - 00000000 ____D C:\Users\64Bit Standard\.oracle_jre_usage
2016-08-05 08:35 - 2012-12-11 17:22 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-08-04 09:31 - 2012-12-10 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-29 19:45 - 2012-12-12 06:46 - 00003936 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA
2016-07-29 19:45 - 2012-12-12 06:46 - 00003540 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core
2016-07-26 23:29 - 2014-01-18 23:55 - 00000000 ____D C:\Program Files (x86)\Mobogenie

==================== Files in the root of some directories =======

2014-05-02 10:54 - 2013-12-15 10:38 - 6200595 _____ () C:\Program Files\SAM_2294 - Copy.JPG
2014-01-08 20:25 - 2014-05-02 09:53 - 0001703 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml
2015-12-30 10:10 - 2016-01-13 19:49 - 0003584 _____ () C:\Users\64Bit Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-17 15:03 - 2015-06-17 15:03 - 0004096 ____H () C:\Users\64Bit Standard\AppData\Local\keyfile3.drm

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-20 21:58

==================== End of FRST.txt ============================

Macky Recaido · Aug 23, 2016

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by 64Bit Standard (23-08-2016 22:42:01)
Running from C:\Users\64Bit Standard\Desktop
Windows 7 Ultimate (X64) (2012-02-08 13:58:11)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

64Bit Standard (S-1-5-21-203507500-883022594-3238906040-1000 - Administrator - Enabled) => C:\Users\64Bit Standard
Administrator (S-1-5-21-203507500-883022594-3238906040-500 - Administrator - Disabled)
Guest (S-1-5-21-203507500-883022594-3238906040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-203507500-883022594-3238906040-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Acer 3G Connection Manager (HKLM-x32\...\{96F5085A-FAB3-40DA-BF1A-EABC37EA031C}) (Version: 3.00.3500 - Acer Incorporated)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3556 - AVG Technologies)
AVG 2013 (Version: 13.0.3556 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4477 - AVG Technologies) Hidden
Beyluxe Messenger (HKLM-x32\...\Beyluxe Messenger1) (Version: 1 - Hichatters Srl)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.4.9.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{029A4933-3F36-4E4F-AEC3-2207AB26463D}) (Version: 14.4.6.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Chikka Messenger (HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Chikka Messenger) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DisableUAC (HKLM-x32\...\{A59A1422-F883-48EE-8B1B-B140553B0E4D}) (Version: - )
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 2.60 (HKLM-x32\...\FormatFactory) (Version: 2.60 - Free Time)
Games by Petersonic 1.00 (HKLM-x32\...\Games by Petersonic 1.00) (Version: - )
Genie Cleaner (HKLM-x32\...\Genie Cleaner) (Version: 1.0.0.1036 - Oppoos.com)
Genie Wifi (HKLM-x32\...\Genie Wifi) (Version: 1.0.0.1132 - oppoos.com)
GeoVision ADPCM (HKLM-x32\...\GeoADPCM) (Version: - )
GeoVision H264 (HKLM-x32\...\Codec_264) (Version: - )
GeoVision JPEG (HKLM-x32\...\Codec_jpeg) (Version: - )
GeoVision MJPG (HKLM-x32\...\Codec_MJPG) (Version: - )
GeoVision MPEG4 (HKLM-x32\...\GEOXCodec) (Version: - )
GeoVision MPEG4 ASP (HKLM-x32\...\Codec_amp4) (Version: - )
GeoVision MPEG4 AVC (HKLM-x32\...\Codec_AVC) (Version: - )
GeoVision MXPG (HKLM-x32\...\Codec_MXPG) (Version: - )
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.36.5083 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HUAWEI DataCard Driver 3.17.06.00 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 3.17.06.00 - Huawei technologies Co., Ltd.)
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.1.5.4 - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
ITbrain Agent (HKLM-x32\...\ITbrain Agent) (Version: 1.0.0 - TeamViewer)
ITbrain Agent (x32 Version: 1.0 - InstallAware Software Corporation) Hidden
ITbrain Agent (x32 Version: 1.0.0 - TeamViewer) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
K-Lite Codec Pack 6.3.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.3.0 - )
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.334.1 - McAfee, Inc.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mobogenie3 (HKLM-x32\...\Mobogenie3) (Version: 3.0.1.53153 - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6051 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{FC98FBE9-E931-494C-8717-497185371033}) (Version: 7.02.4712 - Nero AG)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Nimbuzz 2.1.0 (HKLM-x32\...\Nimbuzz) (Version: 2.1.0 - Nimbuzz B.V.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PdaNet+ for Android 4.19 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - PhotoScape)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.7.0 - Ralink)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.7.0 - Ralink)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Search App by Ask (HKLM-x32\...\{5245414C-312D-5350-00A7-A758B70C2806}) (Version: 12.40.6.18 - APN, LLC) <==== ATTENTION
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Shopping App by Ask (HKLM-x32\...\{524C544D-2D53-4154-00A7-A758B70C2500}) (Version: 12.37.0.342 - APN, LLC)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - SumatraPDF)
Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 16.001.06.04.256 - Huawei Technologies Co.,Ltd)
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}) (Version: 1.0.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
Tattoo (HKLM-x32\...\Tattoo) (Version: 1.11.00.158 - Huawei Technologies Co.,Ltd)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
UpdateAdmin (HKLM-x32\...\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}) (Version: 2.0.2011 - DownloadAdmin) <==== ATTENTION
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.2 (HKLM-x32\...\VLC media player) (Version: 1.1.2 - VideoLAN)
Warzone 2100 (HKLM-x32\...\Warzone 2100) (Version: 2.3.8 - Warzone 2100 Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-203507500-883022594-3238906040-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wondershare MirrorGo(Version 1.6.0) (HKLM-x32\...\{EE843B49-D9BC-4A9E-A8A7-B9F14C0381C7}_is1) (Version: 1.6.0 - Wondershare)
Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)
X264 (HKLM-x32\...\Codec_X264) (Version: - )
XVID (HKLM-x32\...\Codec_XVID) (Version: - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-203507500-883022594-3238906040-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\64Bit Standard\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-203507500-883022594-3238906040-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\64Bit Standard\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A072FC1-6602-4744-9C34-521A1323B52B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-203507500-883022594-3238906040-1000
Task: {21179EED-1829-4F62-B815-B3BE10867406} - System32\Tasks\RealCreateProcessScheduledTask5493668S-1-5-21-203507500-883022594-3238906040-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-12-10] (RealNetworks, Inc.)
Task: {3277DAAC-EE73-4701-BD93-8739E39A9571} - System32\Tasks\{B8B6D3C1-A3A0-4AFE-8523-06C5A56C2D68} => pcalua.exe -a "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe" -d C:\Windows\system32 -c /ucheck=REAL1-SP /cbid=BMR /dtid=^agu130^YY^PH /guid=E5B10D4E-5F19-4D88-9C11-B9D10E87426C /pvresion=12.24.1.56 /platform=V7
Task: {3588A506-3F9D-4313-BCED-74DA1E375C85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core => C:\Users\64Bit Standard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {3742DE1E-B45A-470B-B322-E090BB5E39FA} - System32\Tasks\RealCreateProcessScheduledTask120339S-1-5-21-203507500-883022594-3238906040-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-12-10] (RealNetworks, Inc.)
Task: {3AB36388-71BC-4DF0-8C71-1C63795F085F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {3F808F50-3518-4E76-88A7-AE50178EA04F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA => C:\Users\64Bit Standard\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-11] (Facebook Inc.)
Task: {4B614B42-ECB9-4080-B9B3-93A9362B6508} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core => C:\Users\64Bit Standard\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-11] (Facebook Inc.)
Task: {4D7D6ECC-AB60-47DB-B43B-7A729DCAA28C} - System32\Tasks\RealCreateProcessScheduledTask725030S-1-5-21-203507500-883022594-3238906040-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-12-10] (RealNetworks, Inc.)
Task: {5FB7FB4A-35B2-4AB5-9996-08FFA12A3FA0} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-08-23] (Enigma Software Group USA, LLC.)
Task: {61FBC9B1-F2A4-41AD-B6B3-059E5D782155} - System32\Tasks\{A81E20BB-5258-4134-A49F-C5DE8CE416B2} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {6BE515CF-A8E0-4062-A61A-25762F380C2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA => C:\Users\64Bit Standard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {9153256F-32EC-48E4-AB60-DA3A6BBD091C} - System32\Tasks\{937A0236-A521-433B-A1F4-EF9AC5AF8BD4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/en/go/help.faq.installer?LastError=1603
Task: {95DE465D-516D-40AE-A908-2FF9B5F05BB0} - System32\Tasks\{19F28C9B-3378-4534-8BC6-B99579A5D0E6} => pcalua.exe -a "C:\Users\64Bit Standard\Downloads\Programs\adb-setup-1.4.3.exe" -d "C:\Users\64Bit Standard\AppData\Roaming\IDM"
Task: {9696F0A3-10D4-413D-8596-A1023444B0D5} - System32\Tasks\Update\Odin3 => C:\Users\64Bit Standard\AppData\Roaming\odin3.exe <==== ATTENTION
Task: {97A75165-5706-44E3-AAD1-9C785240971D} - System32\Tasks\{B2FFC549-3C69-49E4-A205-3166881DDBAB} => pcalua.exe -a "C:\Users\64Bit Standard\Downloads\Beyluxe_Setup488.exe" -d "C:\Users\64Bit Standard\Downloads"
Task: {9BA794BF-F0DC-43C8-A605-AF8F8D52B90C} - System32\Tasks\{73950F2F-7C12-41D7-86E1-6FDEEA865649} => pcalua.exe -a "C:\Users\64Bit Standard\Downloads\Programs\adb-setup-1.4.2.exe" -d "C:\Users\64Bit Standard\AppData\Roaming\IDM"
Task: {A38E39D8-9E73-4A04-B817-46DFE9C63F46} - System32\Tasks\{ADD6E3C7-939C-4FF3-B4EE-157E0DA5FDC8} => pcalua.exe -a C:\Users\64BITS~1\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {BC63FAD9-6237-4BE3-B3F9-3421DAED13A8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-23] (Piriform Ltd)
Task: {C0A05ED6-113C-4664-A0B1-20BE1F1379C2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C4F2C022-260C-4D0A-B6DD-DC5477E74776} - System32\Tasks\{2F058828-1924-41A6-9D36-3E77B41F41D2} => pcalua.exe -a "C:\Program Files (x86)\Wondershare\MobileGo\APKInstaller.exe" -d C:\Users\64BITS~1\AppData\Local\Temp -c "C:\Users\64BITS~1\AppData\Local\Temp\com.avast.android.mobilesecurity-5.2.4-APK4Fun.com.apk" <==== ATTENTION
Task: {C57AE9EB-5676-49D6-998D-A5514708A0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core.job => C:\Users\64Bit Standard\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA.job => C:\Users\64Bit Standard\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000Core.job => C:\Users\64Bit Standard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-203507500-883022594-3238906040-1000UA.job => C:\Users\64Bit Standard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-02-27 14:55 - 2011-03-26 15:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-07-05 03:00 - 2016-04-28 19:33 - 01058616 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2014-01-18 23:55 - 2014-01-09 16:01 - 00766656 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2011-03-14 23:27 - 2011-03-14 23:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-06-02 23:50 - 2015-01-06 00:48 - 03039536 _____ () C:\Windows\system32\dmwu.exe
2014-01-18 23:55 - 2014-08-14 10:20 - 00105664 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2015-02-23 18:46 - 2014-02-15 14:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-01-02 06:38 - 2015-02-03 15:28 - 00105152 _____ () C:\Program Files (x86)\Mobogenie3\MoboGenieHelper.exe
2015-04-16 22:01 - 2015-04-16 22:01 - 00240280 _____ () C:\Program Files (x86)\Blazers\wac.exe
2015-01-06 00:48 - 2015-01-06 00:48 - 00781616 _____ () C:\Windows\SysWOW64\mjcm\dnkt.exe
2015-01-06 00:48 - 2015-01-06 00:48 - 00921392 _____ () C:\Windows\System32\tprb\dnkt.exe
2015-01-06 00:48 - 2015-01-06 00:48 - 02154288 _____ () C:\Windows\System32\tprb\5154\nsib.dll
2012-02-08 23:40 - 2011-05-29 03:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-13 01:58 - 2014-02-13 01:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-13 01:58 - 2014-02-13 01:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-08 23:40 - 2011-05-29 03:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext32.dll
2015-02-06 11:31 - 2015-02-06 11:31 - 00050840 _____ () C:\Program Files (x86)\Genie Soft\Genie Cleaner\MGCommon.dll
2015-03-05 15:42 - 2015-03-05 15:42 - 00050840 _____ () C:\Program Files (x86)\Genie Soft\Genie Wifi\MGCommon.dll
2014-01-18 23:55 - 2014-01-09 15:50 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-01-18 23:55 - 2014-01-09 15:51 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2014-12-07 13:01 - 2015-05-28 10:20 - 00057536 _____ () C:\Program Files (x86)\Mobogenie3\MGCommon.dll
2015-01-06 00:48 - 2015-01-06 00:48 - 01710384 _____ () C:\Windows\SysWOW64\mjcm\5154\nsib.dll
2015-02-06 11:31 - 2015-02-06 11:31 - 38602392 _____ () C:\Program Files (x86)\Genie Soft\Genie Cleaner\libcef.dll
2014-11-27 23:29 - 2014-11-27 23:29 - 01634632 _____ () C:\Program Files (x86)\Genie Soft\Genie Cleaner\ffmpegsumo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-06-23 00:15 - 2016-08-23 22:45 - 00001173 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-203507500-883022594-3238906040-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\64Bit Standard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CONNMGRTRAY => C:\Program Files\Acer\Acer 3G Connection Manager\ConnMgrLauncher.exe Silent
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Nimbuzz => C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E0AFAFA7-02DD-407E-8FD8-1028A52CF872}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{44F42351-040C-48E5-8AD2-4F77495E0CD5}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CA9AAF55-030B-402B-9047-D2B19A16C39B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{547C6380-A886-46C3-A59E-CAEEA3DBA4FF}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{87A177E4-39C1-4C0D-807D-93D604BBEC95}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4A7E9129-3992-4AC5-B765-A180286A15F4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{EE971520-B402-4E81-A70C-A150D688B215}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{13AA6126-4E4E-4F46-863C-D272EE06B361}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{9A6E7478-D46E-4645-81FC-D1DD779299AC}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{AEC9BA14-16A9-43F2-897A-25A3EB19B41B}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{FF781C61-E18F-46B6-B7CD-7D5D818912F0}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{A28DE81E-9607-4276-848B-F51666EB0297}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{05A8B890-018D-4340-973B-EB6E33A72956}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{E556F28D-E301-4AED-85D8-FA1EC3AAD4A6}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{D99CCE51-395B-45EC-B8A3-FA66F3DCD2FE}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{E44C79B6-61ED-4FD9-88B6-59B5D6F3EE5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DF2409C1-22DF-4D77-98E3-71AAF4BCF493}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9735E54C-AA1F-4C61-9758-458CF310C8D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4D1F42AA-7AB6-47CD-B586-8B33190920FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{87EE3EB8-3A21-4DA1-8A7C-0D1C3EBB485D}] => (Allow) C:\Users\64Bit Standard\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752CAFEB-8924-4140-8857-EA1A798A1C26}] => (Allow) C:\Users\64Bit Standard\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D7E8BBF-22E7-402A-8B9E-03DDF923C65C}] => (Allow) C:\Users\64Bit Standard\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{C3CE440F-0498-48E8-931A-83AA3D2C0FC5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{33583574-9B1E-4540-B500-C0AC543DD1EE}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{5C77B243-EEF9-4987-BFB4-1BFE8B0A038A}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{A1723DD1-61A8-4457-A752-633B7C82EDAA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{F37BBA51-AB3A-4481-A8CF-162628678770}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2EDF6379-4BA9-420D-813C-4B8D0DECA68F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{A0C74172-B157-47B0-8680-292DDBBD5529}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [TCP Query User{554688BD-6BED-44CB-8131-DF816E16627F}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{D46E51FE-E38A-4C28-B3F1-840C8C69915B}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{CF2EE898-D463-457F-BE55-63CA6B599C90}C:\program files (x86)\mobogenie3\mobogeniehelper.exe] => (Block) C:\program files (x86)\mobogenie3\mobogeniehelper.exe
FirewallRules: [UDP Query User{26A43B84-E693-4B61-9900-9FDC7181E568}C:\program files (x86)\mobogenie3\mobogeniehelper.exe] => (Block) C:\program files (x86)\mobogenie3\mobogeniehelper.exe
FirewallRules: [{36BB26F1-9148-481B-9CAC-5BFEBB764A78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA8DD925-3BEF-40BD-B97E-36B86AF6AC36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{22B89693-ED51-4936-AF79-80BE89762345}C:\program files (x86)\genie soft\genie wifi\geniewifi.exe] => (Allow) C:\program files (x86)\genie soft\genie wifi\geniewifi.exe
FirewallRules: [UDP Query User{100BF07A-6A83-4F1B-955A-9E736C9F7F49}C:\program files (x86)\genie soft\genie wifi\geniewifi.exe] => (Allow) C:\program files (x86)\genie soft\genie wifi\geniewifi.exe
FirewallRules: [{F32E8D01-4FF3-435E-AC03-51F05AAD78FF}] => (Block) C:\program files (x86)\genie soft\genie wifi\geniewifi.exe
FirewallRules: [{A6B69390-9D3F-4A7B-879E-E595A0B5C6B5}] => (Block) C:\program files (x86)\genie soft\genie wifi\geniewifi.exe
FirewallRules: [TCP Query User{37946B30-78A3-4354-A884-512F46715E59}C:\program files (x86)\warzone 2100\warzone2100.exe] => (Block) C:\program files (x86)\warzone 2100\warzone2100.exe
FirewallRules: [UDP Query User{932356D7-BC6F-4A49-89D7-126072F1EE1D}C:\program files (x86)\warzone 2100\warzone2100.exe] => (Block) C:\program files (x86)\warzone 2100\warzone2100.exe
FirewallRules: [TCP Query User{733EA974-A1B9-41AD-A4CB-B1376E5721E2}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{D080EAFA-0B15-4349-8044-34ED5AA69A2B}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{46B289DE-206B-4F12-B09F-4CDB569EE805}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F812E5E4-AA4D-4BB6-8409-DED9CAF70B46}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F44FE912-3DBC-48F0-853E-403ABA3E51EC}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{BF97211A-A6FB-4065-8647-70A211E1A453}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{9029A38E-3B0D-45F9-BAF8-9AD27DC1251F}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{37A01B5E-1957-47C7-A3B2-5FEB977CAA7A}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{7BF20784-E2FF-422A-83D6-154526E151A0}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{8251EE51-377E-4CD6-A035-4F06C552BBB6}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{14D7E43D-7FC1-46C4-9BA3-ECDB7957E69A}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{B7715F1D-D0C7-4DB5-BE10-850FA8FDD172}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{A7A68587-0291-4480-9BA1-947F5D62C1E3}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{8C3E155F-2A56-4813-8D5B-2EBFF5ABF820}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{FA7406FD-8CF4-49F1-8843-B8BD7BA0DE72}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{6001D70C-06A5-40BE-988B-E61695731177}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [TCP Query User{CB48040C-2D41-44D6-B184-E01BE0CA9D51}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{2A0E735A-CA19-48CA-9C7E-FDAFCC3323A4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{02EA5863-2FED-4122-8EF3-494CBCB26012}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [UDP Query User{ED927D1B-DD97-4BA4-83CA-F32B8A12BB78}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe
FirewallRules: [TCP Query User{6EB477C2-78B5-403D-81FB-079203652970}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{4FC8BD1E-E0E4-45F6-821E-5AC9B16A48A4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [TCP Query User{426BF8A3-CF55-4937-ABA1-1FD4DC8ECF37}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [UDP Query User{5449731F-3ACD-42BC-86BA-13921B082A51}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [{D5D4BA5F-CB39-43DE-B22E-6AD4842B8BA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6805B847-120F-4CFB-B222-4C939E4D01C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{02AED993-655C-4851-94E0-6D4FE56E33CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E64606AF-B896-467A-B1A2-00C469FC83FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B137FC90-826E-4E43-ABDE-0EB0E94B4B7A}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{9499157E-EBAC-48CC-9457-3022EBDB6B31}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{88A9AE48-5FED-4F79-9E1C-A6688565FFF7}] => (Allow) C:\Users\64Bit Standard\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/23/2016 10:10:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.23.2.4686 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1414

Start Time: 01d1fd4557d0fc1e

Termination Time: 10

Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Report Id: 4eec9a28-693b-11e6-b95c-206a8a75284a

Error: (08/23/2016 10:02:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16385, time stamp: 0x4a5bc9bb
Faulting module name: comctl32.dll, version: 6.10.7600.16385, time stamp: 0x4a5bde67
Exception code: 0xc000041d
Fault offset: 0x0000000000087a99
Faulting process id: 0x784
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/22/2016 02:37:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5803

Error: (08/22/2016 02:37:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5803

Error: (08/22/2016 02:37:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/21/2016 01:22:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/21/2016 01:22:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/21/2016 01:22:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/21/2016 01:22:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (08/21/2016 01:22:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (08/23/2016 09:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Wondershare Application Framework Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/23/2016 09:18:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Wondershare Application Framework Service service to connect.

Error: (08/23/2016 09:17:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer Wrapper TrueKey service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/23/2016 09:17:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Service Installer Wrapper TrueKey service to connect.

Error: (08/23/2016 02:50:28 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5 = Access is denied.

Error: (08/23/2016 12:24:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer Wrapper TrueKey service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/23/2016 12:24:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Service Installer Wrapper TrueKey service to connect.

Error: (08/23/2016 01:30:22 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5 = Access is denied.

Error: (08/22/2016 11:48:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Wondershare Application Framework Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/22/2016 11:48:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Wondershare Application Framework Service service to connect.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 90%
Total physical RAM: 1859.19 MB
Available physical RAM: 171.2 MB
Total Virtual: 3718.38 MB
Available Virtual: 802.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:14.97 GB) NTFS
Drive d: (Data) (Fixed) (Total:200.43 GB) (Free:173.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 61FF3A35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Broni · Aug 23, 2016

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

Uninstall following unwanted programs:

IB Updater Service
Internet Explorer Toolbar 4.6 by SweetPacks
Mobogenie
Mobogenie3
Search App by Ask
SweetIM for Messenger 3.7
SweetPacks bundle uninstaller
Update Manager for SweetPacks 1.1
UpdateAdmin
YTD Video Downloader 3.9.6

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Inactive Assist here please..FRST.txt and Addition.txt

Macky Recaido

Macky Recaido

Broni

Posts: 56,041 +516

Similar threads

Latest posts