Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP! What is GS Supporter (Adware-Bprotect) and how can I remove

GS Supporter Adware-Bprotect Virus Adware Malware

  • Please log in to reply

#1
IncisuraGL

IncisuraGL

    New Member

  • Member
  • Pip
  • 8 posts

I need help with removing this annoying GS Supporter folder and its contents.
Its driving me crazy. I don't know what it is and what it does to my computer,
but McAfee keeps blocking it and sees it as a potentiel unwanted program.

 

I first encountered this two months ago and I let McAfee do its job, but further investigating it,

I found out that it wasn't removed properly or at all.

And now, McAfee keeps blocking every 1 minute, even though I hit delete/remove when a pop-up notification from McAfee pops up and

through McAfee's quarantine.

 

I seriously need help removing this, and if anyone has had a problem with it and successfully removed it, I need to know.

 

GS Supporter folder's location is:

               

            C:\Program Files (86x)\GS Supporter\

 

and consists of two files:

 

            Assistant.dll & Assistant_64x.dll

 

I tried removing these two files directly but failed, because they're running on Rundll32.exe

 

Please help.

 

-Incisura

 


  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

  • 0

#3
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Mack (administrator) on Mack-Pc on 05-04-2014 09:39:38
Running from C:\Users\Mack\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Danish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Broadband\Mobile Broadband.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsMap.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-20] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-20] (Atheros Commnucations)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {07b65641-e8a8-11e2-bad1-001e101f859f} - E:\AutoRun.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {3526c0b7-8830-11e2-b73e-08edb919f39b} - E:\HPLauncher.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {37dbffc3-dffe-11e2-92ae-dc0ea1a62390} - E:\AutoRun.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {37dbffd1-dffe-11e2-92ae-dc0ea1a62390} - E:\AutoRun.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {4cd794c1-e059-11e2-a7c5-001e101f8aaa} - E:\AutoRun.exe
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {692d40e3-f771-11e1-ba56-08edb919f39b} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1716648849-722197210-3348466993-1000\...\MountPoints2: {abfced2b-e661-11e2-825c-08edb919f39b} - F:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\GSSUPP~1\ASSIST~2.DLL => C:\Program Files (x86)\GS Supporter\Assistant_x64.dll [2759168 2014-01-19] ()
AppInit_DLLs-x32: c:\progra~2\gssupp~1\assist~1.dll => C:\Program Files (x86)\GS Supporter\Assistant.dll [3041792 2014-01-19] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-se...119293&tsp=4998
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...119293&tsp=4998
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: JoNiiCoUppOun - {91419440-8915-CCB3-8F60-533C1BE555D6} - C:\ProgramData\JoNiiCoUppOun\WVMwa.x64.dll No File
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\..\Interfaces\{3D0F7F2D-8AE9-4525-8CFD-F96304A6EEE2}: [NameServer]194.177.224.9 8.8.8.8
Tcpip\..\Interfaces\{800C1ED0-6686-45D5-9F91-9C0BD857A390}: [NameServer]194.177.224.9 8.8.8.8
Tcpip\..\Interfaces\{AE5B0E54-EB4A-4C1A-96D0-7CBBFFF8AA14}: [NameServer]194.177.224.9 8.8.8.8
Tcpip\..\Interfaces\{ECF621D2-EA38-41B7-B7E1-08EB6B259418}: [NameServer]194.177.224.9 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Mack\AppData\Roaming\Mozilla\Firefox\Profiles\1qyagrws.default-1390594755629
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: JoNiiCoUppOun - C:\Users\Mack\AppData\Roaming\Mozilla\Firefox\Profiles\1qyagrws.default-1390594755629\Extensions\[email protected] [2014-03-07]
FF Extension: YTBlockeurApP - C:\Users\Mack\AppData\Roaming\Mozilla\Firefox\Profiles\1qyagrws.default-1390594755629\Extensions\[email protected] [2014-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-13]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-13]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (gareoatsavEr) - C:\Users\Mack\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimmlolknnkmopfjdebbbfeihpmncahb [2014-01-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-02-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-08] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S2 Mobile Broadband. RunOuc; C:\Program Files (x86)\Mobile Broadband\UpdateDog\ouc.exe [655712 2011-12-23] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-20] (Atheros)
S2 e9f32388; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service

==================== Drivers (Whitelisted) ====================

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 09:39 - 2014-04-05 09:40 - 00023475 _____ () C:\Users\Mack\Downloads\FRST.txt
2014-04-05 09:38 - 2014-04-05 09:39 - 00000000 ____D () C:\FRST
2014-04-05 09:35 - 2014-04-05 09:36 - 02157056 _____ (Farbar) C:\Users\Mack\Downloads\FRST64.exe
2014-04-04 13:50 - 2014-04-04 13:50 - 00215851 _____ () C:\Users\Mack\Downloads\Matt Preston's No Prove Bread Recipe.htm
2014-04-04 13:50 - 2014-04-04 13:50 - 00000000 ____D () C:\Users\Mack\Downloads\Matt Preston's No Prove Bread Recipe_files
2014-04-01 09:27 - 2014-04-01 09:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-23 18:51 - 2014-03-23 18:51 - 00000000 ____D () C:\Users\Mack\AppData\Local\{F17C6DEF-3B0D-4F63-B4D3-1E8356010E5A}
2014-03-23 18:48 - 2014-03-23 18:48 - 00000000 ____D () C:\Users\Mack\AppData\Local\{60EFE6F0-57A4-4BEE-BA27-7AC7A8D2C412}
2014-03-23 18:07 - 2014-03-23 18:07 - 00000000 ____D () C:\Users\Mack\AppData\Local\{1C886988-E320-4EB6-A372-73FBC01D8623}
2014-03-23 18:02 - 2014-03-23 18:02 - 00000000 ____D () C:\Users\Mack\AppData\Local\{87740E9C-19C1-4C0A-BF91-E8C74FED7619}
2014-03-23 18:01 - 2014-03-23 18:01 - 00000000 ____D () C:\Users\Mack\AppData\Local\{1CA64C21-7196-4C3B-9922-1295FEDEBE27}
2014-03-16 11:06 - 2014-03-28 22:33 - 00000000 ____D () C:\ProgramData\TakeTheCoupoN
2014-03-14 18:29 - 2014-03-14 18:29 - 00000000 ____D () C:\Users\Mack\AppData\Local\{06618443-4A39-4C5D-8A22-44E9CE62A5F3}
2014-03-14 00:09 - 2014-03-01 04:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 00:09 - 2014-03-01 03:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 00:09 - 2014-03-01 03:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 00:09 - 2014-03-01 02:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 00:09 - 2014-03-01 02:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 00:09 - 2014-03-01 02:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 00:09 - 2014-03-01 02:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 00:09 - 2014-03-01 02:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 00:09 - 2014-03-01 02:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 00:09 - 2014-03-01 02:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 00:09 - 2014-03-01 02:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 00:09 - 2014-03-01 02:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 00:09 - 2014-03-01 02:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 00:09 - 2014-03-01 02:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 00:09 - 2014-03-01 02:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 00:09 - 2014-03-01 02:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 00:09 - 2014-03-01 02:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 00:09 - 2014-03-01 01:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 00:09 - 2014-03-01 01:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 00:09 - 2014-03-01 01:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 00:09 - 2014-03-01 01:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 00:09 - 2014-03-01 01:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 00:09 - 2014-03-01 01:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 00:09 - 2014-03-01 01:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 00:09 - 2014-03-01 01:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 00:09 - 2014-03-01 01:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 00:09 - 2014-03-01 01:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 00:09 - 2014-03-01 01:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 00:09 - 2014-03-01 01:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 00:09 - 2014-03-01 01:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 00:09 - 2014-03-01 01:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 00:09 - 2014-03-01 01:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 00:09 - 2014-03-01 01:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 00:09 - 2014-03-01 01:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 00:09 - 2014-03-01 00:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 00:09 - 2014-03-01 00:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 00:09 - 2014-03-01 00:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 00:09 - 2014-03-01 00:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 00:09 - 2014-03-01 00:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 00:09 - 2014-03-01 00:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 00:09 - 2014-02-06 23:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 00:09 - 2014-02-04 00:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 00:09 - 2014-02-04 00:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 00:09 - 2014-01-29 00:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 00:09 - 2014-01-29 00:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 00:09 - 2014-01-28 00:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 12:48 - 2014-02-04 00:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 12:48 - 2014-02-04 00:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 08:03 - 2014-03-12 08:03 - 00000000 ____D () C:\Users\Mack\.android
2014-03-12 08:02 - 2014-03-12 08:02 - 00000000 ____D () C:\Users\Mack\.swt
2014-03-12 08:01 - 2014-03-12 08:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-03-12 07:41 - 2014-03-12 07:41 - 00000000 ____D () C:\Users\Mack\Documents\Sony
2014-03-12 00:48 - 2014-03-25 14:47 - 00002030 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-12 00:47 - 2014-03-12 00:47 - 00000000 ____D () C:\ProgramData\Sony
2014-03-12 00:47 - 2014-03-12 00:47 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-11 13:43 - 2014-03-11 13:44 - 00000022 _____ () C:\Users\Mack\Downloads\Outlook.zip
2014-03-07 18:27 - 2014-03-07 18:27 - 00000833 _____ () C:\Users\Mack\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-07 14:06 - 2014-03-07 14:06 - 00000000 ____D () C:\Users\Mack\AppData\Local\Packages
2014-03-06 12:58 - 2014-03-14 18:51 - 00000000 ____D () C:\Users\Mack\AppData\Local\Windows Live
2014-03-06 12:57 - 2014-03-06 12:58 - 00000000 ____D () C:\Users\Mack\AppData\Local\{8AAF604E-10BB-49D1-B5A3-4D6BAA09CCBA}
2014-03-06 02:32 - 2014-03-06 02:32 - 00001811 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-03-06 02:32 - 2014-03-06 02:32 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-03-06 02:32 - 2014-03-06 02:32 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-03-06 02:31 - 2014-03-06 02:37 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-03-06 02:31 - 2014-03-06 02:31 - 00000000 ____D () C:\Users\Mack\AppData\Local\Bluestacks

==================== One Month Modified Files and Folders =======

2014-04-05 09:40 - 2014-04-05 09:39 - 00023475 _____ () C:\Users\Mack\Downloads\FRST.txt
2014-04-05 09:39 - 2014-04-05 09:38 - 00000000 ____D () C:\FRST
2014-04-05 09:37 - 2012-05-05 08:18 - 01154201 _____ () C:\Windows\WindowsUpdate.log
2014-04-05 09:36 - 2014-04-05 09:35 - 02157056 _____ (Farbar) C:\Users\Mack\Downloads\FRST64.exe
2014-04-05 09:21 - 2009-07-14 02:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 09:21 - 2009-07-14 02:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 09:20 - 2012-05-05 08:43 - 00502010 _____ () C:\Windows\system32\perfh006.dat
2014-04-05 09:20 - 2012-05-05 08:43 - 00099060 _____ () C:\Windows\system32\perfc006.dat
2014-04-05 09:20 - 2009-07-14 03:13 - 01381788 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 09:17 - 2013-11-13 17:40 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-04-05 09:13 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 09:13 - 2009-07-14 02:51 - 00123035 _____ () C:\Windows\setupact.log
2014-04-04 23:48 - 2013-03-04 21:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-04 23:03 - 2013-05-25 21:22 - 00000000 ____D () C:\Users\Mack\AppData\Roaming\uTorrent
2014-04-04 13:50 - 2014-04-04 13:50 - 00215851 _____ () C:\Users\Mack\Downloads\Matt Preston's No Prove Bread Recipe.htm
2014-04-04 13:50 - 2014-04-04 13:50 - 00000000 ____D () C:\Users\Mack\Downloads\Matt Preston's No Prove Bread Recipe_files
2014-04-03 22:19 - 2012-08-27 22:53 - 00000000 ____D () C:\Users\Mack\AppData\Roaming\vlc
2014-04-02 09:19 - 2013-03-04 21:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-02 09:19 - 2010-11-21 01:47 - 00184802 _____ () C:\Windows\PFRO.log
2014-04-01 18:19 - 2013-09-01 21:00 - 00878431 _____ () C:\Users\Mack\danid.log
2014-04-01 09:27 - 2014-04-01 09:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-01 08:46 - 2012-08-20 17:45 - 00114640 _____ () C:\Users\Mack\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-31 22:59 - 2012-08-20 18:22 - 00000000 ____D () C:\Users\Mack\AppData\Roaming\SoftGrid Client
2014-03-29 20:36 - 2012-08-26 00:00 - 00000000 ____D () C:\Users\Mack\AppData\Local\CrashDumps
2014-03-29 13:18 - 2009-07-14 03:08 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-28 22:33 - 2014-03-16 11:06 - 00000000 ____D () C:\ProgramData\TakeTheCoupoN
2014-03-28 22:33 - 2014-01-31 14:42 - 00000000 ____D () C:\ProgramData\YTBlockeurApP
2014-03-25 14:47 - 2014-03-12 00:48 - 00002030 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-03-25 14:47 - 2012-05-05 08:30 - 00230412 _____ () C:\Windows\DPINST.LOG
2014-03-25 14:46 - 2012-03-26 04:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-23 18:51 - 2014-03-23 18:51 - 00000000 ____D () C:\Users\Mack\AppData\Local\{F17C6DEF-3B0D-4F63-B4D3-1E8356010E5A}
2014-03-23 18:48 - 2014-03-23 18:48 - 00000000 ____D () C:\Users\Mack\AppData\Local\{60EFE6F0-57A4-4BEE-BA27-7AC7A8D2C412}
2014-03-23 18:07 - 2014-03-23 18:07 - 00000000 ____D () C:\Users\Mack\AppData\Local\{1C886988-E320-4EB6-A372-73FBC01D8623}
2014-03-23 18:02 - 2014-03-23 18:02 - 00000000 ____D () C:\Users\Mack\AppData\Local\{87740E9C-19C1-4C0A-BF91-E8C74FED7619}
2014-03-23 18:01 - 2014-03-23 18:01 - 00000000 ____D () C:\Users\Mack\AppData\Local\{1CA64C21-7196-4C3B-9922-1295FEDEBE27}
2014-03-19 14:25 - 2013-10-03 11:51 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-19 00:46 - 2013-07-12 23:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 00:44 - 2013-02-06 03:07 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 01:22 - 2014-01-04 12:45 - 00000000 ____D () C:\Users\Mack\AppData\Roaming\Mp3tag
2014-03-16 12:17 - 2012-11-11 19:54 - 00000000 ____D () C:\Users\Mack\AppData\Roaming\Skype
2014-03-16 11:07 - 2014-01-19 00:07 - 00000000 ____D () C:\ProgramData\399ba3f247e23597
2014-03-14 18:51 - 2014-03-06 12:58 - 00000000 ____D () C:\Users\Mack\AppData\Local\Windows Live
2014-03-14 18:29 - 2014-03-14 18:29 - 00000000 ____D () C:\Users\Mack\AppData\Local\{06618443-4A39-4C5D-8A22-44E9CE62A5F3}
2014-03-14 09:32 - 2009-07-14 02:45 - 00451968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 18:20 - 2013-11-13 17:30 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-03-13 11:16 - 2013-03-14 11:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 11:16 - 2013-03-14 11:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 08:48 - 2013-03-04 21:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 08:48 - 2012-03-26 05:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 08:48 - 2012-03-26 05:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 08:03 - 2014-03-12 08:03 - 00000000 ____D () C:\Users\Mack\.android
2014-03-12 08:03 - 2012-08-20 17:45 - 00000000 ____D () C:\Users\Mack
2014-03-12 08:02 - 2014-03-12 08:02 - 00000000 ____D () C:\Users\Mack\.swt
2014-03-12 08:01 - 2014-03-12 08:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-03-12 07:41 - 2014-03-12 07:41 - 00000000 ____D () C:\Users\Mack\Documents\Sony
2014-03-12 00:47 - 2014-03-12 00:47 - 00000000 ____D () C:\ProgramData\Sony
2014-03-12 00:47 - 2014-03-12 00:47 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-12 00:36 - 2014-03-05 00:27 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-03-11 13:44 - 2014-03-11 13:43 - 00000022 _____ () C:\Users\Mack\Downloads\Outlook.zip
2014-03-10 21:25 - 2014-01-19 00:07 - 00000000 ____D () C:\Program Files (x86)\GS Supporter
2014-03-10 15:37 - 2014-01-31 14:42 - 00000000 ____D () C:\ProgramData\dfjlgobemlfdlcodimhfciikecepdnad
2014-03-07 19:05 - 2012-09-25 15:16 - 00000000 ____D () C:\Spil
2014-03-07 18:29 - 2012-08-27 22:48 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-07 18:27 - 2014-03-07 18:27 - 00000833 _____ () C:\Users\Mack\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-07 14:06 - 2014-03-07 14:06 - 00000000 ____D () C:\Users\Mack\AppData\Local\Packages
2014-03-06 12:58 - 2014-03-06 12:57 - 00000000 ____D () C:\Users\Mack\AppData\Local\{8AAF604E-10BB-49D1-B5A3-4D6BAA09CCBA}
2014-03-06 02:37 - 2014-03-06 02:31 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-03-06 02:33 - 2009-07-14 01:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-06 02:32 - 2014-03-06 02:32 - 00001811 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-03-06 02:32 - 2014-03-06 02:32 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-03-06 02:32 - 2014-03-06 02:32 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-03-06 02:31 - 2014-03-06 02:31 - 00000000 ____D () C:\Users\Mack\AppData\Local\Bluestacks

Some content of TEMP:
====================
C:\Users\Mack\AppData\Local\Temp\07D52C25.dll
C:\Users\Mack\AppData\Local\Temp\07F23B07.dll
C:\Users\Mack\AppData\Local\Temp\081F2EE0.dll
C:\Users\Mack\AppData\Local\Temp\083D5A28.dll
C:\Users\Mack\AppData\Local\Temp\083D5BBA.dll
C:\Users\Mack\AppData\Local\Temp\0842BA53.dll
C:\Users\Mack\AppData\Local\Temp\087A2BBD.dll
C:\Users\Mack\AppData\Local\Temp\087A2BDD.dll
C:\Users\Mack\AppData\Local\Temp\08915DEF.dll
C:\Users\Mack\AppData\Local\Temp\089506DD.dll
C:\Users\Mack\AppData\Local\Temp\0C9D7686.dll
C:\Users\Mack\AppData\Local\Temp\0CC77454.dll
C:\Users\Mack\AppData\Local\Temp\0FB8A9B0.dll
C:\Users\Mack\AppData\Local\Temp\0FB8CA89.dll
C:\Users\Mack\AppData\Local\Temp\0FBD070C.dll
C:\Users\Mack\AppData\Local\Temp\124A928E.dll
C:\Users\Mack\AppData\Local\Temp\1296318C.dll
C:\Users\Mack\AppData\Local\Temp\14EA2BE1.dll
C:\Users\Mack\AppData\Local\Temp\166180B8.dll
C:\Users\Mack\AppData\Local\Temp\1662E804.dll
C:\Users\Mack\AppData\Local\Temp\171E3A72.dll
C:\Users\Mack\AppData\Local\Temp\188533C0.dll
C:\Users\Mack\AppData\Local\Temp\1C3C77D2.dll
C:\Users\Mack\AppData\Local\Temp\1C66A09D.dll
C:\Users\Mack\AppData\Local\Temp\1C766E5D.dll
C:\Users\Mack\AppData\Local\Temp\1C904185.dll
C:\Users\Mack\AppData\Local\Temp\1C9432E5.dll
C:\Users\Mack\AppData\Local\Temp\1EF252E1.dll
C:\Users\Mack\AppData\Local\Temp\21911802.dll
C:\Users\Mack\AppData\Local\Temp\25C3D2E9.dll
C:\Users\Mack\AppData\Local\Temp\25C4EC69.dll
C:\Users\Mack\AppData\Local\Temp\2636321C.dll
C:\Users\Mack\AppData\Local\Temp\26ED6B15.dll
C:\Users\Mack\AppData\Local\Temp\28240961.dll
C:\Users\Mack\AppData\Local\Temp\282713B1.dll
C:\Users\Mack\AppData\Local\Temp\2827A26C.dll
C:\Users\Mack\AppData\Local\Temp\3B91AD4E.dll
C:\Users\Mack\AppData\Local\Temp\3D47C3E6.dll
C:\Users\Mack\AppData\Local\Temp\3D488C25.dll
C:\Users\Mack\AppData\Local\Temp\3D584A75.dll
C:\Users\Mack\AppData\Local\Temp\455D96A9.dll
C:\Users\Mack\AppData\Local\Temp\4563EC0B.dll
C:\Users\Mack\AppData\Local\Temp\4564F172.dll
C:\Users\Mack\AppData\Local\Temp\46753F2F.dll
C:\Users\Mack\AppData\Local\Temp\46DE87E9.dll
C:\Users\Mack\AppData\Local\Temp\52FF2C45.dll
C:\Users\Mack\AppData\Local\Temp\560B7691.dll
C:\Users\Mack\AppData\Local\Temp\56A6EF27.dll
C:\Users\Mack\AppData\Local\Temp\5F824C45.dll
C:\Users\Mack\AppData\Local\Temp\6584BA21.dll
C:\Users\Mack\AppData\Local\Temp\658706A3.dll
C:\Users\Mack\AppData\Local\Temp\6C9683C4.dll
C:\Users\Mack\AppData\Local\Temp\6C98A198.dll
C:\Users\Mack\AppData\Local\Temp\6C99FB22.dll
C:\Users\Mack\AppData\Local\Temp\6E66BCD5.dll
C:\Users\Mack\AppData\Local\Temp\6E8B3BF0.dll
C:\Users\Mack\AppData\Local\Temp\6EAC9312.dll
C:\Users\Mack\AppData\Local\Temp\6EBB2428.dll
C:\Users\Mack\AppData\Local\Temp\6EFFDE7A.dll
C:\Users\Mack\AppData\Local\Temp\6F3DE05C.dll
C:\Users\Mack\AppData\Local\Temp\6F5943B1.dll
C:\Users\Mack\AppData\Local\Temp\6F5F8E52.dll
C:\Users\Mack\AppData\Local\Temp\6F71B9BF.dll
C:\Users\Mack\AppData\Local\Temp\6FCD5A23.dll
C:\Users\Mack\AppData\Local\Temp\71E7055B.dll
C:\Users\Mack\AppData\Local\Temp\747C89BF.dll
C:\Users\Mack\AppData\Local\Temp\7497A319.dll
C:\Users\Mack\AppData\Local\Temp\74A72013.dll
C:\Users\Mack\AppData\Local\Temp\74EDDE0B.dll
C:\Users\Mack\AppData\Local\Temp\76E49376.dll
C:\Users\Mack\AppData\Local\Temp\7922E7D0.dll
C:\Users\Mack\AppData\Local\Temp\7923BE78.dll
C:\Users\Mack\AppData\Local\Temp\7933B012.dll
C:\Users\Mack\AppData\Local\Temp\79549A85.dll
C:\Users\Mack\AppData\Local\Temp\79723343.dll
C:\Users\Mack\AppData\Local\Temp\799B08A0.dll
C:\Users\Mack\AppData\Local\Temp\7A46880F.dll
C:\Users\Mack\AppData\Local\Temp\7B287DE5.dll
C:\Users\Mack\AppData\Local\Temp\7E481BB4.dll
C:\Users\Mack\AppData\Local\Temp\83CA6B55.dll
C:\Users\Mack\AppData\Local\Temp\8431937F.dll
C:\Users\Mack\AppData\Local\Temp\8A32BD75.dll
C:\Users\Mack\AppData\Local\Temp\8B172616.dll
C:\Users\Mack\AppData\Local\Temp\91AD127C.dll
C:\Users\Mack\AppData\Local\Temp\92EFCE7C.dll
C:\Users\Mack\AppData\Local\Temp\92F054FB.dll
C:\Users\Mack\AppData\Local\Temp\9453281C.dll
C:\Users\Mack\AppData\Local\Temp\9455E5D6.dll
C:\Users\Mack\AppData\Local\Temp\94585259.dll
C:\Users\Mack\AppData\Local\Temp\945A3A7F.dll
C:\Users\Mack\AppData\Local\Temp\945ADB9D.dll
C:\Users\Mack\AppData\Local\Temp\945CEDCC.dll
C:\Users\Mack\AppData\Local\Temp\9845B137.dll
C:\Users\Mack\AppData\Local\Temp\9851DCE9.dll
C:\Users\Mack\AppData\Local\Temp\9FDDCD0E.dll
C:\Users\Mack\AppData\Local\Temp\9FDDD5D4.dll
C:\Users\Mack\AppData\Local\Temp\A843BA99.dll
C:\Users\Mack\AppData\Local\Temp\B1EA21F2.dll
C:\Users\Mack\AppData\Local\Temp\B5F2C239.dll
C:\Users\Mack\AppData\Local\Temp\B5F92DE3.dll
C:\Users\Mack\AppData\Local\Temp\B66D0B6C.dll
C:\Users\Mack\AppData\Local\Temp\B8D35927.dll
C:\Users\Mack\AppData\Local\Temp\BA995F93.dll
C:\Users\Mack\AppData\Local\Temp\BA998620.dll
C:\Users\Mack\AppData\Local\Temp\BAA5E6B7.dll
C:\Users\Mack\AppData\Local\Temp\BAA77391.dll
C:\Users\Mack\AppData\Local\Temp\BABFFC87.dll
C:\Users\Mack\AppData\Local\Temp\BAC1BA9D.dll
C:\Users\Mack\AppData\Local\Temp\BAC23B36.dll
C:\Users\Mack\AppData\Local\Temp\C5C48145.dll
C:\Users\Mack\AppData\Local\Temp\C5D8D539.dll
C:\Users\Mack\AppData\Local\Temp\CC1222C4.dll
C:\Users\Mack\AppData\Local\Temp\CC13A344.dll
C:\Users\Mack\AppData\Local\Temp\CC14BBDA.dll
C:\Users\Mack\AppData\Local\Temp\D6EB9E2C.dll
C:\Users\Mack\AppData\Local\Temp\DBC1E7B3.dll
C:\Users\Mack\AppData\Local\Temp\DBC72386.dll
C:\Users\Mack\AppData\Local\Temp\DBC82501.dll
C:\Users\Mack\AppData\Local\Temp\DBC92005.dll
C:\Users\Mack\AppData\Local\Temp\DBD2E22E.dll
C:\Users\Mack\AppData\Local\Temp\E56BDC3C.dll
C:\Users\Mack\AppData\Local\Temp\E56C8313.dll
C:\Users\Mack\AppData\Local\Temp\E5E7D70D.dll
C:\Users\Mack\AppData\Local\Temp\E91D88E0.dll
C:\Users\Mack\AppData\Local\Temp\EACA8DE2.dll
C:\Users\Mack\AppData\Local\Temp\EACB1AD7.dll
C:\Users\Mack\AppData\Local\Temp\EACD1880.dll
C:\Users\Mack\AppData\Local\Temp\EACD2945.dll
C:\Users\Mack\AppData\Local\Temp\EACD618E.dll
C:\Users\Mack\AppData\Local\Temp\EFC3F207.dll
C:\Users\Mack\AppData\Local\Temp\F1829151.dll
C:\Users\Mack\AppData\Local\Temp\FA2A1640.dll
C:\Users\Mack\AppData\Local\Temp\FDC68117.dll
C:\Users\Mack\AppData\Local\Temp\htmlayout.dll
C:\Users\Mack\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Mack\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Mack\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Mack\AppData\Local\Temp\toolbar10592514.exe
C:\Users\Mack\AppData\Local\Temp\toolbar10592748.exe
C:\Users\Mack\AppData\Local\Temp\uninst1.exe
C:\Users\Mack\AppData\Local\Temp\uninstall31469083.exe
C:\Users\Mack\AppData\Local\Temp\uninstall31478755.exe
C:\Users\Mack\AppData\Local\Temp\uninstall31478770.exe
C:\Users\Mack\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Mack\AppData\Local\Temp\wyulagcr.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 23:57

==================== End Of Log ============================

 

Attached File  Shortcut.txt   49.51KB   333 downloads

Attached File  Addition.txt   40.56KB   89 downloads


  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts

Attempt to remove GS Supporter 1.80 throughout the Control Panel.

Download the enclosed file. Attached File  fixlist.txt   223bytes   88 downloads

Save it in the same location FRST is saved.

Open FRST and click on the Fix button.

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

Rerun FRST and post the new FRST.txt


  • 0

#5
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Thought it would be easier this way:

Attached File  Fixlog.txt   740bytes   60 downloads

Attached File  FRST.txt   44.71KB   57 downloads

Attached File  JRT.txt   5.72KB   80 downloads

Attached File  AdwCleanerS0.txt   3.65KB   88 downloads


  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts

Some how you received the wrong fixlist.txt. Here we go again,

 

Attempt to remove GS Supporter 1.80 throughout the Control Panel.

Download the enclosed file. Attached File  fixlist.txt   8.71KB   105 downloads

Save it in the same location FRST is saved.

Open FRST and click on the Fix button.

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.

 

Rerun FRST and post the new FRST.txt


  • 0

#7
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Attached File  Fixlog.txt   22.25KB   75 downloads

Attached File  FRST.txt   35.11KB   64 downloads


  • 0

#8
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Oh my!!
The GS Supporter folder has been deleted!!
Finally.. :D

I hope it'll stay that way..

 

Thank you so much for your help...

Keep up the good work...


  • 0

#9
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts

We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore

delfix.jpg

  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

How is the computer doing?


  • 0

#10
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

I downloaded Delfix and did what you asked me to do, but unfortunately I accidentally closed notepad.

Does Delfix save the log somewhere?

 

But other than that, the computer seems to be fine! xD


  • 0

#11
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

It deleted the following text files: FRST, addition, fixlog, fixlist and JRT.

Somehow it didn't deleted Shortcut text file.

All of the programs that I used are deleted..


  • 0

#12
IncisuraGL

IncisuraGL

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Ooh.. I found the DelFix log.. xD

Here it is:

 

# DelFix v10.6 - Logfile created 08/04/2014 at 13:02:52
# Updated 11/11/2013 by Xplode
# Username : Mack - Mack-Pc
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Mack\Desktop\JRT.txt
Deleted : C:\Users\Mack\Downloads\Addition.txt
Deleted : C:\Users\Mack\Downloads\AdwCleaner.exe
Deleted : C:\Users\Mack\Downloads\Fixlog.txt
Deleted : C:\Users\Mack\Downloads\FRST.txt
Deleted : C:\Users\Mack\Downloads\FRST64.exe
Deleted : C:\Users\Mack\Downloads\JRT.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #130 [Sony PC Companion | 03/12/2014 02:48:55]
Deleted : RP #131 [Sony PC Companion | 03/12/2014 09:43:08]
Deleted : RP #132 [Installation af enhedsdriverpakke: Sony | 03/12/2014 09:50:47]
Deleted : RP #133 [Installation af enhedsdriverpakke: Sony Netværkskort | 03/12/2014 09:51:05]
Deleted : RP #134 [Windows Update | 03/13/2014 02:45:16]
Deleted : RP #135 [Windows Update | 03/14/2014 03:09:31]
Deleted : RP #136 [Windows Update | 03/19/2014 02:44:21]
Deleted : RP #137 [Planlagt kontrolpunkt | 03/26/2014 19:55:17]
Deleted : RP #138 [Planlagt kontrolpunkt | 04/03/2014 13:20:46]

New restore point created !

########## - EOF - ##########
 


  • 0

#13
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,958 posts
Congratulations.
 
Manually remove any tool or related folder or file left.
 
Here are some suggestions.
  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft.  To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article   by Miekiemoes.
 
Best wishes! icon_hello.gif
  • 0






Similar Topics


Also tagged with one or more of these keywords: GS Supporter, Adware-Bprotect, Virus, Adware, Malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP