[jsgraphics]

Hi.

 

My wife was trying to install what she thought was an updated version of Java, but now we can't seem to get her laptop to boot up normally. I don't know enough about this to know what I should do.

 

She has a Dell Inspiron, running windows 7. When I try to boot, it says that the system didn't shut down normally. I hit enter on the try to start, and the machine keeps flipping back from the default background screen saying "please wait" to black every few seconds.

 

I then tried to start in safe mode. After a few mins, I was able to get to the password prompt. I entered the password, and got this message:

 

"The User Profile Service service failed the logon.

The remote procedure call failed and did not execute"

 

I could really use some help.

 

Thanks!

[Advertisements]

Welcome
 
Lets give it a try.
 
Please download Farbar Recovery Scan Tool and save it to a flash drive.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
Plug the flash drive into the infected PC.

• If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.
   
  If you are using Vista or Windows 7 enter System Recovery Options.
   
  To enter System Recovery Options from the Advanced Boot Options:
• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.
• Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
  To make a repair disk on Windows 7 consult: http://www.sevenforu...isc-create.html
   
   
  To enter System Recovery Options by using Windows installation disc:
• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.
• On the System Recovery Options menu you will get the following options:
• Startup Repair
• System Restore
• Windows Complete PC Restore
• Windows Memory Diagnostic Tool
• Command Prompt
• Select Command Prompt
   
  Once in the Command Prompt:
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[JSntgRvr]

Welcome
 
Lets give it a try.
 
Please download Farbar Recovery Scan Tool and save it to a flash drive.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
Plug the flash drive into the infected PC.

• If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.
   
  If you are using Vista or Windows 7 enter System Recovery Options.
   
  To enter System Recovery Options from the Advanced Boot Options:
• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.
• Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
  To make a repair disk on Windows 7 consult: http://www.sevenforu...isc-create.html
   
   
  To enter System Recovery Options by using Windows installation disc:
• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.
• On the System Recovery Options menu you will get the following options:
• Startup Repair
• System Restore
• Windows Complete PC Restore
• Windows Memory Diagnostic Tool
• Command Prompt
• Select Command Prompt
   
  Once in the Command Prompt:
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[jsgraphics]

Thank you for getting back to me so quickly.

 

I ran the FRST scan on the infected computer, and here is the log. 

 

Please let me know the next step I need to take.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-07-2014 01
Ran by SYSTEM on MININT-Q425DS5 on 23-07-2014 14:21:10
Running from G:\
Platform: Windows 7 Enterprise Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [upfst_us_154.exe] => C:\Users\jack\AppData\Local\fst_us_154\upfst_us_154.exe [3321312 2014-07-11] ()
HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\jack\...\Run: [Optimizer Pro] => C:\Program Files\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\jack\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe [2218856 2014-07-15] (GOOBZO)
HKU\jack\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-04-01] ()
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [94088 2014-07-15] (Skytech Co., Ltd.)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk
ShortcutTarget: Storm Alerts.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk
ShortcutTarget: StormAlerts.lnk ->  (No File)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

========================== Services (Whitelisted) =================

S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-11-08] (APN LLC.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36424 2014-06-18] (Just Develop It)
S2 ca82e1a5; c:\Program Files\Optimizer Pro\OptProCrashSvc.dll [186496 2014-05-23] ()
S2 click-n-mark; C:\Program Files\di8click-n-mark\S6click-n-markvm175.exe [158720 2014-07-15] ()
S2 consumerinput_update; C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2014-07-15] (ConsumerInput)
S3 consumerinput_updatem; C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2014-07-15] (ConsumerInput)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-15] (globalUpdate)
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-15] (globalUpdate)
S2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [759688 2014-07-15] (Cherished Technololgy LIMITED)
S2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 KDUpdater; C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe [229696 2014-07-15] (KeyDownload)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 MediaDevSrv; C:\ProgramData\MediaDev\1405434992\mediadev.exe [367976 2014-07-15] (VM Host Corporation)
S2 Mext Guard; C:\Program Files\V-bates\guardsvc.exe [128800 2014-07-02] (Wajamu)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936 2014-03-18] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-03] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-03] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 RBClientService; C:\Program Files\Right Backup\RBClientService.exe [48240 2014-07-11] (Systweak)
S2 servervo; C:\Users\jack\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-07-15] ()
S2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [1813352 2014-05-26] (Search Module Ltd.)
S2 System guard; C:\Program Files\KeyDownload\KeyPlayr\guardnot.exe [122576 2014-05-10] (KeyDownload)
S2 Update Fralimbo; C:\Program Files\Fralimbo\updateFralimbo.exe [321824 2014-07-15] ()
S2 Update Okiitan; C:\Program Files\Okiitan\updateOkiitan.exe [319256 2014-07-15] ()
S2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [210208 2014-07-02] ()
S2 WinDevSvc; C:\ProgramData\Online\sv.exe [392552 2014-07-15] (VM Host Corporation)
S2 YouTubeAcceleratorService; C:\Program Files\YouTube Accelerator\YouTubeAcceleratorService.exe [1502056 2014-07-15] (GOOBZO)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-15] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-15] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-07-15] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-15] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-15] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [192352 2014-07-15] ()
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61400 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134600 2014-04-03] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236672 2014-04-03] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-04-03] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [367776 2014-04-03] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [574576 2014-04-03] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [215624 2014-04-03] (McAfee, Inc.)
S3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [31592 2014-05-26] ()
S1 qknfd; system32\drivers\qknfd.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-23 14:21 - 2014-07-23 14:21 - 00000000 ____D () C:\FRST
2014-07-15 07:44 - 2014-07-15 07:44 - 00000000 _____ () C:\Users\jack\AppData\Local\{A5FA359D-A3AB-4288-B41B-069182160273}
2014-07-15 07:41 - 2014-07-15 07:41 - 00000000 _____ () C:\HttpProxy_36_4224_1405438882.dmp
2014-07-15 07:04 - 2014-07-15 07:04 - 00001087 _____ () C:\Users\jack\Desktop\Continue VuuPC Installation.lnk
2014-07-15 07:04 - 2014-07-15 07:04 - 00000000 ____D () C:\Users\jack\AppData\Roaming\AVAST Software
2014-07-15 07:03 - 2014-07-15 07:03 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-15 07:01 - 2014-07-15 07:03 - 00414520 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00779536 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00276432 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-07-15 07:01 - 2014-07-15 07:01 - 00192352 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00081768 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00071944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00067824 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00049944 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-15 07:01 - 2014-07-15 07:01 - 00024184 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2014-07-15 06:52 - 2014-07-15 06:52 - 00000000 ____D () C:\Users\jack\AppData\Roaming\Compete
2014-07-15 06:51 - 2014-07-15 06:51 - 00000000 ____D () C:\Users\jack\AppData\Local\IsolatedStorage
2014-07-15 06:51 - 2014-07-15 06:51 - 00000000 ____D () C:\rbtemp
2014-07-15 06:50 - 2014-07-15 06:52 - 00000000 ____D () C:\Program Files\Right Backup
2014-07-15 06:50 - 2014-07-15 06:50 - 00001163 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-15 06:50 - 2014-07-15 06:50 - 00001012 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-07-15 06:49 - 2014-07-15 06:50 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-15 06:49 - 2014-07-15 06:50 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-07-15 06:49 - 2014-07-15 06:49 - 00002052 _____ () C:\Users\jack\Desktop\WeatherBug®.lnk
2014-07-15 06:49 - 2014-07-15 06:49 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-15 06:49 - 2012-07-25 08:03 - 00017136 _____ () C:\Windows\System32\sasnative32.exe
2014-07-15 06:48 - 2014-07-15 06:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-15 06:47 - 2014-07-15 06:52 - 00000000 ____D () C:\Users\jack\AppData\Roaming\Systweak
2014-07-15 06:47 - 2014-07-15 06:49 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-15 06:47 - 2014-07-15 06:48 - 00002946 _____ () C:\Users\jack\AppData\Roaming\aps.scan.results
2014-07-15 06:47 - 2014-07-15 06:48 - 00001216 _____ () C:\Users\jack\AppData\Roaming\aps.scan.quick.results
2014-07-15 06:47 - 2014-07-15 06:48 - 00000320 _____ () C:\Users\jack\AppData\Roaming\aps.uninstall.scan.results
2014-07-15 06:47 - 2014-07-15 06:47 - 00000000 ____D () C:\Windows\Sun
2014-07-15 06:47 - 2014-07-15 06:47 - 00000000 ____D () C:\Users\jack\AppData\Local\Weather_Warnings_LLC
2014-07-15 06:46 - 2014-07-15 06:51 - 00000000 ____D () C:\Program Files\Consumer Input
2014-07-15 06:46 - 2014-07-15 06:47 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-15 06:46 - 2014-07-15 06:47 - 00000000 ____D () C:\Program Files\SupTab
2014-07-15 06:46 - 2014-07-15 06:46 - 00001049 _____ () C:\Users\jack\Desktop\MyPC Backup.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00001012 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00001007 _____ () C:\Users\jack\Desktop\AnyProtect.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\Users\jack\AppData\Local\Consumer Input
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\Adblocker
2014-07-15 06:46 - 2014-06-30 13:55 - 00018792 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\System32\roboot.exe
2014-07-15 06:45 - 2014-07-15 07:03 - 00000000 ____D () C:\Users\jack\AppData\Local\StormAlerts
2014-07-15 06:45 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-07-15 06:45 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\ProgramData\pricechop
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\Program Files\pricechop
2014-07-15 06:45 - 2014-07-14 10:11 - 00573339 _____ (ClickMeIn Limited) C:\Users\jack\AppData\Local\AnyProtectScannerSetup.exe
2014-07-15 06:44 - 2014-07-15 06:45 - 00000600 __RSH () C:\ProgramData\ntuser.pol
2014-07-15 06:44 - 2014-07-15 06:45 - 00000000 ____D () C:\Users\jack\AppData\Local\TidyNetwork
2014-07-15 06:44 - 2014-07-15 06:45 - 00000000 ____D () C:\Program Files\TidyNetwork
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\HomeGroupUser$
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\Guest
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\Administrator
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\ProgramData\CostMin
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\di8click-n-mark
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\CostMin
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\BrowseIgnite
2014-07-15 06:42 - 2014-07-15 06:43 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (8).exe
2014-07-15 06:41 - 2014-07-15 06:41 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (7).exe
2014-07-15 06:36 - 2014-07-15 06:36 - 00000000 ____D () C:\ProgramData\MediaDev
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60.exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60 (2).exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60 (1).exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-15 06:33 - 2014-07-15 06:33 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
2014-07-15 06:32 - 2014-07-15 06:32 - 00000000 ____D () C:\ProgramData\APN
2014-07-15 06:31 - 2014-07-15 06:31 - 00000000 ____D () C:\ProgramData\UpdateTask
2014-07-15 06:29 - 2014-05-19 11:01 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-07-15 06:29 - 2014-05-19 11:01 - 00175528 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-07-15 06:29 - 2014-05-19 11:01 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-07-15 06:28 - 2014-07-15 06:28 - 00001133 _____ () C:\Users\Public\Desktop\KEYPLAYER media player.lnk
2014-07-15 06:28 - 2014-07-15 06:28 - 00000000 ____D () C:\ProgramData\Ascentive
2014-07-15 06:27 - 2014-07-15 06:30 - 00000000 ____D () C:\Program Files\Okiitan
2014-07-15 06:27 - 2014-07-15 06:30 - 00000000 ____D () C:\Program Files\Fralimbo
2014-07-15 06:26 - 2014-07-15 06:29 - 00000000 ____D () C:\Users\jack\AppData\Roaming\VOPackage
2014-07-15 06:25 - 2014-07-15 06:25 - 00001108 _____ () C:\Users\jack\Desktop\YouTube Accelerator.lnk
2014-07-15 06:25 - 2014-07-15 06:25 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-15 06:24 - 2014-07-15 06:29 - 00000000 ____D () C:\Program Files\YouTube Accelerator
2014-07-15 06:24 - 2014-07-15 06:25 - 00000000 ____D () C:\Program Files\KeyDownload
2014-07-15 06:24 - 2014-07-15 06:24 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) C:\Windows\System32\AniGIF.ocx
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Users\jack\AppData\Local\globalUpdate
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\ProgramData\SearchModule
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2014-07-15 06:23 - 2014-07-15 07:46 - 00000000 ____D () C:\Users\jack\AppData\Local\fst_us_154
2014-07-15 06:23 - 2014-07-15 06:50 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-15 06:23 - 2014-07-15 06:31 - 00000000 ____D () C:\Program Files\HD-Quality-v2
2014-07-15 06:23 - 2014-07-15 06:30 - 00000000 ____D () C:\Users\jack\AppData\Local\Idle~Crawler
2014-07-15 06:23 - 2014-07-15 06:23 - 00000045 _____ () C:\user.js
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\Downloaded Installations
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\CrashRpt
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Program Files\V-bates
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Program Files\fst_us_154
2014-07-15 06:22 - 2014-07-15 06:36 - 00000000 ____D () C:\ProgramData\UpdateCommon
2014-07-15 06:21 - 2014-07-15 06:43 - 00000000 ____D () C:\Users\jack\AppData\Roaming\serv
2014-07-15 06:21 - 2014-07-15 06:43 - 00000000 ____D () C:\ProgramData\Online
2014-07-15 06:21 - 2014-07-15 06:21 - 05314072 _____ () C:\Users\jack\Downloads\FinallyFast.setup.exe
2014-07-15 06:21 - 2014-07-15 06:21 - 05314072 _____ () C:\Users\jack\Downloads\FinallyFast.setup (1).exe
2014-07-15 06:21 - 2014-07-15 06:21 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (6).exe
2014-07-15 06:17 - 2014-07-15 06:17 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (5).exe
2014-07-15 06:13 - 2014-07-15 06:13 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (4).exe
2014-07-15 06:08 - 2014-07-15 06:08 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (3).exe
2014-07-15 06:07 - 2014-07-15 06:07 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (2).exe
2014-07-15 05:56 - 2014-07-15 05:56 - 00575832 _____ () C:\Users\jack\Downloads\install-flashplayer.exe
2014-07-15 05:52 - 2014-07-15 05:52 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (1).exe
2014-07-15 05:47 - 2014-07-15 05:47 - 05572640 _____ (383 Media, Inc.) C:\Users\jack\Downloads\DriverRestore.exe
2014-07-15 05:47 - 2014-07-15 05:47 - 05572640 _____ (383 Media, Inc.) C:\Users\jack\Downloads\DriverRestore (1).exe
2014-07-15 05:46 - 2014-07-15 05:46 - 00002701 _____ () C:\Users\jack\Downloads\legitcheck.hta
2014-07-10 04:04 - 2014-07-10 04:04 - 00971560 _____ () C:\Users\jack\Downloads\java_installer.exe
2014-07-10 03:58 - 2014-07-10 03:58 - 01508456 _____ () C:\Windows\Minidump\071014-24351-01.dmp
2014-07-08 10:42 - 2014-07-08 10:42 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2014-07-05 08:34 - 2014-07-05 08:34 - 01511584 _____ () C:\Windows\Minidump\070514-25630-01.dmp
2014-06-25 18:02 - 2014-06-30 18:06 - 00000000 ____D () C:\ProgramData\FllaasshCooupon

==================== One Month Modified Files and Folders =======

2014-07-23 14:21 - 2014-07-23 14:21 - 00000000 ____D () C:\FRST
2014-07-23 06:36 - 2014-05-23 16:12 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-23 06:34 - 2009-07-13 20:39 - 00036869 _____ () C:\Windows\setupact.log
2014-07-15 08:53 - 2013-01-29 14:05 - 02092489 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 08:52 - 2009-07-13 20:34 - 00017264 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 08:52 - 2009-07-13 20:34 - 00017264 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 07:46 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\fst_us_154
2014-07-15 07:44 - 2014-07-15 07:44 - 00000000 _____ () C:\Users\jack\AppData\Local\{A5FA359D-A3AB-4288-B41B-069182160273}
2014-07-15 07:41 - 2014-07-15 07:41 - 00000000 _____ () C:\HttpProxy_36_4224_1405438882.dmp
2014-07-15 07:40 - 2013-03-14 14:04 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-15 07:30 - 2010-11-20 13:48 - 00047862 _____ () C:\Windows\PFRO.log
2014-07-15 07:29 - 2013-02-05 16:08 - 00000000 ____D () C:\Program Files\Google
2014-07-15 07:04 - 2014-07-15 07:04 - 00001087 _____ () C:\Users\jack\Desktop\Continue VuuPC Installation.lnk
2014-07-15 07:04 - 2014-07-15 07:04 - 00000000 ____D () C:\Users\jack\AppData\Roaming\AVAST Software
2014-07-15 07:03 - 2014-07-15 07:03 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-15 07:03 - 2014-07-15 07:01 - 00414520 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-07-15 07:03 - 2014-07-15 06:45 - 00000000 ____D () C:\Users\jack\AppData\Local\StormAlerts
2014-07-15 07:01 - 2014-07-15 07:01 - 00779536 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00276432 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-07-15 07:01 - 2014-07-15 07:01 - 00192352 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00081768 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00071944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00067824 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00049944 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-07-15 07:01 - 2014-07-15 07:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-15 07:01 - 2014-07-15 07:01 - 00024184 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2014-07-15 06:52 - 2014-07-15 06:52 - 00000000 ____D () C:\Users\jack\AppData\Roaming\Compete
2014-07-15 06:52 - 2014-07-15 06:50 - 00000000 ____D () C:\Program Files\Right Backup
2014-07-15 06:52 - 2014-07-15 06:47 - 00000000 ____D () C:\Users\jack\AppData\Roaming\Systweak
2014-07-15 06:51 - 2014-07-15 06:51 - 00000000 ____D () C:\Users\jack\AppData\Local\IsolatedStorage
2014-07-15 06:51 - 2014-07-15 06:51 - 00000000 ____D () C:\rbtemp
2014-07-15 06:51 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\Consumer Input
2014-07-15 06:50 - 2014-07-15 06:50 - 00001163 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-15 06:50 - 2014-07-15 06:50 - 00001012 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-07-15 06:50 - 2014-07-15 06:49 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-15 06:50 - 2014-07-15 06:49 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-07-15 06:50 - 2014-07-15 06:23 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-15 06:49 - 2014-07-15 06:49 - 00002052 _____ () C:\Users\jack\Desktop\WeatherBug®.lnk
2014-07-15 06:49 - 2014-07-15 06:49 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-15 06:49 - 2014-07-15 06:47 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-15 06:48 - 2014-07-15 06:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-15 06:48 - 2014-07-15 06:47 - 00002946 _____ () C:\Users\jack\AppData\Roaming\aps.scan.results
2014-07-15 06:48 - 2014-07-15 06:47 - 00001216 _____ () C:\Users\jack\AppData\Roaming\aps.scan.quick.results
2014-07-15 06:48 - 2014-07-15 06:47 - 00000320 _____ () C:\Users\jack\AppData\Roaming\aps.uninstall.scan.results
2014-07-15 06:47 - 2014-07-15 06:47 - 00000000 ____D () C:\Windows\Sun
2014-07-15 06:47 - 2014-07-15 06:47 - 00000000 ____D () C:\Users\jack\AppData\Local\Weather_Warnings_LLC
2014-07-15 06:47 - 2014-07-15 06:46 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-15 06:47 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\SupTab
2014-07-15 06:47 - 2014-06-14 13:12 - 00000000 ____D () C:\ProgramData\84e1809b79a89613
2014-07-15 06:46 - 2014-07-15 06:46 - 00001049 _____ () C:\Users\jack\Desktop\MyPC Backup.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00001012 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00001007 _____ () C:\Users\jack\Desktop\AnyProtect.lnk
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\Users\jack\AppData\Local\Consumer Input
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-15 06:46 - 2014-07-15 06:46 - 00000000 ____D () C:\Program Files\Adblocker
2014-07-15 06:46 - 2014-07-15 06:45 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-07-15 06:46 - 2014-07-15 06:45 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-07-15 06:46 - 2014-05-23 16:08 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\ProgramData\pricechop
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-15 06:45 - 2014-07-15 06:45 - 00000000 ____D () C:\Program Files\pricechop
2014-07-15 06:45 - 2014-07-15 06:44 - 00000600 __RSH () C:\ProgramData\ntuser.pol
2014-07-15 06:45 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\TidyNetwork
2014-07-15 06:45 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\TidyNetwork
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\jack\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\HomeGroupUser$
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\Guest
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\users\Administrator
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\ProgramData\CostMin
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\di8click-n-mark
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\CostMin
2014-07-15 06:44 - 2014-07-15 06:44 - 00000000 ____D () C:\Program Files\BrowseIgnite
2014-07-15 06:44 - 2013-02-05 16:08 - 00000000 ____D () C:\Users\jack\AppData\Local\Google
2014-07-15 06:44 - 2009-07-13 18:37 - 00000000 ___HD () C:\Windows\System32\GroupPolicy
2014-07-15 06:44 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-15 06:44 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\Services
2014-07-15 06:43 - 2014-07-15 06:42 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (8).exe
2014-07-15 06:43 - 2014-07-15 06:21 - 00000000 ____D () C:\Users\jack\AppData\Roaming\serv
2014-07-15 06:43 - 2014-07-15 06:21 - 00000000 ____D () C:\ProgramData\Online
2014-07-15 06:41 - 2014-07-15 06:41 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (7).exe
2014-07-15 06:36 - 2014-07-15 06:36 - 00000000 ____D () C:\ProgramData\MediaDev
2014-07-15 06:36 - 2014-07-15 06:22 - 00000000 ____D () C:\ProgramData\UpdateCommon
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60.exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60 (2).exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00918952 _____ (Oracle Corporation) C:\Users\jack\Downloads\chromeinstall-7u60 (1).exe
2014-07-15 06:33 - 2014-07-15 06:33 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-15 06:33 - 2014-07-15 06:33 - 00000000 ____D () C:\Program Files\AskPartnerNetwork
2014-07-15 06:32 - 2014-07-15 06:32 - 00000000 ____D () C:\ProgramData\APN
2014-07-15 06:32 - 2014-05-19 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-15 06:31 - 2014-07-15 06:31 - 00000000 ____D () C:\ProgramData\UpdateTask
2014-07-15 06:31 - 2014-07-15 06:23 - 00000000 ____D () C:\Program Files\HD-Quality-v2
2014-07-15 06:30 - 2014-07-15 06:27 - 00000000 ____D () C:\Program Files\Okiitan
2014-07-15 06:30 - 2014-07-15 06:27 - 00000000 ____D () C:\Program Files\Fralimbo
2014-07-15 06:30 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\Idle~Crawler
2014-07-15 06:29 - 2014-07-15 06:26 - 00000000 ____D () C:\Users\jack\AppData\Roaming\VOPackage
2014-07-15 06:29 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\YouTube Accelerator
2014-07-15 06:28 - 2014-07-15 06:28 - 00001133 _____ () C:\Users\Public\Desktop\KEYPLAYER media player.lnk
2014-07-15 06:28 - 2014-07-15 06:28 - 00000000 ____D () C:\ProgramData\Ascentive
2014-07-15 06:28 - 2014-05-19 11:01 - 00000000 ____D () C:\Program Files\Java
2014-07-15 06:25 - 2014-07-15 06:25 - 00001108 _____ () C:\Users\jack\Desktop\YouTube Accelerator.lnk
2014-07-15 06:25 - 2014-07-15 06:25 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-15 06:25 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\KeyDownload
2014-07-15 06:24 - 2014-07-15 06:24 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) C:\Windows\System32\AniGIF.ocx
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Users\jack\AppData\Local\globalUpdate
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\ProgramData\SearchModule
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-15 06:24 - 2014-07-15 06:24 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2014-07-15 06:23 - 2014-07-15 06:23 - 00000045 _____ () C:\user.js
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\Downloaded Installations
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Users\jack\AppData\Local\CrashRpt
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Program Files\V-bates
2014-07-15 06:23 - 2014-07-15 06:23 - 00000000 ____D () C:\Program Files\fst_us_154
2014-07-15 06:21 - 2014-07-15 06:21 - 05314072 _____ () C:\Users\jack\Downloads\FinallyFast.setup.exe
2014-07-15 06:21 - 2014-07-15 06:21 - 05314072 _____ () C:\Users\jack\Downloads\FinallyFast.setup (1).exe
2014-07-15 06:21 - 2014-07-15 06:21 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (6).exe
2014-07-15 06:17 - 2014-07-15 06:17 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (5).exe
2014-07-15 06:13 - 2014-07-15 06:13 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (4).exe
2014-07-15 06:13 - 2014-04-06 14:50 - 00001844 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2014-07-15 06:08 - 2014-07-15 06:08 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (3).exe
2014-07-15 06:07 - 2014-07-15 06:07 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (2).exe
2014-07-15 05:56 - 2014-07-15 05:56 - 00575832 _____ () C:\Users\jack\Downloads\install-flashplayer.exe
2014-07-15 05:52 - 2014-07-15 05:52 - 00972584 _____ () C:\Users\jack\Downloads\java_installer (1).exe
2014-07-15 05:47 - 2014-07-15 05:47 - 05572640 _____ (383 Media, Inc.) C:\Users\jack\Downloads\DriverRestore.exe
2014-07-15 05:47 - 2014-07-15 05:47 - 05572640 _____ (383 Media, Inc.) C:\Users\jack\Downloads\DriverRestore (1).exe
2014-07-15 05:46 - 2014-07-15 05:46 - 00002701 _____ () C:\Users\jack\Downloads\legitcheck.hta
2014-07-14 10:11 - 2014-07-15 06:45 - 00573339 _____ (ClickMeIn Limited) C:\Users\jack\AppData\Local\AnyProtectScannerSetup.exe
2014-07-10 04:04 - 2014-07-10 04:04 - 00971560 _____ () C:\Users\jack\Downloads\java_installer.exe
2014-07-10 04:02 - 2014-01-21 17:27 - 00000000 ___RD () C:\Users\jack\Dropbox
2014-07-10 04:02 - 2014-01-21 17:26 - 00000000 ____D () C:\Users\jack\AppData\Roaming\DropboxMaster
2014-07-10 04:02 - 2014-01-21 17:24 - 00000000 ____D () C:\Users\jack\AppData\Roaming\Dropbox
2014-07-10 03:58 - 2014-07-10 03:58 - 01508456 _____ () C:\Windows\Minidump\071014-24351-01.dmp
2014-07-10 03:58 - 2014-04-06 14:46 - 00000000 ____D () C:\Program Files\McAfee
2014-07-10 03:58 - 2013-02-12 07:51 - 243920132 _____ () C:\Windows\MEMORY.DMP
2014-07-10 03:58 - 2013-02-12 07:51 - 00000000 ____D () C:\Windows\Minidump
2014-07-08 10:42 - 2014-07-08 10:42 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2014-07-08 10:42 - 2013-02-05 16:08 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-07-08 10:42 - 2013-02-05 16:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-07-05 18:40 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-07-05 08:34 - 2014-07-05 08:34 - 01511584 _____ () C:\Windows\Minidump\070514-25630-01.dmp
2014-06-30 18:06 - 2014-06-25 18:02 - 00000000 ____D () C:\ProgramData\FllaasshCooupon
2014-06-30 13:55 - 2014-07-15 06:46 - 00018792 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\System32\roboot.exe
2014-06-26 09:23 - 2014-06-22 07:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM

Some content of TEMP:
====================
C:\Users\jack\AppData\Local\Temp\APNSetup.exe
C:\Users\jack\AppData\Local\Temp\BackupSetup.exe
C:\Users\jack\AppData\Local\Temp\BJMYPRT.EXE
C:\Users\jack\AppData\Local\Temp\cabex.dll
C:\Users\jack\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokmpxj.dll
C:\Users\jack\AppData\Local\Temp\i4jdel0.exe
C:\Users\jack\AppData\Local\Temp\Impressioner.exe
C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe
C:\Users\jack\AppData\Local\Temp\MSETUP4.EXE
C:\Users\jack\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\jack\AppData\Local\Temp\unelevate.exe
C:\Users\jack\AppData\Local\Temp\uninstall.exe
C:\Users\jack\AppData\Local\Temp\v-bates.exe
C:\Users\jack\AppData\Local\Temp\vcredist_x86.exe
C:\Users\jack\AppData\Local\Temp\youtubeAccelerator.exe

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-04-27 09:40:23
Restore point made on: 2014-05-10 17:49:46
Restore point made on: 2014-05-18 12:12:36
Restore point made on: 2014-05-19 11:01:34
Restore point made on: 2014-06-04 12:05:08
Restore point made on: 2014-06-17 08:24:08
Restore point made on: 2014-06-18 12:49:56
Restore point made on: 2014-06-18 12:50:58
Restore point made on: 2014-07-15 06:27:43
Restore point made on: 2014-07-15 06:48:32

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3034.36 MB
Available physical RAM: 2569.79 MB
Total Pagefile: 3032.65 MB
Available Pagefile: 2575.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:417.35 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.7 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BE79BE79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

LastRegBack: 2014-06-22 07:32

==================== End Of Log ============================

[JSntgRvr]

Have you turned ON the built in administrator by any chance?

 

Download the enclosed file. [attachment=71925:fixlist.txt]

 

Save it in the same location FRST is saved.

 

Run FRST, except that this time around click on the Fix button and wait.

 

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.

 

If successful, attempt to boot in Normal mode.

 

[jsgraphics]

Hi. Thanks for getting back to me so fast.

 

I ran the FRST again as instructed. The log is below.

 

When I tried to restart the laptop, it gave me 2 options - Fix or normal. I choose normal as you suggested. It looks like it got logged in and then it went to a blank screen, with a pointer and in the bot right corner a message:

 

Windows 7

Build 7601

This copy of Windows is not genuine

 

And it is not doing anything else after 5 mins.

 

Please let me know what to do next.

 

If you respond tomorrow (Thursday) during the day, I may not be able to try anything until the evening.

 

Thanks again for your help.

 

Jack

 

*************

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:23-07-2014 01
Ran by SYSTEM at 2014-07-23 21:26:15 Run:1
Running from g:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
Start
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [94088 2014-07-15] (Skytech Co., Ltd.)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk
ShortcutTarget: Storm Alerts.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk
ShortcutTarget: StormAlerts.lnk ->  (No File)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
C:\Users\jack\AppData\Local\Temp\APNSetup.exe
C:\Users\jack\AppData\Local\Temp\BackupSetup.exe
C:\Users\jack\AppData\Local\Temp\BJMYPRT.EXE
C:\Users\jack\AppData\Local\Temp\cabex.dll
C:\Users\jack\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokmpxj.dll
C:\Users\jack\AppData\Local\Temp\i4jdel0.exe
C:\Users\jack\AppData\Local\Temp\Impressioner.exe
C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe
C:\Users\jack\AppData\Local\Temp\MSETUP4.EXE
C:\Users\jack\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\jack\AppData\Local\Temp\unelevate.exe
C:\Users\jack\AppData\Local\Temp\uninstall.exe
C:\Users\jack\AppData\Local\Temp\v-bates.exe
C:\Users\jack\AppData\Local\Temp\vcredist_x86.exe
C:\Users\jack\AppData\Local\Temp\youtubeAccelerator.exe
C:\Users\jack\Downloads\FinallyFast.setup.exe
C:\Users\jack\Downloads\FinallyFast.setup (1).exe
C:\Users\jack\Downloads\java_installer (6).exe
C:\Users\jack\Downloads\java_installer (5).exe
C:\Users\jack\Downloads\java_installer (4).exe
C:\Users\jack\Downloads\java_installer (3).exe
C:\Users\jack\Downloads\java_installer (2).exe
C:\Users\jack\Downloads\install-flashplayer.exe
C:\Users\jack\Downloads\java_installer (1).exe
C:\Users\jack\Downloads\DriverRestore.exe
C:\Users\jack\Downloads\DriverRestore (1).exe
C:\Users\jack\Downloads\legitcheck.hta
C:\Users\jack\Downloads\java_installer.exe
C:\ProgramData\FllaasshCooupon
HKLM\...\RunOnce: [upfst_us_154.exe] => C:\Users\jack\AppData\Local\fst_us_154\upfst_us_154.exe [3321312 2014-07-11] ()
C:\Users\jack\AppData\Local\fst_us_154
S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-11-08] (APN LLC.)
S2 KDUpdater; C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe [229696 2014-07-15] (KeyDownload)
End
*****************

"C:\PROGRA~1\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk => Moved successfully.
ShortcutTarget: Dropbox.lnk ->  (No File) not found.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk => Moved successfully.
ShortcutTarget: Storm Alerts.lnk ->  (No File) not found.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk => Moved successfully.
ShortcutTarget: StormAlerts.lnk ->  (No File) not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
C:\Windows\System32\GroupPolicy\Machine => Moved successfully.
C:\Windows\System32\GroupPolicy\GPT.ini => Moved successfully.
C:\Users\jack\AppData\Local\Temp\APNSetup.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\BJMYPRT.EXE => Moved successfully.
C:\Users\jack\AppData\Local\Temp\cabex.dll => Moved successfully.
C:\Users\jack\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokmpxj.dll => Moved successfully.
C:\Users\jack\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\Impressioner.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.
C:\Users\jack\AppData\Local\Temp\System.Data.SQLite.dll => Moved successfully.
C:\Users\jack\AppData\Local\Temp\unelevate.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\uninstall.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\v-bates.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
C:\Users\jack\AppData\Local\Temp\youtubeAccelerator.exe => Moved successfully.
C:\Users\jack\Downloads\FinallyFast.setup.exe => Moved successfully.
C:\Users\jack\Downloads\FinallyFast.setup (1).exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (6).exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (5).exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (4).exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (3).exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (2).exe => Moved successfully.
C:\Users\jack\Downloads\install-flashplayer.exe => Moved successfully.
C:\Users\jack\Downloads\java_installer (1).exe => Moved successfully.
C:\Users\jack\Downloads\DriverRestore.exe => Moved successfully.
C:\Users\jack\Downloads\DriverRestore (1).exe => Moved successfully.
C:\Users\jack\Downloads\legitcheck.hta => Moved successfully.
C:\Users\jack\Downloads\java_installer.exe => Moved successfully.
C:\ProgramData\FllaasshCooupon => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKLM\...\RunOnce: [upfst_us_154.exe] => C:\Users\jack\AppData\Local\fst_us_154\upfst_us_154.exe [3321312 2014-07-11] () => Value not found.
C:\Users\jack\AppData\Local\fst_us_154 => Moved successfully.
APNMCP => Service deleted successfully.
KDUpdater => Service deleted successfully.

==== End of Fixlog ====

[JSntgRvr]

Lets restore the registry from backups:
 
Download the enclosed file. [attachment=71928:fixlist.txt]
 
Save it in the same location FRST is saved.
 
Run FRST, except that this time around click on the Fix button and wait.
 
The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
 
If successful, attempt to boot in Normal mode.
 
If able to boot in Normal mode, please run Combofix as follows:
 
 

Please download ComboFix from Here to your Desktop.
 
**Note:  In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

-----------------------------------------------------------

• Please, never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  

  -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

  -----------------------------------------------------------

• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" .
  • **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

[jsgraphics]

I ran FRST and tried to boot normally, can't get in. It is still flipping between black and default background.

 

Here is the log.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:23-07-2014 01
Ran by SYSTEM at 2014-07-25 19:06:03 Run:2
Running from G:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
Start
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [94088 2014-07-15] (Skytech Co., Ltd.)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk
ShortcutTarget: Storm Alerts.lnk ->  (No File)
Startup: C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk
ShortcutTarget: StormAlerts.lnk ->  (No File)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
C:\Users\jack\AppData\Local\Temp\APNSetup.exe
C:\Users\jack\AppData\Local\Temp\BackupSetup.exe
C:\Users\jack\AppData\Local\Temp\BJMYPRT.EXE
C:\Users\jack\AppData\Local\Temp\cabex.dll
C:\Users\jack\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokmpxj.dll
C:\Users\jack\AppData\Local\Temp\i4jdel0.exe
C:\Users\jack\AppData\Local\Temp\Impressioner.exe
C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe
C:\Users\jack\AppData\Local\Temp\MSETUP4.EXE
C:\Users\jack\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\jack\AppData\Local\Temp\unelevate.exe
C:\Users\jack\AppData\Local\Temp\uninstall.exe
C:\Users\jack\AppData\Local\Temp\v-bates.exe
C:\Users\jack\AppData\Local\Temp\vcredist_x86.exe
C:\Users\jack\AppData\Local\Temp\youtubeAccelerator.exe
C:\Users\jack\Downloads\FinallyFast.setup.exe
C:\Users\jack\Downloads\FinallyFast.setup (1).exe
C:\Users\jack\Downloads\java_installer (6).exe
C:\Users\jack\Downloads\java_installer (5).exe
C:\Users\jack\Downloads\java_installer (4).exe
C:\Users\jack\Downloads\java_installer (3).exe
C:\Users\jack\Downloads\java_installer (2).exe
C:\Users\jack\Downloads\install-flashplayer.exe
C:\Users\jack\Downloads\java_installer (1).exe
C:\Users\jack\Downloads\DriverRestore.exe
C:\Users\jack\Downloads\DriverRestore (1).exe
C:\Users\jack\Downloads\legitcheck.hta
C:\Users\jack\Downloads\java_installer.exe
C:\ProgramData\FllaasshCooupon
HKLM\...\RunOnce: [upfst_us_154.exe] => C:\Users\jack\AppData\Local\fst_us_154\upfst_us_154.exe [3321312 2014-07-11] ()
C:\Users\jack\AppData\Local\fst_us_154
S2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-11-08] (APN LLC.)
S2 KDUpdater; C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe [229696 2014-07-15] (KeyDownload)
End
*****************

"C:\PROGRA~1\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk not found.
ShortcutTarget: Dropbox.lnk ->  (No File) not found.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Storm Alerts.lnk not found.
ShortcutTarget: Storm Alerts.lnk ->  (No File) not found.
C:\Users\jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormAlerts.lnk not found.
ShortcutTarget: StormAlerts.lnk ->  (No File) not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key not found.
"HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key not found.
"HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key not found.
"HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key not found.
"HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key not found.
"HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key not found.
"HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"C:\Windows\System32\GroupPolicy\Machine" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\APNSetup.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\BackupSetup.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\BJMYPRT.EXE" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\cabex.dll" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokmpxj.dll" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\i4jdel0.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\Impressioner.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\KDUpdSrv.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\MSETUP4.EXE" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\System.Data.SQLite.dll" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\unelevate.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\uninstall.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\v-bates.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\vcredist_x86.exe" => File/Directory not found.
"C:\Users\jack\AppData\Local\Temp\youtubeAccelerator.exe" => File/Directory not found.
"C:\Users\jack\Downloads\FinallyFast.setup.exe" => File/Directory not found.
"C:\Users\jack\Downloads\FinallyFast.setup (1).exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (6).exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (5).exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (4).exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (3).exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (2).exe" => File/Directory not found.
"C:\Users\jack\Downloads\install-flashplayer.exe" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer (1).exe" => File/Directory not found.
"C:\Users\jack\Downloads\DriverRestore.exe" => File/Directory not found.
"C:\Users\jack\Downloads\DriverRestore (1).exe" => File/Directory not found.
"C:\Users\jack\Downloads\legitcheck.hta" => File/Directory not found.
"C:\Users\jack\Downloads\java_installer.exe" => File/Directory not found.
"C:\ProgramData\FllaasshCooupon" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKLM\...\RunOnce: [upfst_us_154.exe] => C:\Users\jack\AppData\Local\fst_us_154\upfst_us_154.exe [3321312 2014-07-11] () => Value not found.
"C:\Users\jack\AppData\Local\fst_us_154" => File/Directory not found.
APNMCP => Service not found.
KDUpdater => Service not found.

==== End of Fixlog ====

[JSntgRvr]

Try Safe Mode. If still unable, re-scan with FRST and post its report.

[JSntgRvr]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.