Free Forums with no limits on posts or members.
zIFBoards - Free Forum Hosting
Welcome to 5 Star Support a free computer help forum in association with 5starsupport.com. We hope you enjoy your visit.
You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.
Join our community!
If you're already a member please log in to your account to access all of our features:

Name:   Password:


Pages: (4) [1] 2 3 ... Last » ( Go to first unread post )

 Pop-ups, Killing my computer
punkybunge
Posted: Mar 27 2014, 07:46 PM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



unsure.gif Hello my name is Nola and I am having a super hard time and don't know what to do and need help. For awhile now my computer has occasionally ran slow and most of the time freeze up. Sometimes there would be a box come up and tell me there was a script running and did I want to continue or stop it. Sometimes it would unfreeze if I clicked stop script and sometimes it would if I clicked to continue. Sometimes I would have to ctrl alt del to get it to work again. About a week ago, pop-ups joined into the confusion. They are all the time and everywhere. On this page when I clicked on new topic, I instantly had 3 other tabs open up going to other sites, not always the same sites when this happens. Then after clicking those off pop ups are on this page, for example to the left of this box is a long line of related searches that takes up a quarter of this page that I cannot figure out how to get off. a pop up keeps coming across the bottom that says we can fight cancer together, also one that keeps telling me things about Malware. that it's detected that the scan is complete, which is odd because I tried to update Malwarebytes and the process was stopped and said it was unable to update. When I go to my banking online, sometimes my mouse is a lil jerky like the pc is trying to freeze up. And at times when it is having a slow freezing going on, the pointer will do it's own thing and that makes me afraid someone else has control of it. I can't do my banking online anymore cause that scares me. So I cannot think of anything else it does right at the moment so I hope this has given you enough info to help you help me. I didn't see anywhere about a HJT report so I didn't add that. Please let me know what I need to do next. Thank you so much! Nola Oh my gosh, when I posted this, that Malware thing kept popping up telling me to get off this site. and this was blocking dangerous malware. Malicious website blocked
Top
Starbuck
Posted: Mar 27 2014, 11:13 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



Hi Nola

Sounds like you have a few problems there.
You don't say what your Operating system is or whether it's a 32bit or 64bit system.

Note:
There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

If you are unsure what you're system bit type is..... click Here for help.

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool.

    user posted image
  • When the tool opens click Yes to disclaimer.

    user posted image
  • Press Scan button.

    user posted image
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.


If you have problems with this tool, let me know and also tell me whether you are running a 32bit or a 64bit system.

Thanks


--------------------
user posted image
Top
punkybunge
Posted: Mar 28 2014, 05:04 PM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Thank you for your help. I noticed that every time that thing popped up it always said the problem was in program files 86, or Mozilla, so I just went to Control Panel and started uninstalling things including Mozilla. I downloaded Safari and am using it now. I ran the scans you asked me to, I'll add them in here and hopefully all the problems aren't just hiding. This is a 64 bit system. I have to send the additional scan to a 2nd reply because it won't let me send them both at once. They are very big reports, are they supposed to be??

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nola (administrator) on NOLA-PC on 28-03-2014 11:28:10
Running from C:\Users\Nola\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/f...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/f...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33508...very-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(The Weather Channel) C:\Program Files (x86)\The Weather Channel FW\Screensaver\TWCScreensaverUpdater.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigiData Corp.) C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iWin Inc.) C:\Program Files (x86)\iWin Games\iWinTrusted.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
() C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(PlumChoice, Inc.) C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\PCMonitoringService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(GoForSharing) C:\Program Files (x86)\TurboWire\TurboWire.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [325512 2011-05-15] (BillP Studios)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-07] (AVAST Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7bdac4a0-658f-477d-b7b6-725e77be1c31.exe /check [181136 2014-03-28] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=9001&t=03
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
URLSearchHook: HKLM-x32 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKLM-x32 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&ut...1&ts=1383756129
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL = http://www.searchqu.com/web?src=ieb&appid=...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://search.bearshare.com/web?src=ieb&ap...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2408} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL = http://www.searchqu.com/web?src=ieb&appid=...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://search.bearshare.com/web?src=ieb&ap...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2408} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?...&ctid=CT2475029
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={sear...0-00262D3F844C}
SearchScopes: HKCU - DefaultScope {8524CA1E-B5F9-4E67-8E66-9CA48D977FEC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {2B227BDA-D7A0-4EC5-960C-8C0F77B77505} URL = http://search.yahoo.com/search?p={searchTe...f-8&fr=chr-yie9
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_sour...q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&...1I7ACEW_enUS405
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8524CA1E-B5F9-4E67-8E66-9CA48D977FEC} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={0E4182B...fr&d=2011-11-11 13:37:42&v=8.0.0.40&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2408} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {B31A01A9-09E8-4799-A4C4-0573AF1C9859} URL = http://search.conduit.com/ResultsExt.aspx?...M=2&SSPV=TB_CS7
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com?src=6&q={searc...006.10045&st=23
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Media Watch - {e939da1c-d03b-4d8c-a247-94fdab5db795} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ie\MediaWatchV1home995.dll ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - !{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM-x32 - No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
Toolbar: HKLM-x32 - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab
DPF: HKLM-x32 {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab
DPF: HKLM-x32 {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinner.com/games/v48/brickout/brickout.cab
DPF: HKLM-x32 {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinner.com/games/v50/pool/pool.cab
DPF: HKLM-x32 {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/....0/iewwload.cab
DPF: HKLM-x32 {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab
DPF: HKLM-x32 {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/in...r_installer.exe
DPF: HKLM-x32 {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinner.com/games/v44/golfsol/golfsol.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @ei.DailyBibleGuide.com/Plugin - No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: npDisplayEngine - No File
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Nola\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: FreeWorkz - C:\Users\Nola\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com [2011-11-28]
FF Extension: Freeworkz TextLinks - C:\Users\Nola\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@fworkz.com [2011-11-28]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-07]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home995.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ff [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-26]
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Nola\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: GreatArcadeHits Add-on - C:\Users\Nola\AppData\Local\GreatArcadeHits\gahff.xpi [2013-08-14]

Chrome:
=======
CHR HomePage: hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={2B645660-F0D0-11E2-9F30-00262D3F844C}
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx?gd=...rchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Google Drive) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Google Search) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (IncrediMail MediaBar 2) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj [2013-11-19]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-11-19]
CHR Extension: (WhiteSmoke New) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-11-19]
CHR Extension: (Media Watch) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodmkjhmdojjodiimpfekmmkkhaommhh [2014-03-22]
CHR Extension: (Google Wallet) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-11-19]
CHR HKCU\...\Chrome\Extension: [ebfmlbdgbekinmmpfmpjjkfclcgedhgj] - C:\Users\Nola\AppData\Local\CRE\ebfmlbdgbekinmmpfmpjjkfclcgedhgj.crx [2012-11-26]
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Nola\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [ebfmlbdgbekinmmpfmpjjkfclcgedhgj] - C:\Users\Nola\AppData\Local\CRE\ebfmlbdgbekinmmpfmpjjkfclcgedhgj.crx [2012-11-26]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-11-26]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\NewTab.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Nola\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [kodmkjhmdojjodiimpfekmmkkhaommhh] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ch\MediaWatchV1home995.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - [2014-03-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-07] (AVAST Software)
R2 COX CommunicationsMonitoringService; C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\PCMonitoringService.exe [14456 2010-11-17] (PlumChoice, Inc.)
R2 FilesystemWatcher; C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe [24576 2012-05-02] (DigiData Corp.)
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
R2 OnlineBackupSchedulerService; C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe [24576 2012-05-02] ()
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
S2 Update Laflurla; "C:\Program Files (x86)\Laflurla\updateLaflurla.exe" [X]
S2 Util Laflurla; "C:\Program Files (x86)\Laflurla\bin\utilLaflurla.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-07] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-07] ()
S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-27] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-12-26] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-24] (StdLib)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-28 11:28 - 2014-03-28 11:28 - 00032361 _____ () C:\Users\Nola\Downloads\FRST.txt
2014-03-28 11:28 - 2014-03-28 11:28 - 00000000 ____D () C:\FRST
2014-03-28 11:27 - 2014-03-28 11:27 - 02157056 _____ (Farbar) C:\Users\Nola\Downloads\FRST64.exe
2014-03-27 23:55 - 2014-03-28 11:00 - 00000000 ____D () C:\Users\Nola\Shared
2014-03-27 23:55 - 2014-03-28 04:57 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\TurboWire
2014-03-27 23:55 - 2014-03-27 23:55 - 00000988 _____ () C:\Users\Public\Desktop\TurboWire.lnk
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\ProgramData\TurboWire
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\Program Files (x86)\TurboWire
2014-03-27 22:36 - 2014-03-27 22:36 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-03-27 22:35 - 2014-03-27 22:35 - 00000146 _____ () C:\Users\Nola\Desktop\More Games at GameHouse.com.url
2014-03-27 21:27 - 2014-03-27 21:27 - 00001950 _____ () C:\Windows\DPINST.LOG
2014-03-27 20:00 - 2014-03-27 20:00 - 00192424 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-27 19:54 - 2014-03-27 19:54 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-03-27 19:53 - 2014-03-27 19:54 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-03-27 19:50 - 2014-03-27 19:51 - 38494576 _____ (Apple Inc.) C:\Users\Nola\Downloads\SafariSetup.exe
2014-03-27 19:46 - 2014-03-27 19:46 - 00535072 _____ () C:\Users\Nola\Downloads\safari setup.exe
2014-03-27 14:10 - 2014-03-27 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:04 - 2014-03-27 14:05 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nola\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-26 11:07 - 2014-03-26 11:09 - 00000000 ____D () C:\Users\Nola\Desktop\Photos and funnies
2014-03-26 06:07 - 2014-03-26 06:07 - 00000000 ____D () C:\Users\Nola\Documents\Optimizer Pro
2014-03-26 06:04 - 2014-03-26 06:04 - 00000000 ____D () C:\Users\Nola\.swt
2014-03-26 06:03 - 2014-03-28 11:28 - 00000000 ____D () C:\Users\Nola\Incomplete
2014-03-26 06:01 - 2014-03-27 21:06 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\MP3Rocket
2014-03-26 06:01 - 2014-03-26 19:07 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-26 05:59 - 2014-03-26 05:59 - 00665424 _____ ( ) C:\Users\Nola\Downloads\mp3rocket_6_4_7_0.exe
2014-03-25 19:40 - 2014-03-25 19:40 - 00380416 _____ () C:\Users\Nola\Downloads\27solgz2.exe
2014-03-25 19:39 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\uxm9qy4t.exe
2014-03-25 19:38 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\0rkz3fqz.exe
2014-03-25 18:44 - 2014-03-25 18:44 - 00688992 ____R (Swearware) C:\Users\Nola\Downloads\dds.scr
2014-03-25 18:41 - 2014-03-25 18:43 - 00015533 _____ () C:\Users\Nola\Downloads\hijackthis.log
2014-03-25 18:40 - 2014-03-25 18:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nola\Downloads\HijackThis.exe
2014-03-25 17:19 - 2014-03-25 17:19 - 00509440 _____ (Tech Support Guy System) C:\Users\Nola\Downloads\SysInfo.exe
2014-03-25 03:50 - 2014-03-25 03:50 - 00000000 ____D () C:\Users\Nola\Documents\My Received Files
2014-03-25 03:48 - 2014-03-25 03:48 - 01537968 _____ (Musiclab, LLC) C:\Users\Nola\Downloads\BearShareSetup-r716-n-bf.exe
2014-03-24 23:26 - 2014-03-24 23:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:53 - 2014-03-24 21:53 - 00000000 ____D () C:\Users\Nola\Downloads\dlbc986661
2014-03-24 21:47 - 2014-03-24 21:47 - 00626840 _____ () C:\Users\Nola\Downloads\frostwire-setup.exe
2014-03-24 12:58 - 2014-03-24 12:58 - 02834432 _____ () C:\Users\Nola\Documents\myfax_basic_01.wps
2014-03-24 07:30 - 2014-03-27 21:35 - 00012142 _____ () C:\Windows\PFRO.log
2014-03-24 07:30 - 2014-03-27 21:35 - 00000280 _____ () C:\Windows\setupact.log
2014-03-24 07:30 - 2014-03-24 07:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 07:29 - 2014-03-24 07:29 - 00000000 _____ () C:\Windows\SysWOW64\sho28F5.tmp
2014-03-23 22:51 - 2014-03-23 22:51 - 00222496 _____ (Fusion Install ) C:\Users\Nola\Downloads\Player-Firefox.exe
2014-03-23 10:26 - 2014-03-23 10:26 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\BBB
2014-03-22 22:03 - 2014-03-22 22:04 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-03-22 22:03 - 2014-03-22 22:03 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-15 05:04 - 2014-03-15 05:04 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\GogiiGames
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Realore
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Local\Realore
2014-03-15 04:43 - 2014-03-15 04:43 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-03-15 04:37 - 2014-03-15 04:37 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Singing Monsters
2014-03-15 04:11 - 2014-03-15 04:11 - 00000000 ____D () C:\Users\Public\Documents\bigfish
2014-03-12 13:15 - 2014-03-12 13:15 - 00379032 _____ () C:\Users\Nola\Downloads\Setup_V2.exe
2014-03-11 14:35 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 14:35 - 2014-03-01 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 14:35 - 2014-03-01 00:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 14:35 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 14:35 - 2014-02-28 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 14:35 - 2014-02-28 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 14:35 - 2014-02-28 23:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 14:35 - 2014-02-28 23:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 14:35 - 2014-02-28 23:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 14:35 - 2014-02-28 23:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 14:35 - 2014-02-28 23:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 14:35 - 2014-02-28 23:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 14:35 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 14:35 - 2014-02-28 23:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-11 14:35 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 14:35 - 2014-02-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 14:35 - 2014-02-28 23:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 14:35 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 14:35 - 2014-02-28 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 14:35 - 2014-02-28 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 14:35 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 14:35 - 2014-02-28 22:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 14:35 - 2014-02-28 22:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 14:35 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 14:35 - 2014-02-28 22:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 14:35 - 2014-02-28 22:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 14:35 - 2014-02-28 22:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 14:35 - 2014-02-28 22:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 14:35 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 14:35 - 2014-02-28 22:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 14:35 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 14:35 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 14:35 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 14:35 - 2014-02-28 22:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 14:35 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 14:35 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 14:35 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 14:35 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 14:35 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 14:35 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-11 14:35 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 14:35 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-11 14:35 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 14:35 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 14:33 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 14:33 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 14:33 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 14:33 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-03-28 11:28 - 2014-03-28 11:28 - 00032361 _____ () C:\Users\Nola\Downloads\FRST.txt
2014-03-28 11:28 - 2014-03-28 11:28 - 00000000 ____D () C:\FRST
2014-03-28 11:28 - 2014-03-26 06:03 - 00000000 ____D () C:\Users\Nola\Incomplete
2014-03-28 11:27 - 2014-03-28 11:27 - 02157056 _____ (Farbar) C:\Users\Nola\Downloads\FRST64.exe
2014-03-28 11:14 - 2013-01-30 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 11:00 - 2014-03-27 23:55 - 00000000 ____D () C:\Users\Nola\Shared
2014-03-28 10:52 - 2013-02-17 17:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-28 09:57 - 2010-08-29 03:13 - 01272365 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 09:47 - 2013-11-06 11:42 - 00000268 _____ () C:\Windows\Tasks\GreatArcadeHits.job
2014-03-28 09:29 - 2013-11-27 13:24 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002UA.job
2014-03-28 08:33 - 2012-04-03 20:03 - 00000000 ____D () C:\Users\Nola\AppData\Local\CrashDumps
2014-03-28 08:10 - 2013-06-26 18:22 - 00000352 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-03-28 04:57 - 2014-03-27 23:55 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\TurboWire
2014-03-28 04:36 - 2012-07-13 12:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-27 23:56 - 2011-01-17 02:46 - 00000000 ___RD () C:\Users\Nola\Desktop\games
2014-03-27 23:55 - 2014-03-27 23:55 - 00000988 _____ () C:\Users\Public\Desktop\TurboWire.lnk
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\ProgramData\TurboWire
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\Program Files (x86)\TurboWire
2014-03-27 23:55 - 2010-11-12 19:57 - 00000000 ____D () C:\Users\Nola
2014-03-27 22:36 - 2014-03-27 22:36 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-03-27 22:36 - 2011-07-14 02:26 - 00000000 ____D () C:\GameHouse Games
2014-03-27 22:36 - 2011-04-21 23:44 - 00000000 ____D () C:\ProgramData\Trymedia
2014-03-27 22:35 - 2014-03-27 22:35 - 00000146 _____ () C:\Users\Nola\Desktop\More Games at GameHouse.com.url
2014-03-27 22:35 - 2011-07-14 02:25 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2014-03-27 21:52 - 2013-02-17 17:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-27 21:43 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 21:43 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 21:39 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 21:35 - 2014-03-24 07:30 - 00012142 _____ () C:\Windows\PFRO.log
2014-03-27 21:35 - 2014-03-24 07:30 - 00000280 _____ () C:\Windows\setupact.log
2014-03-27 21:35 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-27 21:32 - 2010-08-29 03:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-27 21:27 - 2014-03-27 21:27 - 00001950 _____ () C:\Windows\DPINST.LOG
2014-03-27 21:22 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-27 21:19 - 2010-08-29 03:21 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-27 21:18 - 2010-06-07 12:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 21:06 - 2014-03-26 06:01 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\MP3Rocket
2014-03-27 20:01 - 2010-12-16 02:46 - 00000000 ____D () C:\Users\Nola\AppData\Local\Apple Computer
2014-03-27 20:00 - 2014-03-27 20:00 - 00192424 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-27 19:56 - 2012-09-21 14:39 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-27 19:54 - 2014-03-27 19:54 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-03-27 19:54 - 2014-03-27 19:53 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-03-27 19:51 - 2014-03-27 19:50 - 38494576 _____ (Apple Inc.) C:\Users\Nola\Downloads\SafariSetup.exe
2014-03-27 19:46 - 2014-03-27 19:46 - 00535072 _____ () C:\Users\Nola\Downloads\safari setup.exe
2014-03-27 19:23 - 2013-06-26 18:22 - 00000000 ____D () C:\Users\Nola\AppData\Local\SwvUpdater
2014-03-27 15:47 - 2013-11-06 11:42 - 00000000 ____D () C:\Users\Nola\AppData\Local\GreatArcadeHits
2014-03-27 14:11 - 2014-03-27 14:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:06 - 2011-10-30 01:36 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Malwarebytes
2014-03-27 14:06 - 2011-10-30 01:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 14:05 - 2014-03-27 14:04 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nola\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 13:57 - 2013-11-27 13:24 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002Core.job
2014-03-26 19:49 - 2013-01-13 21:53 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-03-26 19:49 - 2013-01-13 21:52 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-03-26 19:49 - 2011-10-03 11:15 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-26 19:12 - 2009-07-13 21:34 - 00000600 _____ () C:\Windows\win.ini
2014-03-26 19:07 - 2014-03-26 06:01 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-26 11:09 - 2014-03-26 11:07 - 00000000 ____D () C:\Users\Nola\Desktop\Photos and funnies
2014-03-26 11:05 - 2011-10-27 20:53 - 00000000 ____D () C:\Users\Nola\Desktop\Cleaners
2014-03-26 06:07 - 2014-03-26 06:07 - 00000000 ____D () C:\Users\Nola\Documents\Optimizer Pro
2014-03-26 06:04 - 2014-03-26 06:04 - 00000000 ____D () C:\Users\Nola\.swt
2014-03-26 05:59 - 2014-03-26 05:59 - 00665424 _____ ( ) C:\Users\Nola\Downloads\mp3rocket_6_4_7_0.exe
2014-03-25 19:40 - 2014-03-25 19:40 - 00380416 _____ () C:\Users\Nola\Downloads\27solgz2.exe
2014-03-25 19:39 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\uxm9qy4t.exe
2014-03-25 19:39 - 2014-03-25 19:38 - 00380416 _____ () C:\Users\Nola\Downloads\0rkz3fqz.exe
2014-03-25 18:44 - 2014-03-25 18:44 - 00688992 ____R (Swearware) C:\Users\Nola\Downloads\dds.scr
2014-03-25 18:43 - 2014-03-25 18:41 - 00015533 _____ () C:\Users\Nola\Downloads\hijackthis.log
2014-03-25 18:40 - 2014-03-25 18:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nola\Downloads\HijackThis.exe
2014-03-25 17:19 - 2014-03-25 17:19 - 00509440 _____ (Tech Support Guy System) C:\Users\Nola\Downloads\SysInfo.exe
2014-03-25 03:50 - 2014-03-25 03:50 - 00000000 ____D () C:\Users\Nola\Documents\My Received Files
2014-03-25 03:48 - 2014-03-25 03:48 - 01537968 _____ (Musiclab, LLC) C:\Users\Nola\Downloads\BearShareSetup-r716-n-bf.exe
2014-03-24 23:26 - 2014-03-24 23:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:53 - 2014-03-24 21:53 - 00000000 ____D () C:\Users\Nola\Downloads\dlbc986661
2014-03-24 21:50 - 2012-10-31 22:28 - 00000000 _____ () C:\END
2014-03-24 21:47 - 2014-03-24 21:47 - 00626840 _____ () C:\Users\Nola\Downloads\frostwire-setup.exe
2014-03-24 12:58 - 2014-03-24 12:58 - 02834432 _____ () C:\Users\Nola\Documents\myfax_basic_01.wps
2014-03-24 12:58 - 2011-12-28 13:10 - 00002948 _____ () C:\Users\Nola\AppData\Roaming\wklnhst.dat
2014-03-24 12:46 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-24 07:30 - 2014-03-24 07:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 07:29 - 2014-03-24 07:29 - 00000000 _____ () C:\Windows\SysWOW64\sho28F5.tmp
2014-03-23 22:51 - 2014-03-23 22:51 - 00222496 _____ (Fusion Install ) C:\Users\Nola\
Top
punkybunge
Posted: Mar 28 2014, 05:06 PM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Nola at 2014-03-28 11:29:08
Running from C:\Users\Nola\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Address Book (HKLM-x32\...\ST6UNST #1) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Angry Birds Seasons (HKLM-x32\...\{D4022612-B213-4B5B-A135-0E1C0DC1DD44}) (Version: 3.1.1 - Rovio)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Balloon Blast (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bicycle Go Fish (x32 Version: 2.2.0.97 - WildTangent) Hidden
Big City Adventure - San Francisco (HKLM-x32\...\BFG-Big City Adventure - San Francisco) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.6 - )
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bob the Builder - Can Do Zoo (HKLM-x32\...\BFG-Bob the Builder - Can Do Zoo) (Version: - )
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bubblefish Bob (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - )
Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version: - )
Canon MG2100 series User Registration (HKLM-x32\...\Canon MG2100 series User Registration) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Concentration (HKLM-x32\...\BFG-Concentration) (Version: - )
Cox PC HealthCheck (HKLM-x32\...\{25939878-8BE4-493A-BC68-D6E0AE0FDC72}) (Version: 5.4.42.0 - Cox, Inc)
Cox Secure Online Backup for Windows (HKLM-x32\...\{C5AB0E95-B3BB-4DDB-BAFA-C3077BEFFCF8}) (Version: 4.6.3699 - Cox)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2610.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2610.50 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A3AD381D-848C-4478-80DC-228E37309308}) (Version: - Microsoft)
Delicious Special (HKLM-x32\...\53090b51af8c72e8a466b1ec19386f1e) (Version: - GameHouse)
Diego's Ultimate Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora Saves the Crystal Kingdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora Saves the Snow Princess (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Ballet Adventures (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.97 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.2.5 - WildTangent)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.02.3006 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0812 - eMachines Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fairy Jewels 2 (HKLM-x32\...\BFG-Fairy Jewels 2) (Version: - )
Family Feud 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112087260}) (Version: - Oberon Media)
Family Feud: Battle of the Sexes (HKLM-x32\...\BFG-Family Feud - Battle of the Sexes) (Version: - )
FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fiber Twig 2 (HKLM-x32\...\BFG-Fiber Twig 2) (Version: - )
Finders Keepers (HKLM-x32\...\115073780) (Version: - Oberon Media)
Flip Wit! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flip Words 2 (HKLM-x32\...\BFG-Flip Words 2) (Version: - )
GameHouse Word Collection (HKLM-x32\...\amg-gamehousewordcollection) (Version: - )
Gold Miner Vegas (HKLM-x32\...\BFG-Gold Miner Vegas) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GreatArcadeHits (HKCU\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
Heartwild Solitaire (HKLM-x32\...\BFG-Heartwild Solitaire) (Version: - )
Herofy (HKLM-x32\...\BFG-Herofy) (Version: - )
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Acer Incorporated)
HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Photo and Imaging 2.0 - All-in-One (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo and Imaging 2.0 - All-in-One Drivers (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9452 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I SPY Fun House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IncrediMail (x32 Version: 6.6.0.5259 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5259 - IncrediMail Ltd.)
Internet Explorer Toolbar 4.9 by SweetPacks (HKLM-x32\...\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}) (Version: 4.9.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
iWin Games (HKLM-x32\...\iWinArcade) (Version: 2.91 - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.300 - Oracle)
Jewel Charm (HKLM-x32\...\amg-jewelcharm) (Version: - )
Jewel Match 2 (HKLM-x32\...\amg-jewelmatch2) (Version: - )
Jewel Quest (HKLM-x32\...\BFG-Jewel Quest) (Version: - )
Jewel Quest II (HKLM-x32\...\BFG-Jewel Quest II) (Version: - )
Jewel Quest Mysteries: Curse of the Emerald Tear (HKLM-x32\...\BFG-Jewel Quest Mysteries - Curse of the Emerald Tear) (Version: - )
Jewel Quest Solitaire 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire II (HKLM-x32\...\BFG-Jewel Quest Solitaire II) (Version: - )
Jigsaw365 (HKLM-x32\...\BFG-Jigsaw365) (Version: - )
Jump Jump Jelly Reactor (HKLM-x32\...\BFG-Jump Jump Jelly Reactor) (Version: - )
Kindergarten (HKLM-x32\...\114723220) (Version: - Oberon Media)
Learning Lodge™ (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
Liong: The Lost Amulets (HKLM-x32\...\BFG-Liong - The Lost Amulets) (Version: - )
Lottso! Deluxe (HKLM-x32\...\BFG-Lottso! Deluxe) (Version: - )
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.95 - LSI Corporation)
Luxor Adventures (HKLM-x32\...\BFG-Luxor Adventures) (Version: - )
Luxor: 5th Passage (HKLM-x32\...\BFG-Luxor - 5th Passage) (Version: - )
Magic Vines&trade; (HKLM-x32\...\BFG-Magic Vines) (Version: - )
Mahjong Escape Ancient China (HKLM-x32\...\BFG-Mahjong Escape Ancient China) (Version: - )
Mahjongg Variations (HKLM-x32\...\BFG-Mahjongg Variations) (Version: - )
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.6.135 - McAfee, Inc.)
Media Player Classic - Home Cinema 1.6.1.4235 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.1.4235 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Monopoly (x32 Version: 2.2.0.82 - WildTangent) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.3 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.07.3101 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.2.0 (HKLM\...\{8EC78F02-5C36-4C97-AAC4-95A3D742A285}) (Version: 6.2.0 - Motorola Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Singing Monsters (HKLM-x32\...\BFG-My Singing Monsters) (Version: - )
MyPC Backup (HKLM\...\MyPC Backup) (Version: - MyPC Backup) <==== ATTENTION
Mystery P.I. - Lost in Los Angeles (x32 Version: 2.2.0.82 - WildTangent) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.8 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
Ocean Express (HKLM-x32\...\BFG-Ocean Express) (Version: - )
Online Games Manager v1.21 (HKLM-x32\...\Online Games Manager) (Version: 1.21.2 - Real Networks, Inc.)
Oriental Dreams (HKLM-x32\...\am-orientaldreams) (Version: - )
Peggle Deluxe (HKLM-x32\...\BFG-Peggle Deluxe) (Version: - )
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - IncrediMail) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Press Your Luck (HKLM-x32\...\BFG-Press Your Luck) (Version: - )
Puzzle Park (HKLM-x32\...\BFG-Puzzle Park) (Version: - )
Puzzle Solitaire (HKLM-x32\...\amg-puzzlesolitaire) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scrabble Plus (x32 Version: 2.2.0.82 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.7 - ) <==== ATTENTION
SpongeBob Atlantis SquareOff (HKLM-x32\...\BFG-SpongeBob Atlantis SquareOff) (Version: - )
SpongeBob SquarePants Krabby Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Sprill (HKLM-x32\...\BFG-Sprill) (Version: - )
Summer Tri-Peaks Solitaire (HKLM-x32\...\BFG-Summer Tri-Peaks Solitaire) (Version: - )
Super Granny 3 (HKLM-x32\...\BFG-Super Granny 3) (Version: - )
Super TextTwist (HKLM-x32\...\b6d996de41893bf1f3034c877caeda12) (Version: - )
Supercow (HKLM-x32\...\BFG-Supercow) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Price is Right (x32 Version: 2.2.0.82 - WildTangent) Hidden
Trivia Machine (HKLM-x32\...\BFG-Trivia Machine) (Version: - )
Tropix (HKLM-x32\...\amg-tropix) (Version: - )
TurboWire (HKLM-x32\...\TurboWire) (Version: 3.6.0.0 - GoForSharing LLC)
TweakNow RegCleaner 2012 (HKLM-x32\...\TweakNow RegCleaner 2012_is1) (Version: 7.2.1 - TweakNow.com)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Venice Deluxe (HKLM-x32\...\BFG-Venice Deluxe) (Version: - )
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - A New Home (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.00.3013 - Acer Incorporated)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 20.5.2011.0 - BillP Studios)
Word Mojo Gold (HKLM-x32\...\Word Mojo Gold) (Version: - )
Word Slinger (HKLM-x32\...\amg-wordslinger) (Version: - )
WordZap Deluxe 6.90 (HKLM-x32\...\WordZap Deluxe 6.90) (Version: - )
World Riddles: Animals (HKLM-x32\...\BFG-World Riddles - Animals) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
Yahtzee (x32 Version: 2.2.0.82 - WildTangent) Hidden
ZenGems (HKLM-x32\...\BFG-ZenGems) (Version: - )
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points =========================

25-03-2014 02:58:22 Removed Facebook Video Calling 2.0.0.447
25-03-2014 21:12:49 Windows Update
27-03-2014 00:46:36 Removed Facebook Video Calling 2.0.0.447
27-03-2014 00:51:57 Removed Motorola Mobile Drivers Installation 6.2.0
28-03-2014 00:52:37 Installed Safari
28-03-2014 02:17:30 Configured NVIDIA ForceWare Network Access Manager

==================== Hosts content: ==========================

2009-07-13 21:34 - 2012-02-01 16:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {18D02DD2-D327-441B-AA8F-3B9BD429E17B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {2DAFF9B3-239B-4C7C-A40B-B7F1BD272040} - System32\Tasks\{C6B33BF5-FF88-43FE-9865-9AB2A48B8C18} => C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.exe
Task: {390BB2F9-2A82-42B0-9016-16F09B11231C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {40F35DFD-F62B-456A-80EE-994D9122B057} - System32\Tasks\OnlineBackup.SyncNShare => C:\Program Files (x86)\Cox\Secure Online Backup for Windows\SyncNShare\OnlineBackup.SyncNShare.exe [2012-05-02] (Cox)
Task: {5E71118B-D89C-4407-9B1D-17902596C8B5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-986594472-994889799-2834319612-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5F76BC91-2791-4147-99D5-BB61AB08ACA1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {60696A9B-F685-4A94-92B5-4478ED5E5402} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {61B984D0-6520-4E86-B621-BCC75D325915} - System32\Tasks\{5AEAF3A3-CEF9-4938-A514-B81C6E238B72} => C:\Games\Family Feud\FamilyFeud.exe [2011-05-04] ()
Task: {62997CAC-B7D3-4FC5-AEE7-17B331070B69} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {63F36109-6930-45C3-BD22-3910355741D3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6A4D27E2-30C2-4F22-87F3-2F4F227C314D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-07] (AVAST Software)
Task: {7FB85DAF-6A16-47C7-A503-5832D3D97839} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {8E1DA838-1006-4C32-9ED9-4B9DB5A90F9D} - System32\Tasks\GreatArcadeHits => C:\Users\Nola\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
Task: {950994FC-7452-41CB-A38B-B55CFBCCD92A} - System32\Tasks\DTReg => C:\Users\Nola\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {993D37CB-2166-4C85-BC2E-B56F4D897C1C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {9D0BD746-EBF1-4B46-A862-24EF69350C41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-15] (Google Inc.)
Task: {A61ED1D3-8FB3-47B7-81D4-111FFBD40703} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-15] (Google Inc.)
Task: {A81DC669-CCCE-464D-8810-0CDE52C466CA} - System32\Tasks\AmiUpdXp => C:\Users\Nola\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {ACE04258-8630-4C51-85FD-6391F1B4158E} - System32\Tasks\twc_screensaver_updater => C:\Program Files (x86)\The Weather Channel FW\Screensaver\TWCScreensaverUpdater.exe [2010-03-31] (The Weather Channel)
Task: {B5142192-AAB6-4A17-B386-E8035D8E8610} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {B5B41F43-DE87-4175-AA68-4EE0168C20A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D0DBBDE4-6ECF-44A6-A570-CCC5DF3A677C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {D31ED45C-D76A-46A2-B772-D2EED37ABADA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-986594472-994889799-2834319612-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D800AF64-1C93-4857-AB5A-568182ECB7A0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002Core => C:\Users\Nola\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-27] (Facebook Inc.)
Task: {D80F2798-BF17-4E6E-9DB5-EB369DEDBEA2} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe [2013-09-04] (iWin Inc.) <==== ATTENTION
Task: {E1C3B12C-7B88-4535-93D8-60BCA07E3DBD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002UA => C:\Users\Nola\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-27] (Facebook Inc.)
Task: {E807DBB5-7AE4-4678-B259-0906BB062B2E} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Nola\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002Core.job => C:\Users\Nola\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002UA.job => C:\Users\Nola\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GreatArcadeHits.job => C:\Users\Nola\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-04-04 02:09 - 2013-04-04 02:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-02-07 22:02 - 2012-02-07 22:02 - 02277376 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\DigiData.Vault.VaultExplorer.dll
2013-08-11 21:37 - 2013-06-20 02:58 - 00391040 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2012-10-07 23:10 - 2011-02-07 11:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-02 17:10 - 2012-05-02 17:10 - 00024576 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe
2012-05-02 17:10 - 2012-05-02 17:10 - 00094208 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.Common.dll
2012-05-02 17:10 - 2012-05-02 17:10 - 00024576 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.Scheduler.dll
2012-05-02 14:24 - 2012-05-02 14:24 - 00045056 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\TaskScheduler.dll
2012-05-02 17:10 - 2012-05-02 17:10 - 00069632 _____ () C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.ThemeManager.dll
2014-03-27 19:23 - 2014-03-27 15:54 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032701\algo.dll
2014-03-28 04:37 - 2014-03-28 03:09 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032800\algo.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-11 21:37 - 2010-06-23 20:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-08-11 21:37 - 2010-07-13 08:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-08-11 21:37 - 2010-06-01 21:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-08-11 21:37 - 2010-06-01 21:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-08-11 21:37 - 2013-08-09 01:01 - 09849200 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-08-11 21:37 - 2010-06-01 21:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-08-11 21:37 - 2010-06-01 21:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-08-11 21:37 - 2010-07-05 04:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-08-11 21:37 - 2010-11-11 04:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-08-11 21:37 - 2010-06-02 00:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-08-11 21:37 - 2010-06-02 00:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2014-02-07 01:27 - 2014-02-07 01:27 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-06-20 16:35 - 2013-06-20 16:35 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2010-11-17 09:12 - 2010-11-17 09:12 - 00247416 _____ () C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\OESISCore.dll
2010-11-17 09:56 - 2010-11-17 09:56 - 00041080 _____ () C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\CLISharedInterfaces.dll
2010-11-17 09:46 - 2010-11-17 09:46 - 00045688 _____ () C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\DetectionExtension.dxt
2010-11-17 09:02 - 2010-11-17 09:02 - 00155648 _____ () C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\SmartDisk.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2008-10-20 04:47 - 2008-10-20 04:47 - 00012279 _____ () C:\Program Files (x86)\TurboWire\GenericWindowsUtils.dll
2012-04-24 20:18 - 2012-04-24 20:18 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-04-24 20:18 - 2012-04-24 20:18 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:00258EE7
AlternateDataStreams: C:\ProgramData\Temp:0207454C
AlternateDataStreams: C:\ProgramData\Temp:05A9EC70
AlternateDataStreams: C:\ProgramData\Temp:067BF339
AlternateDataStreams: C:\ProgramData\Temp:07D64CD9
AlternateDataStreams: C:\ProgramData\Temp:081C5B23
AlternateDataStreams: C:\ProgramData\Temp:0A5F8BFC
AlternateDataStreams: C:\ProgramData\Temp:0BACBDD9
AlternateDataStreams: C:\ProgramData\Temp:0C5BC70E
AlternateDataStreams: C:\ProgramData\Temp:0EC7A545
AlternateDataStreams: C:\ProgramData\Temp:0F6AC518
AlternateDataStreams: C:\ProgramData\Temp:114BD271
AlternateDataStreams: C:\ProgramData\Temp:13AA281B
AlternateDataStreams: C:\ProgramData\Temp:1409277B
AlternateDataStreams: C:\ProgramData\Temp:159E9E4E
AlternateDataStreams: C:\ProgramData\Temp:16A4620C
AlternateDataStreams: C:\ProgramData\Temp:175721D5
AlternateDataStreams: C:\ProgramData\Temp:1A5207FA
AlternateDataStreams: C:\ProgramData\Temp:1AC933DC
AlternateDataStreams: C:\ProgramData\Temp:1BFE92CC
AlternateDataStreams: C:\ProgramData\Temp:1E5EC928
AlternateDataStreams: C:\ProgramData\Temp:2216A431
AlternateDataStreams: C:\ProgramData\Temp:260575F1
AlternateDataStreams: C:\ProgramData\Temp:26E2A0C3
AlternateDataStreams: C:\ProgramData\Temp:271E16B0
AlternateDataStreams: C:\ProgramData\Temp:2B059D79
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2FC7B9E4
AlternateDataStreams: C:\ProgramData\Temp:30DA8392
AlternateDataStreams: C:\ProgramData\Temp:322D2CD3
AlternateDataStreams: C:\ProgramData\Temp:34445512
AlternateDataStreams: C:\ProgramData\Temp:34B9286E
AlternateDataStreams: C:\ProgramData\Temp:3559A02E
AlternateDataStreams: C:\ProgramData\Temp:389D51A1
AlternateDataStreams: C:\ProgramData\Temp:3A0561F3
AlternateDataStreams: C:\ProgramData\Temp:3AF262FC
AlternateDataStreams: C:\ProgramData\Temp:3C8362D2
AlternateDataStreams: C:\ProgramData\Temp:3F2212BB
AlternateDataStreams: C:\ProgramData\Temp:3FE1A827
AlternateDataStreams: C:\ProgramData\Temp:426D1496
AlternateDataStreams: C:\ProgramData\Temp:42B6425E
AlternateDataStreams: C:\ProgramData\Temp:43301D1D
AlternateDataStreams: C:\ProgramData\Temp:436BE28C
AlternateDataStreams: C:\ProgramData\Temp:43C9D140
AlternateDataStreams: C:\ProgramData\Temp:45C55624
AlternateDataStreams: C:\ProgramData\Temp:46045D7C
AlternateDataStreams: C:\ProgramData\Temp:466FA8C3
AlternateDataStreams: C:\ProgramData\Temp:47BC930A
AlternateDataStreams: C:\ProgramData\Temp:48FEA089
AlternateDataStreams: C:\ProgramData\Temp:4A448DB2
AlternateDataStreams: C:\ProgramData\Temp:4AA2F6A9
AlternateDataStreams: C:\ProgramData\Temp:4BB4F863
AlternateDataStreams: C:\ProgramData\Temp:4BEE39B0
AlternateDataStreams: C:\ProgramData\Temp:4F96D8E6
AlternateDataStreams: C:\ProgramData\Temp:512336B9
AlternateDataStreams: C:\ProgramData\Temp:517DBC32
AlternateDataStreams: C:\ProgramData\Temp:538A9F02
AlternateDataStreams: C:\ProgramData\Temp:5433DBEF
AlternateDataStreams: C:\ProgramData\Temp:548AE60C
AlternateDataStreams: C:\ProgramData\Temp:54D5DB8A
AlternateDataStreams: C:\ProgramData\Temp:550A1487
AlternateDataStreams: C:\ProgramData\Temp:5539129F
AlternateDataStreams: C:\ProgramData\Temp:56C17A93
AlternateDataStreams: C:\ProgramData\Temp:5C35E1EB
AlternateDataStreams: C:\ProgramData\Temp:5CF48ABF
AlternateDataStreams: C:\ProgramData\Temp:5D40B34A
AlternateDataStreams: C:\ProgramData\Temp:5E9993D7
AlternateDataStreams: C:\ProgramData\Temp:627153F1
AlternateDataStreams: C:\ProgramData\Temp:6444B424
AlternateDataStreams: C:\ProgramData\Temp:662AA918
AlternateDataStreams: C:\ProgramData\Temp:69B9AAE7
AlternateDataStreams: C:\ProgramData\Temp:6AD65294
AlternateDataStreams: C:\ProgramData\Temp:6E6A4F42
AlternateDataStreams: C:\ProgramData\Temp:6F0C95A1
AlternateDataStreams: C:\ProgramData\Temp:70B3C619
AlternateDataStreams: C:\ProgramData\Temp:71441FEF
AlternateDataStreams: C:\ProgramData\Temp:723E56EC
AlternateDataStreams: C:\ProgramData\Temp:726D640A
AlternateDataStreams: C:\ProgramData\Temp:72E6616C
AlternateDataStreams: C:\ProgramData\Temp:76987FE5
AlternateDataStreams: C:\ProgramData\Temp:7778CAB3
AlternateDataStreams: C:\ProgramData\Temp:789BBF3F
AlternateDataStreams: C:\ProgramData\Temp:78ADFF54
AlternateDataStreams: C:\ProgramData\Temp:79059537
AlternateDataStreams: C:\ProgramData\Temp:7A2101AB
AlternateDataStreams: C:\ProgramData\Temp:7BA6D322
AlternateDataStreams: C:\ProgramData\Temp:7DC5D762
AlternateDataStreams: C:\ProgramData\Temp:823606DE
AlternateDataStreams: C:\ProgramData\Temp:83CF0985
AlternateDataStreams: C:\ProgramData\Temp:8401B6D5
AlternateDataStreams: C:\ProgramData\Temp:84C744C8
AlternateDataStreams: C:\ProgramData\Temp:84E7BFEB
AlternateDataStreams: C:\ProgramData\Temp:86148D88
AlternateDataStreams: C:\ProgramData\Temp:86725A4F
AlternateDataStreams: C:\ProgramData\Temp:874ADA37
AlternateDataStreams: C:\ProgramData\Temp:8810E5F6
AlternateDataStreams: C:\ProgramData\Temp:884C7316
AlternateDataStreams: C:\ProgramData\Temp:8944C195
AlternateDataStreams: C:\ProgramData\Temp:89C6F032
AlternateDataStreams: C:\ProgramData\Temp:8CA2661F
AlternateDataStreams: C:\ProgramData\Temp:8F067037
AlternateDataStreams: C:\ProgramData\Temp:91730504
AlternateDataStreams: C:\ProgramData\Temp:91FF95D8
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:954C27C6
AlternateDataStreams: C:\ProgramData\Temp:961B84C5
AlternateDataStreams: C:\ProgramData\Temp:9812B773
AlternateDataStreams: C:\ProgramData\Temp:996104FC
AlternateDataStreams: C:\ProgramData\Temp:9B285B76
AlternateDataStreams: C:\ProgramData\Temp:9BF17806
AlternateDataStreams: C:\ProgramData\Temp:9C337CCE
AlternateDataStreams: C:\ProgramData\Temp:9D5BB34A
AlternateDataStreams: C:\ProgramData\Temp:9E76E7F3
AlternateDataStreams: C:\ProgramData\Temp:9EF92A1A
AlternateDataStreams: C:\ProgramData\Temp:9F38BF31
AlternateDataStreams: C:\ProgramData\Temp:A26AFC00
AlternateDataStreams: C:\ProgramData\Temp:A2724D75
AlternateDataStreams: C:\ProgramData\Temp:A31B5E9B
AlternateDataStreams: C:\ProgramData\Temp:A5948878
AlternateDataStreams: C:\ProgramData\Temp:A688EF17
AlternateDataStreams: C:\ProgramData\Temp:A7964713
AlternateDataStreams: C:\ProgramData\Temp:A8725EB5
AlternateDataStreams: C:\ProgramData\Temp:AA92F7C7
AlternateDataStreams: C:\ProgramData\Temp:ABFEED8E
AlternateDataStreams: C:\ProgramData\Temp:ACCEFF0E
AlternateDataStreams: C:\ProgramData\Temp:ACCFA538
AlternateDataStreams: C:\ProgramData\Temp:AD020DC3
AlternateDataStreams: C:\ProgramData\Temp:AEABFEC4
AlternateDataStreams: C:\ProgramData\Temp:B902F888
AlternateDataStreams: C:\ProgramData\Temp:B9F8237A
AlternateDataStreams: C:\ProgramData\Temp:BCDC6E07
AlternateDataStreams: C:\ProgramData\Temp:BDD83DC4
AlternateDataStreams: C:\ProgramData\Temp:BDE546C6
AlternateDataStreams: C:\ProgramData\Temp:BE5EC04C
AlternateDataStreams: C:\ProgramData\Temp:C0692342
AlternateDataStreams: C:\ProgramData\Temp:C46848E8
AlternateDataStreams: C:\ProgramData\Temp:C820549A
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:CD6E25A6
AlternateDataStreams: C:\ProgramData\Temp:CF31AEF5
AlternateDataStreams: C:\ProgramData\Temp:CF75D88F
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D254266B
AlternateDataStreams: C:\ProgramData\Temp:D37966A8
AlternateDataStreams: C:\ProgramData\Temp:D4607CB4
AlternateDataStreams: C:\ProgramData\Temp:D478F292
AlternateDataStreams: C:\ProgramData\Temp:D507AEDA
AlternateDataStreams: C:\ProgramData\Temp:D987CB43
AlternateDataStreams: C:\ProgramData\Temp:E06963C0
AlternateDataStreams: C:\ProgramData\Temp:E07EA07E
AlternateDataStreams: C:\ProgramData\Temp:E1D06077
AlternateDataStreams: C:\ProgramData\Temp:E21987F7
AlternateDataStreams: C:\ProgramData\Temp:E60C72DB
AlternateDataStreams: C:\ProgramData\Temp:E73B14E2
AlternateDataStreams: C:\ProgramData\Temp:EA1919C7
AlternateDataStreams: C:\ProgramData\Temp:EA701346
AlternateDataStreams: C:\ProgramData\Temp:EB4FEEF5
AlternateDataStreams: C:\ProgramData\Temp:EC3A9923
AlternateDataStreams: C:\ProgramData\Temp:EC3FFB9E
AlternateDataStreams: C:\ProgramData\Temp:ECC979BD
AlternateDataStreams: C:\ProgramData\Temp:EFE7D3C9
AlternateDataStreams: C:\ProgramData\Temp:F001F3C1
AlternateDataStreams: C:\ProgramData\Temp:F264BECE
AlternateDataStreams: C:\ProgramData\Temp:F5E90ED3
AlternateDataStreams: C:\ProgramData\Temp:F6791DC0
AlternateDataStreams: C:\ProgramData\Temp:F72306CC
AlternateDataStreams: C:\ProgramData\Temp:F7FFE8AF
AlternateDataStreams: C:\ProgramData\Temp:FB9F749F
AlternateDataStreams: C:\ProgramData\Temp:FBFC061F
AlternateDataStreams: C:\ProgramData\Temp:FC2E567F
AlternateDataStreams: C:\ProgramData\Temp:FEECF2C8

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: lxdxamon => "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2014 08:32:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d
Faulting module name: WebKit.dll, version: 7534.57.2.4, time stamp: 0x4f976417
Exception code: 0xc0000005
Fault offset: 0x000c7f63
Faulting process id: 0xe90
Faulting application start time: 0xWebKit2WebProcess.exe0
Faulting application path: WebKit2WebProcess.exe1
Faulting module path: WebKit2WebProcess.exe2
Report Id: WebKit2WebProcess.exe3

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4165

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4165

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3167

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3167

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2153

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2153

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/27/2014 09:36:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (03/27/2014 09:36:08 PM) (Source: Service Control Manager) (User: )
Description: The Util Laflurla service failed to start due to the following error:
%%2

Error: (03/27/2014 09:36:06 PM) (Source: Service Control Manager) (User: )
Description: The Update Laflurla service failed to start due to the following error:
%%2

Error: (03/27/2014 09:35:53 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:
%%1053

Error: (03/27/2014 09:35:53 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

Error: (03/27/2014 09:32:59 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (03/27/2014 09:32:42 PM) (Source: Service Control Manager) (User: )
Description: The Util Laflurla service failed to start due to the following error:
%%2

Error: (03/27/2014 09:32:42 PM) (Source: Service Control Manager) (User: )
Description: The Update Laflurla service failed to start due to the following error:
%%2

Error: (03/27/2014 09:04:58 PM) (Source: Service Control Manager) (User: )
Description: The Update Laflurla service failed to start due to the following error:
%%2

Error: (03/27/2014 09:04:57 PM) (Source: Service Control Manager) (User: )
Description: The Util Laflurla service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/28/2014 08:32:40 AM) (Source: Application Error)(User: )
Description: WebKit2WebProcess.exe7534.57.2.44f97642dWebKit.dll7534.57.2.44f976417c0000005000c7f63e9001cf4a88b1ea8c60C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exeC:\Program Files (x86)\Safari\Apple Application Support\WebKit.dll6eacc330-b67d-11e3-93c3-00262d3f844c

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4165

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4165

Error: (03/28/2014 05:13:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3167

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3167

Error: (03/28/2014 05:13:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2153

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2153

Error: (03/28/2014 05:13:35 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
Date: 2012-02-01 14:28:34.919
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\etavares.cf\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-02-01 14:28:34.857
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\etavares.cf\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-02 10:57:02.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\etavaresCF\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-02 10:57:02.304
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\etavaresCF\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 1791.37 MB
Available physical RAM: 626.62 MB
Total Pagefile: 3582.73 MB
Available Pagefile: 1570 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:449.66 GB) (Free:387.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2D1A11B8)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Top
Starbuck
Posted: Mar 28 2014, 06:52 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



Hi punkybunge

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please do not uninstall anything or download anything unless asked to.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread only. Do not start a new topic.

That's a nice collection of Adware you have there.
I'll give you a fixlist now to clear a lot of the orphan entries, then we'll leave most of the adware to a couple of dedicated removers.
It'll save us both a lot of time.
Then we'll get some fresh reports and deal with any left overs.... plus there are a couple of issues we need to address later.


P2P Warning
Please note that as long as you're using any form of Peer-to-Peer networking ( Frostwire, Bearshare, Bit Torrent etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.
Once upon a time, P2P file sharing was fairly safe. That is no longer true.
P2P programmes form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

Many of the programmes come bundled with other unwanted programmes, but even the ones free of any bundled software are not safe to use.
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

You may decide to continue P2P sharing, but keep in mind that this practice may be the source of future malware infestation.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programmes, we may refuse to help you.

If do you do decide (unwisely) to keep these programs, please refrain from using them until we have finished cleaning your system.

Step 1
Please download the attached fixlist.txt file (bottom of this post) and save it to the Download folder.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.


Step 2
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


Step 3
Please re-run FRST
Make sure that 'Addition.txt' is ticked at the bottom and then click the Scan button.


In your next reply, please submit:
Fixlog.txt
JRT.txt
AdwCleaner report
Fresh FRST reports.

This will definitely need more than one reply to fit the reports into.


Thanks.



Attached File ( Number of downloads: 163 )
Attached File  fixlist.txt (3.46 kb)


--------------------
user posted image
Top
punkybunge
Posted: Mar 30 2014, 09:40 PM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



I am working on this now. In #2 you say to shut down my protection software, where might I find that at? And how do I do it? I will get rid of P2P whenever you tell me to.
I'll be waiting for your response. When you respond, how can I get it to go to my e-mail? Instead of me having to search for my post? Thanks
Top
Starbuck
Posted: Mar 31 2014, 05:19 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



Hi punkybunge

QUOTE
you say to shut down my protection software, where might I find that at? And how do I do it?

Disabling your AntiVirus and AntiSpyware applications is usually done via a right click on the System Tray icon.
For more information read:
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Avast should be the first one in the list.

QUOTE
When you respond, how can I get it to go to my e-mail? Instead of me having to search for my post?

Scroll to the top of the thread page and click on Track this Topic.

user posted image

You should receive future notifications of a reply by email then.


--------------------
user posted image
Top
punkybunge
Posted: Apr 1 2014, 04:13 AM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Okay, I followed this to the best of my ability, there were a few things I couldn't find. First of all, when the reports were done they didn't go to my desktop. they went to notepad and I couldn't find that. I even searched and was nothing to find, fix.txt is what I am missing, hopefully that is all. Also when running the last FRST scan it stopped and was not responding. I had to x it out and start over. Here are my reports;

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
URLSearchHook: HKLM-x32 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKLM-x32 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
BHO-x32: No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
Toolbar: HKLM-x32 - No Name - !{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM-x32 - No Name - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
Toolbar: HKLM-x32 - No Name - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKCU - No Name - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
CHR HomePage: hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={2B645660-F0D0-11E2-9F30-00262D3F844C}
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx?gd=...rchTerms}&SSPV=
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
S2 Update Laflurla; "C:\Program Files (x86)\Laflurla\updateLaflurla.exe" [X]
S2 Util Laflurla; "C:\Program Files (x86)\Laflurla\bin\utilLaflurla.exe" [X]
Task: {8E1DA838-1006-4C32-9ED9-4B9DB5A90F9D} - System32\Tasks\GreatArcadeHits => C:\Users\Nola\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
Task: {950994FC-7452-41CB-A38B-B55CFBCCD92A} - System32\Tasks\DTReg => C:\Users\Nola\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {A81DC669-CCCE-464D-8810-0CDE52C466CA} - System32\Tasks\AmiUpdXp => C:\Users\Nola\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {D80F2798-BF17-4E6E-9DB5-EB369DEDBEA2} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe [2013-09-04] (iWin Inc.) <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Nola\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GreatArcadeHits.job => C:\Users\Nola\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:*
2014-03-25 19:40 - 2014-03-25 19:40 - 00380416 _____ () C:\Users\Nola\Downloads\27solgz2.exe
2014-03-25 19:39 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\uxm9qy4t.exe
2014-03-25 19:38 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\0rkz3fqz.exe



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Nola on Mon 03/31/2014 at 22:08:51.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] backupstack
Successfully deleted: [Service] backupstack



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-986594472-994889799-2834319612-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bandoocore.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D99A4EC9-00BD-4FE4-85A5-4DB018351265}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{5B725BC8-C263-4783-BE79-D3A812FBB42B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\saltarsmart
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\fun web products
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\funwebproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\mywebsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-986594472-994889799-2834319612-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ib updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\performersoft
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\saltarsmart
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\updater by sweetpacks
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\app24x7help_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\deals plugin_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\deals plugin_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\i want this_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\i want this_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011461137}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011461137}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\prompt_installer-conduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\prompt_installer-conduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ToolbarConduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ToolbarConduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deals-Plugin_U_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deals-Plugin_U_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic-us-silent_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic-us-silent_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_safari_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_safari_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011461137}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnpip_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnpip_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\prompt_installer-conduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\prompt_installer-conduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ToolbarConduit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ToolbarConduit_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deals-Plugin_U_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deals-Plugin_U_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic-us-silent_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic-us-silent_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_safari_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_safari_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B31A01A9-09E8-4799-A4C4-0573AF1C9859}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Users\Nola\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\Windows\syswow64\sho28F5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2A64.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho673A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC20C.tmp
Successfully disinfected: [Shortcut] C:\Users\Nola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Nola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Nola\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Nola\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Failed to delete: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\ProgramData\free ride games"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\iwin"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\bandoo"
Failed to delete: [Folder] "C:\Users\Nola\AppData\Roaming\big fish games"
Failed to delete: [Folder] "C:\Users\Nola\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\opencandy"
Failed to delete: [Folder] "C:\Users\Nola\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\downloadterms"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\local\opencandy"
Failed to delete: [Folder] "C:\Users\Nola\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\bandoo"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\myashampoo"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\mywebsearch"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\socialsearchbar_app"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\Nola\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\bfgbartb"
Successfully deleted: [Folder] "C:\Program Files (x86)\file type helper"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\microsoft\windows\start menu\programs\browser manager"
Successfully deleted: [Folder] "C:\Users\Nola\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\Nola\documents\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/31/2014 at 22:20:48.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Top
punkybunge
Posted: Apr 1 2014, 04:20 AM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Adw

# AdwCleaner v3.022 - Report created 31/03/2014 at 22:37:33
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Nola - NOLA-PC
# Running from : C:\Users\Nola\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\iMesh
Folder Deleted : C:\ProgramData\uniblue
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\BigFishSavedGames
Folder Deleted : C:\Users\Nola\AppData\Local\apn
Folder Deleted : C:\Users\Nola\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Nola\AppData\Local\PackageAware
Folder Deleted : C:\Users\Nola\AppData\Local\TBHostSupport
Folder Deleted : C:\Users\Nola\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Nola\AppData\LocalLow\wincoreimband
Folder Deleted : C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
[!] Folder Deleted : C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Folder Deleted : C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\Users\Nola\AppData\Roaming\speedanalysis.ico

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.DailyBibleGuide.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\53558ddab73ebe40
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3595550-5007-4AEB-BB04-D00E62E836A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F0786343-938E-456B-8798-DE7EEC08F820}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{21EF3164-5FA8-4FF0-8BBE-25B23F313086}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DFFEE95-F080-44EA-95ED-61F21B3FB3A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B04E86EE-0FE4-4359-96AA-969A369C5EEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8440044-C625-455D-BBE1-A31346CE63D9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3595550-5007-4AEB-BB04-D00E62E836A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F0786343-938E-456B-8798-DE7EEC08F820}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\fTalk
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Trymedia Systems
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\mediabarim
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\DailyBibleGuideEI
Key Deleted : HKLM\Software\dosearchessoftware
Key Deleted : HKLM\Software\MyAshampoo\toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\Software\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Deleted : HKLM\Software\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : homepage

*************************

AdwCleaner[R0].txt - [18322 octets] - [31/03/2014 22:24:39]
AdwCleaner[S0].txt - [15667 octets] - [31/03/2014 22:37:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15728 octets] ##########

Top
punkybunge
Posted: Apr 1 2014, 04:21 AM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nola (administrator) on NOLA-PC on 31-03-2014 22:51:37
Running from C:\Users\Nola\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/f...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/f...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33508...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(The Weather Channel) C:\Program Files (x86)\The Weather Channel FW\Screensaver\TWCScreensaverUpdater.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DigiData Corp.) C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(iWin Inc.) C:\Program Files (x86)\iWin Games\iWinTrusted.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
() C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(PlumChoice, Inc.) C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\PCMonitoringService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [325512 2011-05-15] (BillP Studios)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767608 2014-03-31] (AVAST Software)
HKU\S-1-5-21-986594472-994889799-2834319612-1037\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=9001&t=03
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2408} URL = http://dts.search-results.com/sr?src=ieb&a...q={searchTerms}
SearchScopes: HKCU - {2B227BDA-D7A0-4EC5-960C-8C0F77B77505} URL = http://search.yahoo.com/search?p={searchTe...f-8&fr=chr-yie9
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&...1I7ACEW_enUS405
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8524CA1E-B5F9-4E67-8E66-9CA48D977FEC} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Media Watch - {e939da1c-d03b-4d8c-a247-94fdab5db795} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ie\MediaWatchV1home995.dll ()
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {657E195F-066D-435C-92DB-7C261E6FE832} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab
DPF: HKLM-x32 {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab
DPF: HKLM-x32 {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinner.com/games/v48/brickout/brickout.cab
DPF: HKLM-x32 {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinner.com/games/v50/pool/pool.cab
DPF: HKLM-x32 {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/....0/iewwload.cab
DPF: HKLM-x32 {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab
DPF: HKLM-x32 {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/in...r_installer.exe
DPF: HKLM-x32 {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinner.com/games/v44/golfsol/golfsol.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: npDisplayEngine - No File
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nola\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Nola\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: FreeWorkz - C:\Users\Nola\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@freeworkz.com [2011-11-28]
FF Extension: Freeworkz TextLinks - C:\Users\Nola\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@fworkz.com [2011-11-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-07]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home995.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ff [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-26]
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Nola\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: GreatArcadeHits Add-on - C:\Users\Nola\AppData\Local\GreatArcadeHits\gahff.xpi [2013-08-14]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: http://www.google.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Google Drive) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Google Search) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-11-19]
CHR Extension: (WhiteSmoke New) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2013-11-19]
CHR Extension: (Media Watch) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodmkjhmdojjodiimpfekmmkkhaommhh [2014-03-22]
CHR Extension: (Google Wallet) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\Nola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [kodmkjhmdojjodiimpfekmmkkhaommhh] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home995\ch\MediaWatchV1home995.crx [2014-03-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-07] (AVAST Software)
R2 COX CommunicationsMonitoringService; C:\Program Files (x86)\Cox, Inc\Cox PC HealthCheck\PCMonitoringService.exe [14456 2010-11-17] (PlumChoice, Inc.)
R2 FilesystemWatcher; C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Filesystem Watcher\DigiData.FilesystemWatcher.Service.Watcher.exe [24576 2012-05-02] (DigiData Corp.)
R2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
R2 OnlineBackupSchedulerService; C:\Program Files (x86)\Cox\Secure Online Backup for Windows\Scheduler\OnlineBackup.SchedulerService.exe [24576 2012-05-02] ()
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-28] (Acer Group)
S2 Update Laflurla; "C:\Program Files (x86)\Laflurla\updateLaflurla.exe" [X]
S2 Util Laflurla; "C:\Program Files (x86)\Laflurla\bin\utilLaflurla.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-07] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-07] ()
S3 Generalusbserialser20675; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [122368 2011-05-09] (Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-27] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-12-26] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-24] (StdLib)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 22:45 - 2014-03-31 22:51 - 00022786 _____ () C:\Users\Nola\Downloads\FRST.txt
2014-03-31 22:24 - 2014-03-31 22:38 - 00000000 ____D () C:\AdwCleaner
2014-03-31 22:22 - 2014-03-31 22:22 - 01950720 _____ () C:\Users\Nola\Downloads\AdwCleaner.exe
2014-03-31 22:08 - 2014-03-31 22:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-31 22:06 - 2014-03-31 22:07 - 01038974 _____ (Thisisu) C:\Users\Nola\Downloads\JRT-1.exe
2014-03-30 16:34 - 2014-03-30 16:35 - 01038974 _____ (Thisisu) C:\Users\Nola\Downloads\JRT.exe
2014-03-30 16:25 - 2014-03-31 22:48 - 00000000 ____D () C:\Users\Nola\Desktop\Downloads for 5 star
2014-03-29 03:05 - 2014-03-29 03:05 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-29 03:05 - 2014-03-29 03:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 03:05 - 2011-04-22 07:42 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-03-29 03:05 - 2010-11-17 04:01 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2014-03-29 03:05 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 03:05 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 03:04 - 2013-02-19 22:32 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-29 03:04 - 2013-02-19 22:32 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-29 03:04 - 2013-01-31 04:25 - 06207776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-29 03:04 - 2013-01-31 04:25 - 03300640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-29 03:04 - 2013-01-31 04:24 - 02558240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-29 03:04 - 2013-01-31 04:24 - 00878368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-29 03:04 - 2013-01-31 04:24 - 00118560 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-29 03:04 - 2013-01-31 04:24 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-29 03:03 - 2014-03-29 03:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-28 11:28 - 2014-03-31 22:45 - 00000000 ____D () C:\FRST
2014-03-28 11:27 - 2014-03-28 11:27 - 02157056 _____ (Farbar) C:\Users\Nola\Downloads\FRST64.exe
2014-03-27 23:55 - 2014-03-30 16:37 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\TurboWire
2014-03-27 23:55 - 2014-03-29 08:19 - 00000000 ____D () C:\Users\Nola\Shared
2014-03-27 23:55 - 2014-03-27 23:55 - 00000988 _____ () C:\Users\Public\Desktop\TurboWire.lnk
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\ProgramData\TurboWire
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\Program Files (x86)\TurboWire
2014-03-27 22:36 - 2014-03-27 22:36 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-03-27 22:35 - 2014-03-27 22:35 - 00000146 _____ () C:\Users\Nola\Desktop\More Games at GameHouse.com.url
2014-03-27 21:27 - 2014-03-27 21:27 - 00001950 _____ () C:\Windows\DPINST.LOG
2014-03-27 20:00 - 2014-03-27 20:00 - 00192424 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-27 19:54 - 2014-03-27 19:54 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-03-27 19:53 - 2014-03-27 19:54 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-03-27 19:50 - 2014-03-27 19:51 - 38494576 _____ (Apple Inc.) C:\Users\Nola\Downloads\SafariSetup.exe
2014-03-27 19:46 - 2014-03-27 19:46 - 00535072 _____ () C:\Users\Nola\Downloads\safari setup.exe
2014-03-27 14:10 - 2014-03-27 14:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:04 - 2014-03-27 14:05 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nola\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-26 11:07 - 2014-03-26 11:09 - 00000000 ____D () C:\Users\Nola\Desktop\Photos and funnies
2014-03-26 06:04 - 2014-03-26 06:04 - 00000000 ____D () C:\Users\Nola\.swt
2014-03-26 06:03 - 2014-03-30 16:37 - 00000000 ____D () C:\Users\Nola\Incomplete
2014-03-26 06:01 - 2014-03-27 21:06 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\MP3Rocket
2014-03-26 06:01 - 2014-03-26 19:07 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-26 05:59 - 2014-03-26 05:59 - 00665424 _____ ( ) C:\Users\Nola\Downloads\mp3rocket_6_4_7_0.exe
2014-03-25 19:40 - 2014-03-25 19:40 - 00380416 _____ () C:\Users\Nola\Downloads\27solgz2.exe
2014-03-25 19:39 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\uxm9qy4t.exe
2014-03-25 19:38 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\0rkz3fqz.exe
2014-03-25 18:44 - 2014-03-25 18:44 - 00688992 ____R (Swearware) C:\Users\Nola\Downloads\dds.scr
2014-03-25 18:41 - 2014-03-25 18:43 - 00015533 _____ () C:\Users\Nola\Downloads\hijackthis.log
2014-03-25 18:40 - 2014-03-25 18:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nola\Downloads\HijackThis.exe
2014-03-25 17:19 - 2014-03-25 17:19 - 00509440 _____ (Tech Support Guy System) C:\Users\Nola\Downloads\SysInfo.exe
2014-03-25 03:50 - 2014-03-25 03:50 - 00000000 ____D () C:\Users\Nola\Documents\My Received Files
2014-03-24 23:26 - 2014-03-24 23:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:53 - 2014-03-24 21:53 - 00000000 ____D () C:\Users\Nola\Downloads\dlbc986661
2014-03-24 12:58 - 2014-03-24 12:58 - 02834432 _____ () C:\Users\Nola\Documents\myfax_basic_01.wps
2014-03-24 07:30 - 2014-03-31 22:41 - 00000336 _____ () C:\Windows\setupact.log
2014-03-24 07:30 - 2014-03-27 21:35 - 00012142 _____ () C:\Windows\PFRO.log
2014-03-24 07:30 - 2014-03-24 07:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 22:51 - 2014-03-23 22:51 - 00222496 _____ (Fusion Install ) C:\Users\Nola\Downloads\Player-Firefox.exe
2014-03-23 10:26 - 2014-03-23 10:26 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\BBB
2014-03-22 22:03 - 2014-03-22 22:04 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-03-22 22:03 - 2014-03-22 22:03 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-15 05:04 - 2014-03-15 05:04 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\GogiiGames
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Realore
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Local\Realore
2014-03-15 04:43 - 2014-03-15 04:43 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-03-15 04:37 - 2014-03-15 04:37 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Singing Monsters
2014-03-15 04:11 - 2014-03-15 04:11 - 00000000 ____D () C:\Users\Public\Documents\bigfish
2014-03-12 13:15 - 2014-03-12 13:15 - 00379032 _____ () C:\Users\Nola\Downloads\Setup_V2.exe
2014-03-11 14:35 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 14:35 - 2014-03-01 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 14:35 - 2014-03-01 00:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 14:35 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 14:35 - 2014-02-28 23:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 14:35 - 2014-02-28 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 14:35 - 2014-02-28 23:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 14:35 - 2014-02-28 23:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 14:35 - 2014-02-28 23:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 14:35 - 2014-02-28 23:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 14:35 - 2014-02-28 23:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 14:35 - 2014-02-28 23:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 14:35 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 14:35 - 2014-02-28 23:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-11 14:35 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 14:35 - 2014-02-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 14:35 - 2014-02-28 23:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 14:35 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 14:35 - 2014-02-28 22:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 14:35 - 2014-02-28 22:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 14:35 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 14:35 - 2014-02-28 22:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 14:35 - 2014-02-28 22:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 14:35 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 14:35 - 2014-02-28 22:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 14:35 - 2014-02-28 22:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 14:35 - 2014-02-28 22:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 14:35 - 2014-02-28 22:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 14:35 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 14:35 - 2014-02-28 22:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 14:35 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 14:35 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 14:35 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 14:35 - 2014-02-28 22:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 14:35 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 14:35 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 14:35 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 14:35 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 14:35 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 14:35 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-11 14:35 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 14:35 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-11 14:35 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 14:35 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 14:33 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 14:33 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 14:33 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 14:33 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-03-31 22:51 - 2014-03-31 22:45 - 00022786 _____ () C:\Users\Nola\Downloads\FRST.txt
2014-03-31 22:49 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:49 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:48 - 2014-03-30 16:25 - 00000000 ____D () C:\Users\Nola\Desktop\Downloads for 5 star
2014-03-31 22:45 - 2014-03-28 11:28 - 00000000 ____D () C:\FRST
2014-03-31 22:41 - 2014-03-24 07:30 - 00000336 _____ () C:\Windows\setupact.log
2014-03-31 22:41 - 2013-02-17 17:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 22:41 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 22:39 - 2010-08-29 03:13 - 01355499 _____ () C:\Windows\WindowsUpdate.log
2014-03-31 22:38 - 2014-03-31 22:24 - 00000000 ____D () C:\AdwCleaner
2014-03-31 22:22 - 2014-03-31 22:22 - 01950720 _____ () C:\Users\Nola\Downloads\AdwCleaner.exe
2014-03-31 22:20 - 2010-11-12 21:58 - 00001422 _____ () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 22:14 - 2013-01-30 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 22:12 - 2013-10-15 12:28 - 00000000 ____D () C:\ProgramData\Big Fish
2014-03-31 22:12 - 2011-04-22 05:34 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Fighters
2014-03-31 22:12 - 2011-04-20 08:44 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Big Fish Games
2014-03-31 22:08 - 2014-03-31 22:08 - 00000000 ____D () C:\Windows\ERUNT
2014-03-31 22:07 - 2014-03-31 22:06 - 01038974 _____ (Thisisu) C:\Users\Nola\Downloads\JRT-1.exe
2014-03-31 21:58 - 2013-02-17 17:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 21:49 - 2011-11-08 09:52 - 00000000 ____D () C:\Users\Public\Documents\5 star stuff
2014-03-31 21:47 - 2013-11-06 11:42 - 00000268 _____ () C:\Windows\Tasks\GreatArcadeHits.job
2014-03-31 21:29 - 2013-11-27 13:24 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002UA.job
2014-03-31 12:29 - 2013-11-27 13:24 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-986594472-994889799-2834319612-1002Core.job
2014-03-31 05:53 - 2013-02-17 17:27 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 05:53 - 2013-02-17 17:27 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 16:37 - 2014-03-27 23:55 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\TurboWire
2014-03-30 16:37 - 2014-03-26 06:03 - 00000000 ____D () C:\Users\Nola\Incomplete
2014-03-30 16:35 - 2014-03-30 16:34 - 01038974 _____ (Thisisu) C:\Users\Nola\Downloads\JRT.exe
2014-03-30 14:09 - 2012-07-13 12:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 08:19 - 2014-03-27 23:55 - 00000000 ____D () C:\Users\Nola\Shared
2014-03-29 03:05 - 2014-03-29 03:05 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-29 03:05 - 2014-03-29 03:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 03:05 - 2010-08-29 03:21 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-29 03:05 - 2010-08-29 03:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-29 03:03 - 2014-03-29 03:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-28 11:27 - 2014-03-28 11:27 - 02157056 _____ (Farbar) C:\Users\Nola\Downloads\FRST64.exe
2014-03-28 08:33 - 2012-04-03 20:03 - 00000000 ____D () C:\Users\Nola\AppData\Local\CrashDumps
2014-03-27 23:56 - 2011-01-17 02:46 - 00000000 ___RD () C:\Users\Nola\Desktop\games
2014-03-27 23:55 - 2014-03-27 23:55 - 00000988 _____ () C:\Users\Public\Desktop\TurboWire.lnk
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\ProgramData\TurboWire
2014-03-27 23:55 - 2014-03-27 23:55 - 00000000 ____D () C:\Program Files (x86)\TurboWire
2014-03-27 23:55 - 2010-11-12 19:57 - 00000000 ____D () C:\Users\Nola
2014-03-27 22:36 - 2014-03-27 22:36 - 00000000 ____D () C:\Program Files (x86)\Online Games Manager
2014-03-27 22:36 - 2011-07-14 02:26 - 00000000 ____D () C:\GameHouse Games
2014-03-27 22:35 - 2014-03-27 22:35 - 00000146 _____ () C:\Users\Nola\Desktop\More Games at GameHouse.com.url
2014-03-27 22:35 - 2011-07-14 02:25 - 00000000 ____D () C:\Program Files (x86)\RealArcade
2014-03-27 21:39 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 21:35 - 2014-03-24 07:30 - 00012142 _____ () C:\Windows\PFRO.log
2014-03-27 21:27 - 2014-03-27 21:27 - 00001950 _____ () C:\Windows\DPINST.LOG
2014-03-27 21:22 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-27 21:18 - 2010-06-07 12:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 21:06 - 2014-03-26 06:01 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\MP3Rocket
2014-03-27 20:01 - 2010-12-16 02:46 - 00000000 ____D () C:\Users\Nola\AppData\Local\Apple Computer
2014-03-27 20:00 - 2014-03-27 20:00 - 00192424 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-27 19:56 - 2012-09-21 14:39 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-27 19:54 - 2014-03-27 19:54 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-03-27 19:54 - 2014-03-27 19:53 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-03-27 19:51 - 2014-03-27 19:50 - 38494576 _____ (Apple Inc.) C:\Users\Nola\Downloads\SafariSetup.exe
2014-03-27 19:46 - 2014-03-27 19:46 - 00535072 _____ () C:\Users\Nola\Downloads\safari setup.exe
2014-03-27 15:47 - 2013-11-06 11:42 - 00000000 ____D () C:\Users\Nola\AppData\Local\GreatArcadeHits
2014-03-27 14:11 - 2014-03-27 14:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 14:06 - 2011-10-30 01:36 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Malwarebytes
2014-03-27 14:06 - 2011-10-30 01:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 14:05 - 2014-03-27 14:04 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Nola\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-26 19:49 - 2013-01-13 21:53 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
2014-03-26 19:49 - 2013-01-13 21:52 - 00000000 ____D () C:\Program Files (x86)\Oberon Media SIDR
2014-03-26 19:49 - 2011-10-03 11:15 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-26 19:12 - 2009-07-13 21:34 - 00000600 _____ () C:\Windows\win.ini
2014-03-26 19:07 - 2014-03-26 06:01 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-26 11:09 - 2014-03-26 11:07 - 00000000 ____D () C:\Users\Nola\Desktop\Photos and funnies
2014-03-26 11:05 - 2011-10-27 20:53 - 00000000 ____D () C:\Users\Nola\Desktop\Cleaners
2014-03-26 06:04 - 2014-03-26 06:04 - 00000000 ____D () C:\Users\Nola\.swt
2014-03-26 05:59 - 2014-03-26 05:59 - 00665424 _____ ( ) C:\Users\Nola\Downloads\mp3rocket_6_4_7_0.exe
2014-03-25 19:40 - 2014-03-25 19:40 - 00380416 _____ () C:\Users\Nola\Downloads\27solgz2.exe
2014-03-25 19:39 - 2014-03-25 19:39 - 00380416 _____ () C:\Users\Nola\Downloads\uxm9qy4t.exe
2014-03-25 19:39 - 2014-03-25 19:38 - 00380416 _____ () C:\Users\Nola\Downloads\0rkz3fqz.exe
2014-03-25 18:44 - 2014-03-25 18:44 - 00688992 ____R (Swearware) C:\Users\Nola\Downloads\dds.scr
2014-03-25 18:43 - 2014-03-25 18:41 - 00015533 _____ () C:\Users\Nola\Downloads\hijackthis.log
2014-03-25 18:40 - 2014-03-25 18:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nola\Downloads\HijackThis.exe
2014-03-25 17:19 - 2014-03-25 17:19 - 00509440 _____ (Tech Support Guy System) C:\Users\Nola\Downloads\SysInfo.exe
2014-03-25 03:50 - 2014-03-25 03:50 - 00000000 ____D () C:\Users\Nola\Documents\My Received Files
2014-03-24 23:26 - 2014-03-24 23:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 21:53 - 2014-03-24 21:53 - 00000000 ____D () C:\Users\Nola\Downloads\dlbc986661
2014-03-24 12:58 - 2014-03-24 12:58 - 02834432 _____ () C:\Users\Nola\Documents\myfax_basic_01.wps
2014-03-24 12:58 - 2011-12-28 13:10 - 00002948 _____ () C:\Users\Nola\AppData\Roaming\wklnhst.dat
2014-03-24 12:46 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-24 07:30 - 2014-03-24 07:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-23 22:51 - 2014-03-23 22:51 - 00222496 _____ (Fusion Install ) C:\Users\Nola\Downloads\Player-Firefox.exe
2014-03-23 10:53 - 2011-01-22 18:04 - 00029498 _____ () C:\Windows\wininit.ini
2014-03-23 10:26 - 2014-03-23 10:26 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\BBB
2014-03-22 22:04 - 2014-03-22 22:03 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-03-22 22:03 - 2014-03-22 22:03 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-22 22:03 - 2013-06-26 18:23 - 00000258 __RSH () C:\Users\Nola\ntuser.pol
2014-03-19 03:08 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:01 - 2011-05-05 23:37 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 05:04 - 2014-03-15 05:04 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\GogiiGames
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Realore
2014-03-15 05:01 - 2014-03-15 05:01 - 00000000 ____D () C:\Users\Nola\AppData\Local\Realore
2014-03-15 04:43 - 2014-03-15 04:43 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Up
2014-03-15 04:37 - 2014-03-15 04:37 - 00000000 ____D () C:\Users\Nola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Singing Monsters
2014-03-15 04:11 - 2014-03-15 04:11 - 00000000 ____D () C:\Users\Public\Documents\bigfish
2014-03-12 14:54 - 2011-01-16 22:58 - 00000000 ____D () C:\Program Files (x86)\Ocean Express
2014-03-12 13:15 - 2014-03-12 13:15 - 00379032 _____ () C:\Users\Nola\Downloads\Setup_V2.exe
2014-03-12 03:22 - 2009-07-13 23:45 - 00423288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 03:21 - 2013-03-14 03:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 03:21 - 2013-03-14 03:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 03:15 - 2012-10-07 22:55 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-11 19:14 - 2013-01-30 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 19:14 - 2012-05-18 20:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 19:14 - 2012-02-23 14:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 01:05 - 2014-03-11 14:35 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 00:17 - 2014-03-11 14:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 00:16 - 2014-03-11 14:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

Files to move or delete:
====================
C:\Users\Nola\hpothb07.dat


Some content of TEMP:
====================
C:\Users\Nola\AppData\Local\Temp\bitool.dll
C:\Users\Nola\AppData\Local\Temp\nsd5B7C.exe
C:\Users\Nola\AppData\Local\Temp\nsd600F.exe
C:\Users\Nola\AppData\Local\Temp\nsjBC88.exe
C:\Users\Nola\AppData\Local\Temp\nso546A.exe
C:\Users\Nola\AppData\Local\Temp\nsoB111.exe
C:\Users\Nola\AppData\Local\Temp\nsq9772.exe
C:\Users\Nola\AppData\Local\Temp\nsy651F.exe
C:\Users\Nola\AppData\Local\Temp\nsyB630.exe
C:\Users\Nola\AppData\Local\Temp\Quarantine.exe
C:\Users\Nola\AppData\Local\Temp\tempmessage.bfg


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 20:14

==================== End Of Log ============================

Hope I did it right, if not let me know. Thanks
Top
Starbuck
Posted: Apr 1 2014, 05:31 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



QUOTE
First of all, when the reports were done they didn't go to my desktop. they went to notepad and I couldn't find that

Did you actually run the fix?
The latest report is still showing items that were meant to have been removed with the fix.
The reason you couldn't find the notepad document is because it will have been saved in the Download folder.
The reports are always saved in the same location as the tool is run from.
That is why we ask for the tools be downloaded to the Desktop ..... it's always easier to find the reports then.
What you posted was the FRST fixlist.
The fixlog will come up after the fix has been run.
It will tell me if the fix was successful or not.




--------------------
user posted image
Top
punkybunge
Posted: Apr 1 2014, 07:28 PM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Yes, I thought I did run it but it did not go to my desktop or my documents where the others were. I will start at the first and do it again and hopefully get it right this time. I am sorry, I don't mean to waste your time.
Top
Starbuck
Posted: Apr 1 2014, 07:35 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



Hi Nola

QUOTE
I am sorry, I don't mean to waste your time.

As long as we get there in the end.... that's all that matters.
There is no harm in running the fix again.
If anything has already been fixed, the fix will just pass over that line.


--------------------
user posted image
Top
punkybunge
Posted: Apr 5 2014, 03:21 AM


Senior Member
*

Group: Members
Posts: 36
Member No.: 14
Joined: 30-April 12



Okay, so I have started this again and going through it very carefully. I downloaded the attached fixlist.txt at the bottom of the post. Then I reran FRST and got a file on it. When I pressed the fix button it said there was no fixlist found. It says it can be found in the same folder it is ran from but it is not in there. The FRST.txt is there but no fixtxt. so where do I go from here? huh.gif Nola
Top
Starbuck
Posted: Apr 5 2014, 12:37 PM


Retired Moderator
*

Group: Members
Posts: 627
Member No.: 6
Joined: 13-April 12



QUOTE
Then I reran FRST and got a file on it.

Not sure what you mean here.
I assume that FRST is still located in your Download folder... if so the Fixlist.txt should be there as well.
Just like this:

user posted image

All you do then is click on FRST, when it opens up click on the Fix button.
As long as the program and the fixlist are in the same Download folder, FRST will find the fixlist and run it.
You don't need to run any scans or click on anything other than the Fix button.


--------------------
user posted image
Top
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:
« Next Oldest | Inactive and Resolved HJT Log Room | Next Newest »
zIFBoards - Free Forum Hosting
Create a free forum in seconds.
Learn More · Sign-up for Free

Topic OptionsPages: (4) [1] 2 3 ... Last »



Hosted for free by zIFBoards* (Terms of Use: Updated 2/10/2010) | Powered by Invision Power Board v1.3 Final © 2003 IPS, Inc.
Page creation time: 0.1246 seconds · Archive