Author Topic: [Resolved] Malwarebytes notification every 30 seconds- Su2.ff.avast.com  (Read 2059 times)

Offline Kaz

  • Bronze Member
  • Posts: 31
Malwarebytes keeps popping up with the notification: malicious website blocked.
Domain-  Su2.ff.avast.com

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 7/30/2015 9:54:44 PM
System Uptime: 9/21/2015 9:53:21 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0TWP67
Processor: Intel(R) Pentium(R) CPU  N3530  @ 2.16GHz | CPU 1 | 1992/83mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 331.394 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP10: 9/9/2015 8:56:14 PM - Windows Update
RP11: 9/17/2015 8:00:22 PM - Scheduled Checkpoint
RP12: 9/21/2015 9:07:06 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat Reader DC
Adobe Digital Editions 4.0
Adobe Flash Player 18 NPAPI
Adobe Refresh Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Audacity 2.1.0
Avast Free Antivirus
Bonjour
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 12
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Customer Connect
Dell Data Vault
Dell SupportAssist
Dell SupportAssistAgent
Dell Touchpad
Dell Update
Dell WLAN and Bluetooth Client Installation
Dropbox
Easy Watermark Studio Lite version 4.2
Evernote v. 5.8.13
FileZilla Client 3.12.0.2
FocusWriter
Freemake Audio Converter version 1.1.3
Freemake Video Converter version 4.1.6
Freemake Video Downloader
Freemake YouTube To MP3 Boom
Google Chrome
Google Drive
Google Update Helper
GoToMeeting 7.3.0.3499
HP LaserJet Professional P1100-P1560-P1600 Series
Intel(R) Processor Graphics
Intel(R) Trusted Execution Engine
Intel(R) Trusted Execution Engine Driver
iTunes
Java 8 Update 51
Java Auto Updater
Jing
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Office 365 - en-us
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 40.0.3 (x86 en-US)
Mozilla Maintenance Service
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
OpenOffice 4.1.1
Qualcomm Atheros Bluetooth Suite (64)
Quickset64
QuickTime 7
Realtek High Definition Audio Driver
RescueTime 2.10.2.1372
Skype Click to Call
Skype™ 7.8
Update for Microsoft en-us Dictionary
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
WeBuilder 2015 v13.2
WinPcap 4.1.2
.
==== Event Viewer Messages From Past Week ========
.
9/21/2015 8:54:44 PM, Error: ACPI [13]  - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
9/21/2015 8:53:45 PM, Error: Service Control Manager [7031]  - The User Data Storage_Session1 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 8:53:45 PM, Error: Service Control Manager [7031]  - The Sync Host_Session1 service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 8:53:34 PM, Error: Service Control Manager [7031]  - The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 8:53:34 PM, Error: Service Control Manager [7031]  - The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 8:53:34 PM, Error: Service Control Manager [7031]  - The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 8:53:34 PM, Error: Service Control Manager [7031]  - The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/21/2015 7:20:56 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
9/20/2015 9:07:45 AM, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
9/20/2015 6:15:00 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
9/20/2015 6:14:58 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
9/20/2015 12:41:19 AM, Error: Service Control Manager [7034]  - The Freemake Improver service terminated unexpectedly.  It has done this 1 time(s).
9/19/2015 5:21:52 PM, Error: Service Control Manager [7023]  - The Sync Host_Session4 service terminated with the following error:  Access is denied.
9/19/2015 5:21:49 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session4 service, but this action failed with the following error:  An instance of the service is already running.
9/19/2015 5:21:49 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session4 service to connect.
9/19/2015 5:21:39 PM, Error: Service Control Manager [7031]  - The User Data Storage_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 5:21:39 PM, Error: Service Control Manager [7031]  - The User Data Access_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 5:21:39 PM, Error: Service Control Manager [7031]  - The Sync Host_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 5:21:39 PM, Error: Service Control Manager [7031]  - The Contact Data_Session4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 1:26:39 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session3 service to connect.
9/19/2015 1:26:37 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session3 service, but this action failed with the following error:  An instance of the service is already running.
9/19/2015 1:26:37 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session3 service to connect.
9/19/2015 1:26:27 AM, Error: Service Control Manager [7031]  - The User Data Storage_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 1:26:27 AM, Error: Service Control Manager [7031]  - The User Data Access_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 1:26:27 AM, Error: Service Control Manager [7031]  - The Sync Host_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/19/2015 1:26:27 AM, Error: Service Control Manager [7031]  - The Contact Data_Session3 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/17/2015 11:14:42 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session2 service, but this action failed with the following error:  An instance of the service is already running.
9/17/2015 11:14:42 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session2 service to connect.
9/17/2015 11:14:42 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session2 service to connect.
9/17/2015 11:14:32 PM, Error: Service Control Manager [7031]  - The User Data Storage_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/17/2015 11:14:32 PM, Error: Service Control Manager [7031]  - The User Data Access_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/17/2015 11:14:32 PM, Error: Service Control Manager [7031]  - The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/17/2015 11:14:32 PM, Error: Service Control Manager [7031]  - The Contact Data_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/15/2015 2:50:59 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. The error: "5" Happened while starting this command: C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
.
==== End Of File ===========================


---------------------------------

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412  BrowserJavaVersion: 11.51.2
Run by ibnal_000 at 22:50:20 on 2015-09-21
Microsoft Windows 10 Home  10.0.10240.0.1252.1.1033.18.3979.2034 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\windows\system32\HPSIsvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\taskeng.exe
svchost.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Awareness\Awareness.exe
C:\Users\ibnal_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files (x86)\RescueTime\RescueTime.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6131.10021.0_x64__8wekyb3d8bbwe\onenoteim.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\wbem\WmiApSrv.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid=%7B80D165FB-1B0D-42A9-8FE6-AEF93276BD7E%7D&mid=21124e54996147cda1ece9f89d9f8e61-c8ded0586d584cc3ba645bba5e9597982bffe0ae&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-28%2022:46:55&v=4.0.6.10&pid=wtu&sg=&sap=hp
uDefault_Page_URL = www.dell.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Dropbox Update] "C:\Users\ibnal_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [OneDrive] "C:\Users\ibnal_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRunOnce: [Uninstall C:\Users\ibnal_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\ibnal_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
uRunOnce: [Uninstall C:\Users\ibnal_000\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\ibnal_000\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\IBNAL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AWAREN~1.LNK - C:\Program Files (x86)\Awareness\Awareness.exe
StartupFolder: C:\Users\IBNAL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\ibnal_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\IBNAL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\IBNAL_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RESCUE~1.LNK - C:\Program Files (x86)\RescueTime\RescueTime.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: DisableCAD = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f}\14274702B49647368656E6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f}\7523153463 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f}\7716E6465627C6573747 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f}\E456771627B6E45647F564275656F57596D26496 : DHCPNameServer = 10.10.15.254 4.2.2.2
TCP: Interfaces\{313c4910-202a-4659-bded-c891e1523c9f}\F6074796D657D677966696 : DHCPNameServer = 10.240.205.161
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
x64-Run: [WavesSvc] "C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: DisableCAD = dword:1
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ibnal_000\AppData\Roaming\Mozilla\Firefox\Profiles\c7m2x4ms.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\ibnal_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-6-6 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-6-6 274808]
R0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\WINDOWS\System32\drivers\btath_bus.sys [2015-3-4 35016]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\WINDOWS\System32\drivers\stdcfltn.sys [2015-3-5 22168]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-8-13 200528]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswsnx.sys [2015-6-6 1048344]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-6-6 447944]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2015-3-4 91712]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-5-29 77128]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-6-6 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-6-6 90968]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-8-3 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-8-31 2768472]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 Dell Customer Connect;Dell Customer Connect;C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [2015-4-9 145288]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-5-22 2573520]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-5-22 201936]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-8-27 237272]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2015-8-5 108032]
R2 HPSIService;HP SI Service;C:\WINDOWS\System32\HPSIsvc.exe [2015-4-14 126520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-11 328624]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-7-1 733696]
R2 mbamchameleon;mbamchameleon;C:\WINDOWS\System32\drivers\mbamchameleon.sys [2015-4-2 109272]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-6-24 303360]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-6-11 20648]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2015-3-9 599240]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 DDDriver;DDDriver;C:\WINDOWS\System32\drivers\DDDriver64Dcsa.sys [2015-2-26 23760]
R3 DellProf;DellProf;C:\WINDOWS\System32\drivers\DellProf.sys [2015-5-22 24240]
R3 DellRbtn;Airplane Mode Switch;C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-3-4 10752]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-3-4 450520]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-26 39480]
R3 kiox_ff_driver;Kionix freefall detection service;C:\WINDOWS\System32\drivers\kiox_ff_driver.sys [2015-6-15 41456]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 SensorsHIDClassDriver;UMDF Reflector service for Sensors HID Class Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-3-4 31472]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;C:\WINDOWS\System32\drivers\TXEIx64.sys [2015-3-4 88592]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-6-6 150672]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2015/04/02 14:03:34;C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2014-11-17 243464]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-4-2 1871160]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-2 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2015-7-10 165376]
S3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2015-7-10 36864]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-12-26 50232]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-7-1 822232]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-4-2 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-4-2 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 mvusbews;USB EWS Device;C:\WINDOWS\System32\drivers\mvusbews.sys [2012-12-24 20480]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0;PCDSRVC{3B54B31B-D06B6431-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell\SupportAssist\pcdsrvc_x64.pkms [2015-5-19 25584]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-7-31 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2015-3-4 272088]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-7-31 1031680]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-8-20 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 SWDUMon;SWDUMon;C:\WINDOWS\System32\drivers\SWDUMon.sys [2015-9-9 16056]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-7-31 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-8-13 685568]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-7-10 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
.
=============== File Associations ===============
.
FileExt: .vbs: WeBuilder.Document="C:\Program Files (x86)\WeBuilder 2015\webuild.exe" "%1"
FileExt: .js: WeBuilder.JavaScript="C:\Program Files (x86)\WeBuilder 2015\webuild.exe" "%1"
.
=============== Created Last 30 ================
.
2015-09-22 02:47:59   16148   ----a-w-   C:\WINDOWS\System32\MERCURYIII_ibnal_000_HistoryPrediction.bin
2015-09-21 11:52:55   --------   d-----w-   C:\Users\ibnal_000\AppData\Local\Microsoft Help
2015-09-13 01:52:42   329576   ----a-w-   C:\WINDOWS\System32\hpinkstsBB11LM.dll
2015-09-13 01:52:42   2872680   ----a-w-   C:\WINDOWS\System32\hpinkinsBB11.exe
2015-09-13 01:52:42   269160   ----a-w-   C:\WINDOWS\System32\hpinkcoiBB11.dll
2015-09-13 01:52:19   246648   ----a-w-   C:\WINDOWS\System32\WD_MYCLOUD_2_2_0.dll
2015-09-10 03:25:34   16056   ----a-w-   C:\WINDOWS\System32\drivers\SWDUMon.sys
2015-09-10 03:25:31   --------   d-----w-   C:\Users\ibnal_000\AppData\Local\SlimWare Utilities Inc
2015-09-09 21:48:59   77400   ----a-w-   C:\WINDOWS\System32\acmigration.dll
2015-09-09 21:48:59   45568   ----a-w-   C:\WINDOWS\System32\atmlib.dll
2015-09-09 21:48:59   37376   ----a-w-   C:\WINDOWS\SysWow64\atmlib.dll
2015-09-09 21:48:59   184320   ----a-w-   C:\WINDOWS\System32\shacct.dll
2015-09-02 16:56:17   --------   d-----w-   C:\Users\ibnal_000\AppData\Roaming\Easy Watermark Studio Lite
2015-09-02 16:56:06   --------   d-----w-   C:\Program Files (x86)\Easy Watermark Studio Lite
2015-08-31 20:52:19   630992   ----a-w-   C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-08-31 20:48:05   --------   d-----w-   C:\Program Files\Microsoft Office 15
2015-08-31 20:42:29   --------   d-----w-   C:\Program Files\office.tmp
2015-08-31 03:18:23   --------   d-----w-   C:\Users\ibnal_000\AppData\Local\TechSmith
2015-08-28 18:13:01   --------   d-----w-   C:\Program Files (x86)\Dell Update
2015-08-28 02:07:09   --------   d-----w-   C:\Users\ibnal_000\AppData\Local\FreemakeVideoConverter
2015-08-28 02:05:55   --------   d-----w-   C:\Users\ibnal_000\AppData\Roaming\YoutubeToMp3Converter
2015-08-26 04:24:49   --------   d-----w-   C:\Program Files\iPod
2015-08-26 04:24:49   --------   d-----w-   C:\Program Files (x86)\iTunes
2015-08-26 04:24:48   --------   d-----w-   C:\Program Files\iTunes
.
==================== Find3M  ====================
.
2015-09-22 02:10:52   113880   ----a-w-   C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-09-22 01:53:44   147656   ------w-   C:\WINDOWS\System32\drivers\rikvm_99E320F5.sys
2015-09-15 16:12:10   812008   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-09-15 16:12:10   178152   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-09-02 00:25:58   3586560   ----a-w-   C:\WINDOWS\System32\win32kfull.sys
2015-09-02 00:25:34   1382912   ----a-w-   C:\WINDOWS\System32\win32kbase.sys
2015-08-27 06:32:24   608936   ----a-w-   C:\WINDOWS\System32\fontdrvhost.exe
2015-08-27 06:04:18   21874688   ----a-w-   C:\WINDOWS\System32\edgehtml.dll
2015-08-27 05:54:40   365568   ----a-w-   C:\WINDOWS\System32\atmfd.dll
2015-08-27 05:54:26   541248   ----a-w-   C:\WINDOWS\SysWow64\fontdrvhost.exe
2015-08-27 05:51:48   1774592   ----a-w-   C:\WINDOWS\System32\Windows.UI.Immersive.dll
2015-08-27 05:51:42   2350592   ----a-w-   C:\WINDOWS\System32\authui.dll
2015-08-27 05:49:28   1008640   ----a-w-   C:\WINDOWS\System32\schedsvc.dll
2015-08-27 05:43:31   576000   ----a-w-   C:\WINDOWS\System32\vbscript.dll
2015-08-27 05:42:52   187904   ----a-w-   C:\WINDOWS\System32\Windows.UI.PicturePassword.dll
2015-08-27 05:42:46   596480   ----a-w-   C:\WINDOWS\System32\SettingSync.dll
2015-08-27 05:42:25   578560   ----a-w-   C:\WINDOWS\System32\winlogon.exe
2015-08-27 05:23:43   303104   ----a-w-   C:\WINDOWS\SysWow64\atmfd.dll
2015-08-27 05:16:41   1612288   ----a-w-   C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
2015-08-27 05:16:38   2153472   ----a-w-   C:\WINDOWS\SysWow64\authui.dll
2015-08-27 05:16:03   18806272   ----a-w-   C:\WINDOWS\SysWow64\edgehtml.dll
2015-08-27 05:12:35   504320   ----a-w-   C:\WINDOWS\SysWow64\vbscript.dll
2015-08-27 05:11:54   484352   ----a-w-   C:\WINDOWS\SysWow64\SettingSync.dll
2015-08-27 05:11:39   139776   ----a-w-   C:\WINDOWS\SysWow64\shacct.dll
2015-08-21 08:20:00   1048344   ----a-w-   C:\WINDOWS\System32\drivers\aswsnx.sys
2015-08-20 06:07:55   8019296   ----a-w-   C:\WINDOWS\System32\ntoskrnl.exe
2015-08-20 06:06:53   609592   ----a-w-   C:\WINDOWS\System32\ci.dll
2015-08-20 05:26:23   168960   ----a-w-   C:\WINDOWS\System32\InstallAgent.exe
2015-08-20 05:21:13   193024   ----a-w-   C:\WINDOWS\System32\EnterpriseModernAppMgmtCSP.dll
2015-08-20 05:09:01   929280   ----a-w-   C:\WINDOWS\System32\drivers\bthport.sys
2015-08-18 07:56:25   2498808   ----a-w-   C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-18 07:55:45   373072   ----a-w-   C:\WINDOWS\System32\drivers\USBXHCI.SYS
2015-08-18 07:54:30   1396064   ----a-w-   C:\WINDOWS\System32\LicenseManager.dll
2015-08-18 07:27:23   1771592   ----a-w-   C:\WINDOWS\SysWow64\CoreUIComponents.dll
2015-08-18 07:24:35   963920   ----a-w-   C:\WINDOWS\SysWow64\LicenseManager.dll
2015-08-18 07:13:10   497664   ----a-w-   C:\WINDOWS\System32\WlanMediaManager.dll
2015-08-18 07:13:06   387584   ----a-w-   C:\WINDOWS\System32\NetSetupShim.dll
2015-08-18 07:12:20   692224   ----a-w-   C:\WINDOWS\System32\drivers\UMDF\NfcCx.dll
2015-08-18 07:12:18   2225664   ----a-w-   C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-08-18 07:07:34   2226688   ----a-w-   C:\WINDOWS\System32\wlansvc.dll
2015-08-18 07:04:20   859136   ----a-w-   C:\WINDOWS\System32\modernexecserver.dll
2015-08-18 07:04:14   1234944   ----a-w-   C:\WINDOWS\System32\aitstatic.exe
2015-08-18 06:59:35   1294336   ----a-w-   C:\WINDOWS\System32\wcnwiz.dll
2015-08-18 06:59:02   140288   ----a-w-   C:\WINDOWS\System32\WcnApi.dll
2015-08-18 06:58:46   50176   ----a-w-   C:\WINDOWS\System32\WcnNetsh.dll
2015-08-18 06:58:34   112640   ----a-w-   C:\WINDOWS\System32\fdWCN.dll
2015-08-18 06:58:31   117760   ----a-w-   C:\WINDOWS\System32\dafWCN.dll
2015-08-18 06:58:25   187392   ----a-w-   C:\WINDOWS\System32\NetSetupSvc.dll
2015-08-18 06:57:54   45568   ----a-w-   C:\WINDOWS\System32\wfdprov.dll
2015-08-18 06:56:48   79872   ----a-w-   C:\WINDOWS\System32\BthRadioMedia.dll
2015-08-18 06:55:01   2178560   ----a-w-   C:\WINDOWS\System32\AppXDeploymentServer.dll
2015-08-18 06:54:11   247296   ----a-w-   C:\WINDOWS\System32\facecredentialprovider.dll
2015-08-18 06:54:03   322048   ----a-w-   C:\WINDOWS\System32\vaultsvc.dll
2015-08-18 06:52:26   1888768   ----a-w-   C:\WINDOWS\System32\dwmcore.dll
2015-08-18 06:50:04   1795072   ----a-w-   C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2015-08-18 06:49:52   1061888   ----a-w-   C:\WINDOWS\System32\reseteng.dll
2015-08-18 06:49:20   246272   ----a-w-   C:\WINDOWS\System32\PackageStateRoaming.dll
2015-08-18 06:49:03   274432   ----a-w-   C:\WINDOWS\SysWow64\NetSetupShim.dll
2015-08-18 06:36:08   1226752   ----a-w-   C:\WINDOWS\SysWow64\wcnwiz.dll
2015-08-18 06:35:49   100352   ----a-w-   C:\WINDOWS\SysWow64\WcnApi.dll
2015-08-18 06:35:18   95744   ----a-w-   C:\WINDOWS\SysWow64\fdWCN.dll
2015-08-18 06:34:44   37376   ----a-w-   C:\WINDOWS\SysWow64\wfdprov.dll
2015-08-18 06:29:11   1593344   ----a-w-   C:\WINDOWS\SysWow64\dwmcore.dll
2015-08-18 06:26:08   195584   ----a-w-   C:\WINDOWS\SysWow64\PackageStateRoaming.dll
2015-08-13 04:22:26   2093056   ----a-w-   C:\WINDOWS\System32\wlidsvc.dll
2015-08-13 04:20:39   414208   ----a-w-   C:\WINDOWS\System32\AppXDeploymentClient.dll
2015-08-13 03:53:21   311808   ----a-w-   C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2015-08-11 10:04:24   2462648   ----a-w-   C:\WINDOWS\System32\mfcore.dll
2015-08-11 10:04:23   4532304   ----a-w-   C:\WINDOWS\explorer.exe
2015-08-11 10:04:15   1087296   ----a-w-   C:\WINDOWS\System32\mfplat.dll
2015-08-11 10:03:09   442208   ----a-w-   C:\WINDOWS\System32\drivers\storport.sys
2015-08-11 10:02:57   554744   ----a-w-   C:\WINDOWS\System32\directmanipulation.dll
2015-08-11 10:02:56   80720   ----a-w-   C:\WINDOWS\System32\drivers\stornvme.sys
2015-08-11 10:02:49   292856   ----a-w-   C:\WINDOWS\System32\LockAppHost.exe
2015-08-11 09:52:49   993104   ----a-w-   C:\WINDOWS\System32\ReAgent.dll
2015-08-11 09:50:47   1643872   ----a-w-   C:\WINDOWS\System32\diagtrack.dll
2015-08-11 09:40:22   4048808   ----a-w-   C:\WINDOWS\SysWow64\explorer.exe
2015-08-11 09:40:12   918320   ----a-w-   C:\WINDOWS\SysWow64\mfplat.dll
2015-08-11 09:40:08   2151208   ----a-w-   C:\WINDOWS\SysWow64\mfcore.dll
2015-08-11 09:38:22   454000   ----a-w-   C:\WINDOWS\SysWow64\directmanipulation.dll
2015-08-11 09:37:48   243800   ----a-w-   C:\WINDOWS\SysWow64\LockAppHost.exe
2015-08-11 09:26:03   845664   ----a-w-   C:\WINDOWS\SysWow64\ReAgent.dll
2015-08-11 09:23:59   16706560   ----a-w-   C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-08-11 09:21:13   148992   ----a-w-   C:\WINDOWS\System32\tetheringservice.dll
2015-08-11 09:21:04   52224   ----a-w-   C:\WINDOWS\System32\tetheringclient.dll
2015-08-11 09:20:02   483328   ----a-w-   C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll
2015-08-11 09:19:45   235520   ----a-w-   C:\WINDOWS\System32\SettingsHandlers_Notifications.dll
2015-08-11 09:18:44   235008   ----a-w-   C:\WINDOWS\System32\UserMgrProxy.dll
2015-08-11 09:16:32   2416640   ----a-w-   C:\WINDOWS\System32\MFMediaEngine.dll
2015-08-11 09:14:02   404480   ----a-w-   C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-11 09:13:42   413184   ----a-w-   C:\WINDOWS\System32\diagtrack_win.dll
2015-08-11 09:11:40   2446336   ----a-w-   C:\WINDOWS\System32\InputService.dll
2015-08-11 09:11:18   553472   ----a-w-   C:\WINDOWS\System32\GamePanel.exe
2015-08-11 09:10:47   293376   ----a-w-   C:\WINDOWS\System32\TextInputFramework.dll
2015-08-11 09:10:12   324096   ----a-w-   C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 09:10:06   778752   ----a-w-   C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2015-08-11 09:09:55   32768   ----a-w-   C:\WINDOWS\System32\wuautoappupdate.dll
2015-08-11 09:08:04   893440   ----a-w-   C:\WINDOWS\System32\MbaeApiPublic.dll
2015-08-11 09:08:04   563200   ----a-w-   C:\WINDOWS\System32\MbaeApi.dll
2015-08-11 09:07:52   593920   ----a-w-   C:\WINDOWS\System32\wcmsvc.dll
.
============= FINISH: 22:53:04.26 ===============
« Last Edit: September 22, 2015, 05:42:36 AM by Hoov »



Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27043
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Malwarebytes notification every 30 seconds- Su2.ff.avast.com
« Reply #1 on: September 22, 2015, 05:53:49 AM »
My name is Hoov and I will be helping you with your problem. As you have been helped here before I will skip the preliminaries.

Fortunately (or unfortunately depending on your point of view) this is not a problem with your computer. According to what I have found out, this is happening because of some legacy code in Avast. Take a look at this post on Avast's forum.

https://forum.avast.com/index.php?topic=176229.msg1250717#msg1250717

Looks like the temporary fix for now is changing your DNS servers. There are instructions here on how to change it. If I were you I would watch that thread and when Avast fixes the code, switch them back.

Let me know if that fixes the problem.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline Kaz

  • Bronze Member
  • Posts: 31
Re: [In Progress] Malwarebytes notification every 30 seconds- Su2.ff.avast.com
« Reply #2 on: September 22, 2015, 09:09:19 AM »
That seems to have done the trick. I will periodically check the Avast post for updates on the fix.

Thanks much Hoov.