Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Url redirects [Closed]


  • This topic is locked This topic is locked

#1
hophead

hophead

    Member

  • Member
  • PipPip
  • 30 posts
My sons laptop came back from Dell repair without his av and malware protection on and he didn't check so here we are.

avast found some items and did a boot check but explorer is still having problems

OTL logfile created on: 11/14/2013 5:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Artem\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 35.12% Memory free
5.43 Gb Paging File | 1.86 Gb Available in Paging File | 34.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.39 Gb Total Space | 415.16 Gb Free Space | 90.77% Space Free | Partition Type: NTFS
Drive W: | 500.00 Mb Total Space | 228.59 Mb Free Space | 45.72% Space Free | Partition Type: NTFS
Drive X: | 7.23 Gb Total Space | 0.29 Gb Free Space | 4.07% Space Free | Partition Type: NTFS

Computer Name: REM | User Name: Artem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/14 17:34:27 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/11/14 17:34:26 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
PRC - [2013/11/14 17:34:26 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
PRC - [2013/11/02 09:22:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Artem\Downloads\OTL.exe
PRC - [2013/10/31 09:26:54 | 004,023,584 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2013/10/31 09:26:54 | 002,810,656 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
PRC - [2013/10/31 09:26:54 | 001,735,968 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/10/29 13:42:00 | 000,143,488 | ---- | M] () -- c:\Program Files (x86)\Optimizer Pro\OptProCrash.exe
PRC - [2013/10/28 16:20:24 | 000,107,520 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/10/22 15:52:38 | 000,114,176 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
PRC - [2013/10/16 13:38:14 | 001,074,736 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.exe
PRC - [2013/10/16 13:38:14 | 000,884,784 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
PRC - [2013/10/12 22:23:26 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/10/08 16:40:00 | 002,873,152 | ---- | M] (Iminent) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
PRC - [2013/10/02 16:14:52 | 000,272,936 | ---- | M] (Linksicle) -- C:\Program Files (x86)\Linksicle\Service\lssvc.exe
PRC - [2013/09/29 20:52:16 | 000,382,040 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe
PRC - [2013/09/23 00:17:34 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/09/04 08:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2013/09/03 17:49:44 | 000,020,248 | ---- | M] (Smartbar) -- C:\Users\Artem\AppData\Local\Smartbar\Application\QuickShare.exe
PRC - [2013/07/31 16:12:06 | 000,528,896 | ---- | M] (BrowserSafeguard) -- C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
PRC - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/09 00:02:42 | 000,348,384 | ---- | M] () -- C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
PRC - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/05/19 16:35:48 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76brmon.exe
PRC - [2013/03/12 07:03:22 | 000,342,608 | ---- | M] (PCRx.com, LLC) -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe
PRC - [2013/02/19 03:01:14 | 000,328,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
PRC - [2012/12/16 13:18:59 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/09/12 21:18:36 | 004,037,480 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/09/12 21:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/08/13 10:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 10:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/08/06 10:58:50 | 000,491,880 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/09 13:47:18 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/07/09 13:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/07 22:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/01 20:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/14 17:34:27 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/11/14 17:34:27 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
MOD - [2013/11/14 17:34:27 | 000,142,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
MOD - [2013/10/21 00:39:32 | 000,125,440 | ---- | M] () -- C:\Program Files (x86)\Social Privacy\sp.dll
MOD - [2013/10/17 11:10:20 | 002,869,720 | ---- | M] () -- c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
MOD - [2013/10/13 20:42:09 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC\SHDocVw\1.1.0.0__51b6fa9a48c79a9e\SHDocVw.dll
MOD - [2013/10/13 16:31:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\53c49b1cfdb85cf6784c7dcc8cdbd56d\System.Windows.Forms.ni.dll
MOD - [2013/10/13 16:31:17 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6029d35b6cfaf94b1d39ec54c724a8c7\System.Xml.Linq.ni.dll
MOD - [2013/10/13 16:31:16 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e6606a84f8a4cdc18c74e63ec807c689\System.Windows.Forms.ni.dll
MOD - [2013/10/13 16:31:11 | 001,836,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\a8fc6e467d1db662d77cfaf9c4959a20\System.Web.Services.ni.dll
MOD - [2013/10/13 16:31:10 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\6b40a60180e23feff705e28e351e10e1\System.ServiceModel.ni.dll
MOD - [2013/10/13 16:30:59 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e1c6945213ca43ec9769fe95576962ce\System.Runtime.Serialization.ni.dll
MOD - [2013/10/13 16:30:55 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\7ca77eb7aa8b12aeb6717d4c727f9035\System.Configuration.Install.ni.dll
MOD - [2013/10/13 16:30:54 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c508451271803f1677317735db499f5c\System.Configuration.ni.dll
MOD - [2013/10/13 16:30:53 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3e52c3479469fe72eed0716b48859e91\WindowsBase.ni.dll
MOD - [2013/10/13 16:30:50 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\79e8b7b183668471ab364d4132fb8018\System.Core.ni.dll
MOD - [2013/10/07 11:14:40 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\ScorpionSaver\IECore.dll
MOD - [2013/09/20 14:37:51 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\66408ec86b705cd9f9aab66e84bb7fd5\System.Web.Services.ni.dll
MOD - [2013/09/20 14:37:48 | 011,920,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\538224ffef6d0b8691f397688ec6a48d\System.Web.ni.dll
MOD - [2013/09/03 17:50:16 | 000,135,960 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
MOD - [2013/09/03 17:50:16 | 000,092,440 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
MOD - [2013/09/03 17:50:14 | 000,029,464 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2013/09/03 17:50:10 | 000,024,856 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2013/09/03 17:50:10 | 000,019,736 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2013/09/03 17:50:06 | 000,245,528 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
MOD - [2013/09/03 17:50:06 | 000,013,592 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2013/09/03 17:50:04 | 000,111,896 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2013/09/03 17:50:04 | 000,051,480 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2013/09/03 17:50:00 | 000,055,064 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2013/09/03 17:50:00 | 000,048,408 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
MOD - [2013/09/03 17:49:58 | 000,055,576 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2013/09/03 17:49:58 | 000,016,664 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2013/09/03 17:49:54 | 000,149,784 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2013/09/03 17:49:52 | 000,057,112 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2013/09/03 17:49:50 | 000,012,568 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2013/09/03 17:49:48 | 000,033,560 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2013/09/03 17:49:48 | 000,014,104 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2013/09/03 17:49:48 | 000,013,592 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2013/09/03 17:49:46 | 001,764,632 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2013/09/03 17:49:46 | 000,081,176 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2013/09/03 17:49:44 | 000,725,272 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2013/09/03 17:49:00 | 000,047,384 | ---- | M] () -- C:\Users\Artem\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
MOD - [2013/08/21 19:28:29 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\15412a4711e5447bd0a45681c8e355ab\IAStorUtil.ni.dll
MOD - [2013/08/21 19:18:00 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/21 19:18:00 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013/08/21 19:17:40 | 000,777,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e5a38cad0a1a3482fa45fef10ed29956\System.EnterpriseServices.ni.dll
MOD - [2013/08/21 19:17:40 | 000,249,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e5a38cad0a1a3482fa45fef10ed29956\System.EnterpriseServices.Wrapper.dll
MOD - [2013/08/21 19:13:39 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3866f7a0829a76e958174f2d89bae9a8\System.Management.ni.dll
MOD - [2013/08/20 13:01:53 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\fc5d4ada42ed8e9a30b64912f5dc9767\System.Xml.ni.dll
MOD - [2013/08/20 13:01:45 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e4447d26cd9083018bd28ddd60a0248\System.Drawing.ni.dll
MOD - [2013/08/20 13:01:44 | 006,657,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\25006a263912bf62c8bb0eb4e0b589ea\System.Data.ni.dll
MOD - [2013/08/20 13:01:16 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1b46657236c1f942f9dbaf6aac73bb49\System.ni.dll
MOD - [2013/08/18 14:05:27 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/08/18 14:05:22 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/08/18 14:05:08 | 000,641,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\7bbc5aea7dc0b3c9d25b7402d5efc91b\System.Transactions.ni.dll
MOD - [2013/08/18 14:04:37 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/08/18 14:04:34 | 007,249,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\f6943fc23e95a317f1461a29e3003685\System.Data.ni.dll
MOD - [2013/08/18 14:04:26 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/08/18 14:04:25 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013/08/18 14:04:12 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013/08/18 14:03:52 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/07/28 09:58:25 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\0a71c7804f1648e41fafdd407af38c96\IAStorCommon.ni.dll
MOD - [2013/07/28 09:45:05 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\aa8342f91aba9ea9e511e9954307ab45\CustomMarshalers.ni.dll
MOD - [2013/07/28 09:43:56 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\92229fdcf8b5abcc414baf6141f94495\Accessibility.ni.dll
MOD - [2013/07/27 11:30:45 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll
MOD - [2013/07/27 11:29:20 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d1ce70bf6cbab6ab838cbd8b50e902c1\mscorlib.ni.dll
MOD - [2013/07/27 11:08:00 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\cd6b8416903164862eba3d170df40c90\System.Management.ni.dll
MOD - [2013/07/27 11:07:19 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/07/22 17:09:08 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/07/13 02:32:22 | 000,830,312 | ---- | M] () -- C:\Users\Artem\AppData\Local\WordOv\temp.dat
MOD - [2013/07/09 00:02:42 | 000,348,384 | ---- | M] () -- C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
MOD - [2013/04/06 22:09:30 | 000,830,312 | ---- | M] () -- C:\Users\Artem\AppData\Local\SySaver\temp.dat
MOD - [2012/12/16 13:17:12 | 008,013,664 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2012/12/16 13:17:12 | 000,125,512 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
MOD - [2012/12/16 13:17:11 | 000,145,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2012/09/12 21:18:38 | 002,003,304 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
MOD - [2012/08/10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/08/06 10:59:24 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
MOD - [2012/08/06 10:59:16 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
MOD - [2012/07/26 06:08:38 | 002,972,672 | R--- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/07/26 06:08:38 | 000,069,120 | R--- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2012/06/08 11:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 22:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/09/17 12:25:42 | 001,761,584 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2013/08/16 00:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/01 19:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/24 17:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 04:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 01:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 18:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 18:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/08/06 20:12:02 | 000,099,696 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AECLSr64.exe -- (AECLFilters)
SRV:64bit: - [2012/08/06 19:16:40 | 000,007,168 | ---- | M] (Cirrus Logic) [Auto | Stopped] -- c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe -- (CirrusAudioService)
SRV:64bit: - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/19 16:09:48 | 002,247,992 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:64bit: - [2012/05/30 13:11:34 | 000,149,544 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013/11/14 17:34:26 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
SRV - [2013/10/31 09:26:54 | 001,735,968 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/10/29 13:42:08 | 000,507,912 | ---- | M] () [Auto | Running] -- C:\Windows\Installer\MSI49DD.tmp -- (Level Quality Watcher)
SRV - [2013/10/29 13:42:00 | 000,143,488 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Optimizer Pro\OptProCrash.exe -- (70e6ca8c)
SRV - [2013/10/28 16:20:24 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Artem\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/10/22 15:52:38 | 000,114,176 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe -- (WajamUpdaterV3)
SRV - [2013/10/08 16:40:00 | 002,873,152 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2013/10/02 16:14:52 | 000,272,936 | ---- | M] (Linksicle) [Auto | Running] -- C:\Program Files (x86)\Linksicle\Service\lssvc.exe -- (lssvc)
SRV - [2013/09/04 08:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013/08/14 12:55:29 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/07/01 12:55:40 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/06/02 14:19:00 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe -- (GoToAssist)
SRV - [2013/03/12 07:03:22 | 000,342,608 | ---- | M] (PCRx.com, LLC) [Auto | Running] -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe -- (24x7HelpSvc)
SRV - [2012/11/05 23:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/10/06 00:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/12 21:18:34 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/09 13:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/02 16:14:52 | 000,058,192 | ---- | M] (Linksicle) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\lsnfd.sys -- (lsnfd)
DRV:64bit: - [2013/09/05 00:43:42 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/16 00:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/07/20 00:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 00:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 00:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 00:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/18 01:04:48 | 000,248,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2013/07/09 03:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 20:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/07/01 20:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 20:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/01 19:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/01 17:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/07/01 00:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/06/29 01:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/10 16:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/05/31 22:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/04 02:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 05:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/22 18:40:40 | 000,023,312 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DellProf.sys -- (DellProf)
DRV:64bit: - [2013/01/22 18:40:40 | 000,023,312 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DDDriver64Dcsa.sys -- (DDDriver)
DRV:64bit: - [2013/01/09 20:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 22:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 23:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 22:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/27 01:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/10/26 03:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2012/10/12 03:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 02:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/06 00:12:34 | 009,004,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/09/04 09:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012/08/06 20:12:02 | 000,041,328 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CSLFDx64.sys -- (CirrusLFD)
DRV:64bit: - [2012/08/05 01:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 21:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 21:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/19 16:09:46 | 000,164,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012/07/10 15:00:56 | 006,824,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 10:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 10:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 21:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/06/13 00:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/05/30 13:10:50 | 000,016,168 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/07/08 14:26:45 | 000,018,568 | ---- | M] (Mercury Interactive Corp.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\pal_drv.sys -- (paldrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {52F47DFA-B2BF-4B65-A227-05E13E52341A}
IE:64bit: - HKLM\..\SearchScopes\{52F47DFA-B2BF-4B65-A227-05E13E52341A}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {847DE6FD-B04B-4177-97B5-ABBD1C0D2412}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{52F47DFA-B2BF-4B65-A227-05E13E52341A}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\..\SearchScopes\{ccfd38c1-ada4-4d7e-9321-8562a83bf273}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...BE-5001DCB038E5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {65acda49-3f2a-4431-b4cd-e5b10e2b0720} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKCU\..\SearchScopes\{847DE6FD-B04B-4177-97B5-ABBD1C0D2412}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-ptn/search/redirect/?type=default&user_id=4d9b6081-fb08-49bd-b4e1-aa206eaea88b&query={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-09-13 15:03:40&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BE74FBC-EB72-49F8-9F09-EAEC2CEE7C3A}: "URL" = http://search.condui...7325926200&UM=2
IE - HKCU\..\SearchScopes\{B377F6F8-C75B-4774-8F9C-9222998CC033}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{ccfd38c1-ada4-4d7e-9321-8562a83bf273}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49225;https=127.0.0.1:49225

========== FireFox ==========

FF - prefs.js..CT3291327.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3298580.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3314312.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V44 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V44 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...DCB038E5&SSPV="
FF - prefs.js..extensions.enabledAddons: plugin%40getwebcake.com:1.00.01
FF - prefs.js..extensions.enabledAddons: %7B91f83c3f-2b96-c431-1e4e-252af976d955%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.condui...187634&UM=2&q="

FF - user.js..extensions.enabledAddons: [email protected]:1.0

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@PhenomenaTracker_76.com/Plugin: C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\NP76Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Artem\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_76.com: C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin [2013/08/28 05:32:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013/10/29 16:44:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9F17B1A2-7317-49ef-BCB7-7BB47BDE10F8}: C:\Program Files (x86)\HP\Unified Functional Testing\Bin\Mozilla\Common
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Social Privacy\FF\ [2013/10/29 13:41:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/02/14 10:41:10 | 000,037,909 | ---- | M] ()

[2013/06/17 18:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Extensions
[2012/12/20 07:06:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\extensions
[2012/12/20 07:06:50 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/10/29 13:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions
[2013/09/21 17:09:16 | 000,000,000 | ---D | M] (SweetPacks A2) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{30ee6676-1ba6-455a-a7e8-298fa863a546}
[2013/10/28 16:19:41 | 000,000,000 | ---D | M] (MixiDJ V44) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}
[2013/09/14 07:11:21 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{91f83c3f-2b96-c431-1e4e-252af976d955}
[2013/10/13 20:40:39 | 000,000,000 | ---D | M] (SweetPacks A5) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}
[2013/10/13 20:42:08 | 000,000,000 | ---D | M] (PlayBryte) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/29 13:42:14 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/28 16:20:24 | 000,044,293 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/07/23 02:08:09 | 000,018,499 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/24 14:25:28 | 000,609,057 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/11/06 05:43:33 | 000,000,845 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\conduit-search.xml
[2013/10/28 16:19:43 | 000,000,997 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\conduit.xml
[2013/11/02 08:43:25 | 000,002,115 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\MyStart Search.xml
[2013/08/26 08:26:27 | 000,003,725 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\safeguard-secure-search.xml
[2013/10/29 16:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/29 16:44:16 | 000,000,000 | ---D | M] () -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/09/14 07:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/14 07:15:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013/09/13 14:02:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/08 17:01:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/09/08 17:01:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - plugin: First user (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.14.253.3_0\
CHR - Extension: WebCake = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: SySaver = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: Iminent = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.43.4.1_0\
CHR - Extension: Unified Functional Testing Agent = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohokhibioddenbhekdbbdbmcmbeeeih\11.52.467.0_0\
CHR - Extension: Bookmark Manager = C:\Users\Artem\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\

O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Linksicle) - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll (Linksicle)
O2:64bit: - BHO: (no name) - {474264BC-9571-47C1-85B9-780F756DC9CE} - No CLSID value found.
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O2 - BHO: (Linksicle) - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files (x86)\Linksicle\IE\LinksicleClientIE.dll (Linksicle)
O2 - BHO: (SySaver) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Artem\AppData\Local\SySaver\temp.dat ()
O2 - BHO: (Toolbar BHO) - {440061cb-4ca1-4e86-a9e2-773a66563033} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O2 - BHO: (no name) - {474264BC-9571-47C1-85B9-780F756DC9CE} - No CLSID value found.
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Artem\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (MixiDJ V44 Toolbar) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O2 - BHO: (Social Privacy) - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll ()
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (WordOv) - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Artem\AppData\Local\WordOv\temp.dat ()
O2 - BHO: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O2 - BHO: (Search Assistant BHO) - {e1b81206-8eba-43ef-9c8f-811087e137be} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PhenomenaTracker) - {82febb1b-e68b-4d9e-bd3e-ce21db3496ae} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (MixiDJ V44 Toolbar) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll猀 File not found
O3 - HKCU\..\Toolbar\WebBrowser: (PhenomenaTracker) - {82FEBB1B-E68B-4D9E-BD3E-CE21DB3496AE} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V44 Toolbar) - {90A1B331-C2B4-4933-9F63-BA7B84D60D58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.14 Toolbar) - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PhenomenaTracker Home Page Guard 64 bit] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\AppIntegrator64.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [24x7HELP] C:\Program Files (x86)\24x7Help\App24x7Help.exe (Crawler, LLC)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [PCFixSpeed] C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (Crawler.com)
O4 - HKLM..\Run: [PhenomenaTracker Search Scope Monitor] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [PhenomenaTracker_76 Browser Plugin Loader] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [BackgroundContainer] C:\Users\Artem\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Artem\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - HKCU..\Run: [BrowserSafeguard] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (BrowserSafeguard)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms ()
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKLM..\RunOnce: [SPUpdSentinel] C:\Program Files (x86)\Common Files\Umbrella\umbrella_bkp.exe (Iminent)
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk = C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk = C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04F6FD06-026C-4993-A17B-77A90012EFD7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04F6FD06-026C-4993-A17B-77A90012EFD7}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6018CB27-69B3-44F6-9897-343760DBEF2F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FF4F1D8-2A07-4B34-91F7-1D323F16F2E4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7909A035-294E-4522-BF34-9A0D11264F31}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADF02938-DCD7-4A28-A9D0-1FDC52E56BB6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADF02938-DCD7-4A28-A9D0-1FDC52E56BB6}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7928E27-722B-4967-9B7D-E39A07B53EA6}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\HTLFP - No CLSID value found
O18:64bit: - Protocol\Handler\vfsp - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\HTLFP {03B7A5D4-96B0-4316-95F8-072D326A58F1} - ielpview.dll File not found
O18 - Protocol\Handler\vfsp {E4CB5121-E242-11D4-8ED6-00010219EB22} - VFSProtocol.dll File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) - C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\822\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {A5949E07-8536-4625-A3D0-2DD83F559990} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {A5949E07-8536-4625-A3D0-2DD83F559990} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5a806743-4172-11e2-be6e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a806743-4172-11e2-be6e-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\autoRcd.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/06 05:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SearchProtect
[2013/11/02 08:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/10/29 16:44:33 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\24x7 Help
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\PCFixSpeed
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PCFixSpeed
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\24x7Help
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help
[2013/10/29 16:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixSpeed
[2013/10/29 16:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
[2013/10/29 16:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Linksicle
[2013/10/29 16:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linksicle
[2013/10/29 13:42:18 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2013/10/29 13:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013/10/29 13:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/10/29 13:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Level Quality Watcher
[2013/10/29 13:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2013/10/29 13:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2013/10/29 13:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/10/29 13:41:43 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Local\SearchProtect
[2013/10/29 13:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy
[2013/10/29 13:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy DNS
[2013/10/29 13:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sp
[2013/10/28 16:21:42 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SySaver
[2013/10/28 16:21:37 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Local\SySaver
[2013/10/28 16:21:08 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Iminent
[2013/10/28 16:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013/10/28 16:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013/10/28 16:20:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2013/10/28 16:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013/10/28 16:20:24 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\defaulttab
[2013/10/28 16:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MixiDJ_V44
[2013/10/28 16:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/10/28 16:19:31 | 000,000,000 | ---D | C] -- C:\Users\Artem\Documents\Flash Player Pro
[2013/10/28 16:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/28 13:26:52 | 000,000,000 | ---D | C] -- C:\SearchProtect
[2013/10/18 07:28:11 | 000,000,000 | ---D | C] -- C:\Users\Artem\`
[2013/08/11 06:04:11 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/14 17:34:27 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/14 17:28:54 | 000,861,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/14 17:28:54 | 000,728,508 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/14 17:28:54 | 000,136,914 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/14 17:28:22 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/14 17:26:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/02 08:52:39 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/11/02 08:47:53 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/02 08:47:42 | 000,000,258 | RHS- | M] () -- C:\Users\Artem\ntuser.pol
[2013/11/02 08:46:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/02 08:46:00 | 3322,802,176 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/29 16:44:30 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\24x7 Help.lnk
[2013/10/29 16:44:29 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/10/29 13:42:00 | 000,001,064 | ---- | M] () -- C:\Users\Artem\Desktop\Optimizer Pro.lnk
[2013/10/28 16:21:00 | 000,000,620 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/10/28 16:19:33 | 000,001,105 | ---- | M] () -- C:\Users\Artem\Desktop\Flash Player Pro.lnk
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/29 16:44:30 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\24x7 Help.lnk
[2013/10/29 16:44:29 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/10/29 13:42:00 | 000,001,064 | ---- | C] () -- C:\Users\Artem\Desktop\Optimizer Pro.lnk
[2013/10/28 16:20:54 | 000,000,620 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/10/28 16:20:26 | 000,000,258 | RHS- | C] () -- C:\Users\Artem\ntuser.pol
[2013/10/28 16:19:33 | 000,001,105 | ---- | C] () -- C:\Users\Artem\Desktop\Flash Player Pro.lnk
[2013/09/14 07:12:36 | 000,000,000 | ---- | C] () -- C:\ProgramData\3a2c3e_c
[2013/09/11 05:57:34 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/07/08 14:36:52 | 000,000,140 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/07/08 14:36:42 | 000,001,957 | ---- | C] () -- C:\Windows\mercury.ini
[2013/05/12 18:12:24 | 000,061,304 | ---- | C] () -- C:\Users\Artem\g2mdlhlpx.exe
[2012/10/16 13:37:04 | 000,876,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/06 00:12:28 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/06 00:12:22 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/10/06 00:12:10 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2012/12/05 20:02:48 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 01:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 00:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/29 16:44:33 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\24x7 Help
[2013/09/07 11:01:27 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\AVG2013
[2013/08/16 16:20:28 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\Betcat
[2013/06/02 15:36:30 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\Broderbund
[2013/10/28 16:20:24 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\defaulttab
[2013/10/28 16:21:08 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\Iminent
[2012/12/04 17:33:06 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\Leadertech
[2013/09/14 07:13:24 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\OpenCandy
[2012/12/08 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\OpenOffice.org
[2012/12/06 17:41:45 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\PCDr
[2013/11/14 17:26:07 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\PCFixSpeed
[2013/07/16 14:11:36 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\ReportViewer
[2013/09/13 14:03:29 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\SmartPCFix
[2012/12/15 08:33:44 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\Thinix
[2013/06/22 14:32:01 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\TypingMaster7
[2013/09/07 10:37:58 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\uTorrent
[2012/12/17 18:23:16 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\WebApp
[2013/08/12 08:28:48 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\WebCake

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:373E1720

< End of report >
  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.

Please note: I am currently in training and all my fixes must be approved by my teacher before being posted. This gives you the advantage of having two people working to solve your problems.

Before we get started, I have a few things I need to go over with you

  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please subscribe to this topic. By subscribing, the board will notify you when a new reply is added to your topic. You can find instructions on how to do that by clicking here.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.

  • Please read through my instructions carefully and completely before executing them.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please copy and paste the contents of any requested logs in your replies. Do not attach the log files in your replies unless requested to do so.
  • Please remember, the fixes are for your machine and your machine ONLY!



Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)

Now, let's get started, shall we? :thumbsup:



Hello :) There should be another log that was produced when you ran OTL the first time called Extras.txt It will be located in the same location as where you ran OTL from, in this case: C:\Users\Artem\Downloads Please post that log in your next reply.

Also, please move OTL.exe to your desktop, it will run better from there. :) I am currently working up a fix for review by my instructor.

Don't worry, we'll get this straightened out. :) :thumbsup:

Things I need to see in your next post:

Extras Log

  • 0

#3
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi, let's get started clearing out the rubbish and getting your machine clean. :) :thumbsup:

If you have the Extras.txt log I requested in the previous post, please include it with the logs these scans will produce.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Disable Chrome Extensions

There are some extensions in Chrome that need to be removed, please follow the instructions below to remove them.

Start Chrome and type this into the address bar: chrome:extensions

This will display a page of all the installed extensions. Please remove the extensions in the list below by clicking the trash can icon beside each one.
  • WebCake
  • SySaver
  • Iminent

If one of the extensions I've asked you to remove is not listed, don't worry about it. Just move on to the next one in the list.



Step 2: OTL Fix


Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the dektop and icons, they will return on reboot.

Run OTL

  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

Posted Image

:Commands
[createrestorepoint]

:OTL

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {52F47DFA-B2BF-4B65-A227-05E13E52341A}
IE - HKLM\..\URLSearchHook: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {847DE6FD-B04B-4177-97B5-ABBD1C0D2412}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{ccfd38c1-ada4-4d7e-9321-8562a83bf273}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...BE-5001DCB038E5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {65acda49-3f2a-4431-b4cd-e5b10e2b0720} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-ptn/search/redirect/?type=default&user_id=4d9b6081-fb08-49bd-b4e1-aa206eaea88b&query={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-09-13 15:03:40&v=15.4.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BE74FBC-EB72-49F8-9F09-EAEC2CEE7C3A}: "URL" = http://search.condui...7325926200&UM=2
IE - HKCU\..\SearchScopes\{ccfd38c1-ada4-4d7e-9321-8562a83bf273}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49225;https=127.0.0.1:49225

FF - prefs.js..CT3291327.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3298580.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3314312.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V44 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V44 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.startup.homepage: "http://search.condui...DCB038E5&SSPV="
FF - prefs.js..extensions.enabledAddons: plugin%40getwebcake.com:1.00.01
FF - prefs.js..keyword.URL: "http://search.condui...187634&UM=2&q="
FF - HKLM\Software\MozillaPlugins\@PhenomenaTracker_76.com/Plugin: C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\NP76Stub.dll (MindSpark)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_76.com: C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin [2013/08/28 05:32:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013/10/29 16:44:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/02/14 10:41:10 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Social Privacy\FF\ [2013/10/29 13:41:39 | 000,000,000 | ---D | M]
FF - user.js..extensions.enabledAddons: [email protected]:1.0
[2012/12/20 07:06:50 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/10/29 13:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions
[2013/09/21 17:09:16 | 000,000,000 | ---D | M] (SweetPacks A2) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{30ee6676-1ba6-455a-a7e8-298fa863a546}
[2013/10/28 16:19:41 | 000,000,000 | ---D | M] (MixiDJ V44) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{90a1b331-c2b4-4933-9f63-ba7b84d60d58}
[2013/09/14 07:11:21 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{91f83c3f-2b96-c431-1e4e-252af976d955}
[2013/10/13 20:40:39 | 000,000,000 | ---D | M] (SweetPacks A5) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\{93ec97bf-fe43-4bca-a735-5c5d6a0a40c4}
[2013/10/13 20:42:08 | 000,000,000 | ---D | M] (PlayBryte) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/29 13:42:14 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/28 16:20:24 | 000,044,293 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/07/23 02:08:09 | 000,018,499 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/10/24 14:25:28 | 000,609,057 | ---- | M] () (No name found) -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\extensions\[email protected]
[2013/11/06 05:43:33 | 000,000,845 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\conduit-search.xml
[2013/10/28 16:19:43 | 000,000,997 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\conduit.xml
[2013/11/02 08:43:25 | 000,002,115 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\MyStart Search.xml
[2013/08/26 08:26:27 | 000,003,725 | ---- | M] () -- C:\Users\Artem\AppData\Roaming\Mozilla\Firefox\Profiles\husqrxvp.default\searchplugins\safeguard-secure-search.xml
[2013/10/29 16:44:16 | 000,000,000 | ---D | M] () -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/09/14 07:15:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
O2:64bit: - BHO: (Linksicle) - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll (Linksicle)
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O2 - BHO: (Linksicle) - {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files (x86)\Linksicle\IE\LinksicleClientIE.dll (Linksicle)
O2 - BHO: (SySaver) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Artem\AppData\Local\SySaver\temp.dat ()
O2 - BHO: (Toolbar BHO) - {440061cb-4ca1-4e86-a9e2-773a66563033} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Artem\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (MixiDJ V44 Toolbar) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O2 - BHO: (Social Privacy) - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll ()
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (WordOv) - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Artem\AppData\Local\WordOv\temp.dat ()
O2 - BHO: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O2 - BHO: (Search Assistant BHO) - {e1b81206-8eba-43ef-9c8f-811087e137be} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PhenomenaTracker) - {82febb1b-e68b-4d9e-bd3e-ce21db3496ae} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (MixiDJ V44 Toolbar) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 1.14 Toolbar) - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll? File not found
O3 - HKCU\..\Toolbar\WebBrowser: (PhenomenaTracker) - {82FEBB1B-E68B-4D9E-BD3E-CE21DB3496AE} - C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76bar.dll (MindSpark)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V44 Toolbar) - {90A1B331-C2B4-4933-9F63-BA7B84D60D58} - C:\Program Files (x86)\MixiDJ_V44\prxtbMixi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.14 Toolbar) - {DA51D4F6-3E7E-4EF8-B400-9198E0874606} - C:\Program Files (x86)\KeyBar_1.14\prxtbKey0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [PhenomenaTracker Home Page Guard 64 bit] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\AppIntegrator64.exe ()
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [PCFixSpeed] C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (Crawler.com)
O4 - HKLM..\Run: [PhenomenaTracker Search Scope Monitor] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [PhenomenaTracker_76 Browser Plugin Loader] C:\Program Files (x86)\PhenomenaTracker_76\bar\1.bin\76brmon.exe (VER_COMPANY_NAME)
O4 - HKCU..\Run: [BackgroundContainer] C:\Users\Artem\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Artem\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - HKCU..\Run: [BrowserSafeguard] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (BrowserSafeguard)
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKLM..\RunOnce: [SPUpdSentinel] C:\Program Files (x86)\Common Files\Umbrella\umbrella_bkp.exe (Iminent)
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk = C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
O4 - Startup: C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk = C:\Users\Artem\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) - C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll ()
[2013/11/06 05:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SearchProtect
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\PCFixSpeed
[2013/10/29 16:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PCFixSpeed
[2013/10/29 16:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixSpeed
[2013/10/29 16:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
[2013/10/29 16:44:15 | 000,000,000 | ---D | C] -- C:\Program Files\Linksicle
[2013/10/29 16:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linksicle
[2013/10/29 13:42:18 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2013/10/29 13:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013/10/29 13:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/10/29 13:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Level Quality Watcher
[2013/10/29 13:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2013/10/29 13:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2013/10/29 13:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/10/29 13:41:43 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Local\SearchProtect
[2013/10/29 13:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy
[2013/10/29 13:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy DNS
[2013/10/29 13:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sp
[2013/10/28 16:21:42 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SySaver
[2013/10/28 16:21:37 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Local\SySaver
[2013/10/28 16:21:08 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\Iminent
[2013/10/28 16:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013/10/28 16:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013/10/28 16:20:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2013/10/28 16:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013/10/28 16:20:24 | 000,000,000 | ---D | C] -- C:\Users\Artem\AppData\Roaming\defaulttab
[2013/10/28 16:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MixiDJ_V44
[2013/10/28 13:26:52 | 000,000,000 | ---D | C] -- C:\SearchProtect
[2013/08/11 06:04:11 | 000,051,992 | ---- | C] (cake bake) -- C:\Program Files (x86)\WBDesktop.Updater.exe
[2013/10/29 16:44:29 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/10/29 13:42:00 | 000,001,064 | ---- | M] () -- C:\Users\Artem\Desktop\Optimizer Pro.lnk
[2013/10/29 16:44:29 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Optimize Your PC.lnk
[2013/10/29 13:42:00 | 000,001,064 | ---- | C] () -- C:\Users\Artem\Desktop\Optimizer Pro.lnk
[2013/05/12 18:12:24 | 000,061,304 | ---- | C] () -- C:\Users\Artem\g2mdlhlpx.exe
[2013/09/14 07:13:24 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\OpenCandy
[2013/09/13 14:03:29 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\SmartPCFix
[2013/11/14 17:26:07 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\PCFixSpeed
[2013/09/13 14:03:29 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\SmartPCFix
[2012/12/17 18:23:16 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\WebApp
[2013/08/12 08:28:48 | 000,000,000 | ---D | M] -- C:\Users\Artem\AppData\Roaming\WebCake
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:373E1720

:Commands
[emptytemp]



  • Click the Run Fix button at the top of the OTL control panel.
  • Let the program run until it's finished and then reboot the computer.
  • Once your machine has rebooted, a log will open. Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


Posted Image

  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
This report is also saved at C:\AdwCleaner[R0].txt

Step 4: Junkware Removal Tool


Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Step 5: OTL Quick Scan


Start OTL and this time click the Quick Scan button.

When OTL finishes the scan, it will produce a log. Please post it in your next reply.



Things I need to see in your next post:

  • OTL Fix Log
  • AdwCleaner Log
  • Junkware Removal Tool Log
  • OTL Quick Scan Log
  • Extras Log - If available
  • How is the computer running now?

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP