CreateRestorePoint: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [ROC_roc_dec12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 HKLM-x32\...\Run: [fst_us_68] => [X] HKLM-x32\...\Run: [fst_us_70] => [X] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\...\MountPoints2: {c49d0f64-b88b-11e4-851f-60eb69f1d265} - D:\Setup.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe GroupPolicy: Restriction - Chrome <======= ATTENTION ProxyEnable: [.DEFAULT] => Proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:61015;https=127.0.0.1:61015 RemoveProxy: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1981047535-1425690070-2209561917-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.trovi.com/?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=55&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&SSPV= hxxp://start.toshiba.com/g/ URLSearchHook: HKLM-x32 - Vgrabber Toolbar - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\Vgrabber\prxtbVgra.dll (Conduit Ltd.) SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3059010 SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://search.my-tools-app.com/?babsrc=home&s=web&as=0&isid=9852&q={searchTerms} SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=58&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MC5D4DAF2-2435-4FB7-AD0A-732058797FCE&SearchSource=58&CUI=&UM=5&UP=SPF128739E-ED63-4E9B-9A3E-87C00BFBA299&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={56B6D338-F6B9-4F56-8D48-2565410D86F0}&mid=3304f7d12e4c47d1bcc4b1a22f153b96-c6d99d63e392968ecb995946e7d1e069db742ae9&lang=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-09-02 21:02:30&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=166&itype=n&ver=12565&tm=355&src=ds&p={searchTerms} BHO-x32: I Want This -> {11111111-1111-1111-1111-110011221158} -> C:\Program Files (x86)\I Want This\I Want This.dll [2012-01-25] (215 Apps) BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO) BHO-x32: Vgrabber Toolbar -> {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} -> C:\Program Files (x86)\Vgrabber\prxtbVgra.dll [2011-05-09] (Conduit Ltd.) Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.) Toolbar: HKLM-x32 - Vgrabber Toolbar - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\Vgrabber\prxtbVgra.dll [2011-05-09] (Conduit Ltd.) Toolbar: HKLM-x32 - No Name - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - No File Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-1981047535-1425690070-2209561917-1001 -> No Name - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - No File CHR HomePage: Default -> search.ask.com/?gct=hp CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331616&octid=EB_ORIGINAL_CTID&ISID=M4D44265B-90FD-4784-9FBE-7385541A7A8C&SearchSource=55&CUI=&UM=6&UP=SPB142F516-F74D-4FB9-876A-5C64721774E2&SSPV=" CHR Extension: (Ask Search) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf [2015-11-21] CHR Extension: (MyTools extension) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkbppmdgdfccoihhajoeflficbpgcnm [2014-06-19] [UpdateUrl: hxxp://mytoolsapp.info/chrome_update.xml] <==== ATTENTION CHR Extension: (Bflix) - C:\Users\JOHN THE MAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpojpihgafjhbgkgaglhighomjceieff [2014-06-19] [UpdateUrl: hxxp://thebflix.com/chrome_update.xml] <==== ATTENTION CHR HKLM-x32\...\Chrome\Extension: [kpojpihgafjhbgkgaglhighomjceieff] - C:\Program Files (x86)\BFlix\BFlix.crx [2012-02-03] CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx CHR HKLM-x32\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Llynne\AppData\Local\I Want This\Chrome\I Want This.crx EmptyTemp: