Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

White screen on logon [Solved]

Started by Aleigha , Aug 04 2014 12:29 AM

  • This topic is locked This topic is locked

#16
dbreeze
Posted 04 August 2014 - 10:29 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

If you still have the Command window open, skip the next line.

Click on Start > type cmd in the Search box; right click on the cmd.exe and select "Run as Administrator"... press Enter.

 

Type sfc /scannow in the Command Prompt window and press Enter.  The system will scan for and correct any missing system files.

 

Once this is done, reboot your system into Safe Mode with Command Prompt, run explorer.exe in the command window and try the FRST (or FRST64) scan once again.


  • 0

Advertisements

#17
Aleigha
Posted 04 August 2014 - 11:17 PM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Aleigha at 2014-08-05 13:08:01
Running from E:\
Boot Mode: Safe Mode (minimal)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Acoustica Effects Pack (HKLM-x32\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc)
Acoustica Mixcraft 5 (HKLM-x32\...\Acoustica Mixcraft 5) (Version:  - Acoustica)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Angry Birds Space (HKLM-x32\...\{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}) (Version: 1.0.0 - Rovio)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{3B20226B-63ED-B863-B224-FE40401B21CA}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3408 - AVG Technologies)
AVG 2013 (Version: 13.0.3408 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.5.0.2 - AVG Technologies)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.57.1048 - Webteh, d.o.o.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Casino.com (HKCU\...\Casino.com) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0329.836.13543 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0329.836.13543 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help English (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help French (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help German (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden
ccc-utility64 (Version: 2010.0329.836.13543 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complitly (HKLM-x32\...\Complitly_is1) (Version:  - ) <==== ATTENTION
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2433A103-9EC3-49EA-9AD1-58A35F27EE56}) (Version:  - Microsoft)
Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.1.3 - WildTangent)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0127.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
EpsonNet Config V3 (HKLM-x32\...\{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}) (Version: 3.4a - SEIKO EPSON CORPORATION)
Everio MediaBrowser HD Edition (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 1.01.022 - PIXELA)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
flybuys Toolbar (HKCU\...\flybuys Toolbar) (Version:  - flybuys)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - eMachines)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniAide Fat32 Formatter Home Edition version 1.05 (HKLM-x32\...\{C206CD7D-7CFE-4F0C-BC68-8873CDE3A5F5}_is1) (Version: 1.05 - MiniAide Tech Development Co., Ltd.)
MixMeister Fusion 7.2.2 (HKLM-x32\...\MixMeister Fusion 7.2.2_is1) (Version:  - )
Moo0 VoiceRecorder 1.31 (HKLM-x32\...\Moo0 VoiceRecorder) (Version:  - )
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pioneer Lands (HKLM-x32\...\Pioneer Lands1.0) (Version: 1.0 - AllSmartGames)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: 1.00.000 - )
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Smilebox (HKCU\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
SmileBox EN Toolbar (HKLM-x32\...\SmileBox_EN Toolbar) (Version: 6.8.9.0 - SmileBox EN)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{97C39B81-3054-4AB4-B11D-A656DE619982}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{150A0FF0-AF69-4132-BD93-1E34F63FC8A3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{24BD08F8-FF6E-4DD8-BE49-3659AE78A819}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.8.5.1 - uTorrentBar) <==== ATTENTION
Video Web Camera (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.1.7.2 - Suyin Optronics Corp)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\Virtual Villagers 4 - The Tree of Life1.0) (Version: 1.0 - AllSmartGames)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Web Assistant version 2.0.0.612 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.612 - IncrediBar) <==== ATTENTION
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
WildTangent Games App (eMachines Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines) (Version: 4.0.5.14 - WildTangent)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Phone (HKLM-x32\...\{94550F69-BEF6-4C77-B1D5-4EEDEF839C37}) (Version: 0.9.3723.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wyzo (HKLM-x32\...\Wyzo) (Version: 3.6.4 - Radical Software Ltd)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
18-09-2013 11:15:21 Windows Update
04-11-2013 01:57:40 Windows Modules Installer
23-06-2014 04:01:09 Windows Update
23-06-2014 05:16:12 Windows Update
23-07-2014 12:44:39 Scheduled Checkpoint
03-08-2014 11:08:55 Installed Safari
03-08-2014 11:15:49 Installed Java 7 Update 65
03-08-2014 16:43:01 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {090BEED5-3DC6-438E-AAB5-2BA3958F63A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {2D589F6F-772E-4B9F-892F-A541E1A13734} - System32\Tasks\{02A85EC4-D4E2-4E47-B14C-BACCDDA4ADBF} => Iexplore.exe http://www.skype.com...LastError=12007
Task: {38ACBFA4-0639-4B85-9420-2D7CEC586CC3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: {50684AE3-4529-45E0-8AF1-00BE532A6AFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {6EC01EBB-4341-4204-8DE2-200D16CFE15E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001Core1cd5fdd26736164 => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-05] (Facebook Inc.)
Task: {7B8A36C9-A323-4F21-AABD-FAC0C6CB38F9} - System32\Tasks\{E5909775-B961-46C3-BA6F-9A1A562D1892} => Iexplore.exe http://ui.skype.com/...?LastError=1618
Task: {7DEB869E-FFD7-46B0-8B91-415C5FB0C784} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-11] (Adobe Systems Incorporated)
Task: {8377ADC1-052D-4CE1-AD10-C1E222897606} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DC07A59-8356-4046-9E9E-8BB51FE49E36} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\VoiceRecorder 1.31\VoiceRecorder.exe [2011-08-10] (Moo0)
Task: {9BA85488-6346-4DEF-949D-3FB2528C83A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {B2925213-C287-4A7A-B35C-E2A09C28D74D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001UA => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-05] (Facebook Inc.)
Task: {B56CB898-26B0-4AFD-82B9-F92F21EA0787} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On Aleigha Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe [2011-11-03] (AVG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001Core1cd5fdd26736164.job => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001UA.job => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xb4c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0x96c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xbb4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Installed Java 7 Update 65). Additional information: 0xc0000022.
 
Error: (08/04/2014 00:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xbe0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:16:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xd00
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:04:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xdf0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 11:54:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xb44
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (08/04/2014 11:44:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xfa8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
 
System errors:
=============
Error: (08/05/2014 01:03:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (08/05/2014 01:03:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/05/2014 01:03:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339db4c01cfafac3d97d0bfC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7b7b1b46-1b9f-11e4-ba6a-4c0f6e6c328b
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339d96c01cfafa859f85c96C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll9cbd598b-1b9b-11e4-9198-4c0f6e6c328b
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339dbb401cfafa40061b0b9C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll3f603f00-1b97-11e4-afa5-4c0f6e6c328b
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Installed Java 7 Update 650xc0000022
 
Error: (08/04/2014 00:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dbe001cfaf9f3325f2d0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll71b9632b-1b92-11e4-a506-4c0f6e6c328b
 
Error: (08/04/2014 00:16:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dd0001cfaf9ae9ac2ff7C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll29d44a40-1b8e-11e4-ba5e-1c7508355489
 
Error: (08/04/2014 00:04:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339ddf001cfaf993dd7c4c4C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7cdb15cb-1b8c-11e4-a973-1c7508355489
 
Error: (08/04/2014 11:54:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339db4401cfaf97dafc9a0cC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll1938092d-1b8b-11e4-af06-1c7508355489
 
Error: (08/04/2014 11:44:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dfa801cfaf9662468d5cC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlla0e845f8-1b89-11e4-af06-1c7508355489
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-04 12:45:47.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 23%
Total physical RAM: 2042.9 MB
Available physical RAM: 1559.93 MB
Total Pagefile: 4085.8 MB
Available Pagefile: 3616.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (eMachines) (Fixed) (Total:452.66 GB) (Free:337.23 GB) NTFS
Drive e: (FLASH DRIVE) (Removable) (Total:7.2 GB) (Free:6.72 GB) FAT32
Drive f: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BEAA856B)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)
 
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 023AF475)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
 
==================== End Of Log ============================

  • 0

#18
dbreeze
Posted 04 August 2014 - 11:31 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

The scan should have also produced a FRST.txt file on the USB drive.  Can you post (copy and paste) that file also?  Thanks; you did great by the way. :spoton:


  • 0

#19
Aleigha
Posted 04 August 2014 - 11:33 PM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Aleigha at 2014-08-05 13:32:49
Running from E:\
Boot Mode: Safe Mode (minimal)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Acoustica Effects Pack (HKLM-x32\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc)
Acoustica Mixcraft 5 (HKLM-x32\...\Acoustica Mixcraft 5) (Version:  - Acoustica)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Angry Birds Space (HKLM-x32\...\{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}) (Version: 1.0.0 - Rovio)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.25.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{3B20226B-63ED-B863-B224-FE40401B21CA}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3408 - AVG Technologies)
AVG 2013 (Version: 13.0.3408 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.5.0.2 - AVG Technologies)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.57.1048 - Webteh, d.o.o.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Casino.com (HKCU\...\Casino.com) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0329.836.13543 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0329.836.13543 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help English (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help French (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help German (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden
ccc-utility64 (Version: 2010.0329.836.13543 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complitly (HKLM-x32\...\Complitly_is1) (Version:  - ) <==== ATTENTION
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2433A103-9EC3-49EA-9AD1-58A35F27EE56}) (Version:  - Microsoft)
Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.1.3 - WildTangent)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0127.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
EpsonNet Config V3 (HKLM-x32\...\{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}) (Version: 3.4a - SEIKO EPSON CORPORATION)
Everio MediaBrowser HD Edition (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 1.01.022 - PIXELA)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
flybuys Toolbar (HKCU\...\flybuys Toolbar) (Version:  - flybuys)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - eMachines)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniAide Fat32 Formatter Home Edition version 1.05 (HKLM-x32\...\{C206CD7D-7CFE-4F0C-BC68-8873CDE3A5F5}_is1) (Version: 1.05 - MiniAide Tech Development Co., Ltd.)
MixMeister Fusion 7.2.2 (HKLM-x32\...\MixMeister Fusion 7.2.2_is1) (Version:  - )
Moo0 VoiceRecorder 1.31 (HKLM-x32\...\Moo0 VoiceRecorder) (Version:  - )
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pioneer Lands (HKLM-x32\...\Pioneer Lands1.0) (Version: 1.0 - AllSmartGames)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: 1.00.000 - )
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Smilebox (HKCU\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
SmileBox EN Toolbar (HKLM-x32\...\SmileBox_EN Toolbar) (Version: 6.8.9.0 - SmileBox EN)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{97C39B81-3054-4AB4-B11D-A656DE619982}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{150A0FF0-AF69-4132-BD93-1E34F63FC8A3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{24BD08F8-FF6E-4DD8-BE49-3659AE78A819}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.8.5.1 - uTorrentBar) <==== ATTENTION
Video Web Camera (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.1.7.2 - Suyin Optronics Corp)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\Virtual Villagers 4 - The Tree of Life1.0) (Version: 1.0 - AllSmartGames)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Web Assistant version 2.0.0.612 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.612 - IncrediBar) <==== ATTENTION
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
WildTangent Games App (eMachines Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines) (Version: 4.0.5.14 - WildTangent)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Phone (HKLM-x32\...\{94550F69-BEF6-4C77-B1D5-4EEDEF839C37}) (Version: 0.9.3723.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wyzo (HKLM-x32\...\Wyzo) (Version: 3.6.4 - Radical Software Ltd)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
18-09-2013 11:15:21 Windows Update
04-11-2013 01:57:40 Windows Modules Installer
23-06-2014 04:01:09 Windows Update
23-06-2014 05:16:12 Windows Update
23-07-2014 12:44:39 Scheduled Checkpoint
03-08-2014 11:08:55 Installed Safari
03-08-2014 11:15:49 Installed Java 7 Update 65
03-08-2014 16:43:01 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {090BEED5-3DC6-438E-AAB5-2BA3958F63A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {2D589F6F-772E-4B9F-892F-A541E1A13734} - System32\Tasks\{02A85EC4-D4E2-4E47-B14C-BACCDDA4ADBF} => Iexplore.exe http://www.skype.com...LastError=12007
Task: {38ACBFA4-0639-4B85-9420-2D7CEC586CC3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: {50684AE3-4529-45E0-8AF1-00BE532A6AFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
Task: {6EC01EBB-4341-4204-8DE2-200D16CFE15E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001Core1cd5fdd26736164 => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-05] (Facebook Inc.)
Task: {7B8A36C9-A323-4F21-AABD-FAC0C6CB38F9} - System32\Tasks\{E5909775-B961-46C3-BA6F-9A1A562D1892} => Iexplore.exe http://ui.skype.com/...?LastError=1618
Task: {7DEB869E-FFD7-46B0-8B91-415C5FB0C784} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-11] (Adobe Systems Incorporated)
Task: {8377ADC1-052D-4CE1-AD10-C1E222897606} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DC07A59-8356-4046-9E9E-8BB51FE49E36} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\VoiceRecorder 1.31\VoiceRecorder.exe [2011-08-10] (Moo0)
Task: {9BA85488-6346-4DEF-949D-3FB2528C83A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {B2925213-C287-4A7A-B35C-E2A09C28D74D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001UA => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-05] (Facebook Inc.)
Task: {B56CB898-26B0-4AFD-82B9-F92F21EA0787} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On Aleigha Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe [2011-11-03] (AVG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001Core1cd5fdd26736164.job => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001UA.job => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-07-12 17:28 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "UseAlternateShell"="1"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xb4c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0x96c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xbb4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Installed Java 7 Update 65). Additional information: 0xc0000022.
 
Error: (08/04/2014 00:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xbe0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:16:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xd00
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:04:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xdf0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 11:54:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xb44
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (08/04/2014 11:44:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xfa8
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
 
System errors:
=============
Error: (08/05/2014 01:03:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (08/05/2014 01:03:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (08/05/2014 01:03:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/05/2014 01:03:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339db4c01cfafac3d97d0bfC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7b7b1b46-1b9f-11e4-ba6a-4c0f6e6c328b
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339d96c01cfafa859f85c96C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll9cbd598b-1b9b-11e4-9198-4c0f6e6c328b
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339dbb401cfafa40061b0b9C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll3f603f00-1b97-11e4-afa5-4c0f6e6c328b
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Installed Java 7 Update 650xc0000022
 
Error: (08/04/2014 00:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dbe001cfaf9f3325f2d0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll71b9632b-1b92-11e4-a506-4c0f6e6c328b
 
Error: (08/04/2014 00:16:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dd0001cfaf9ae9ac2ff7C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll29d44a40-1b8e-11e4-ba5e-1c7508355489
 
Error: (08/04/2014 00:04:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339ddf001cfaf993dd7c4c4C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7cdb15cb-1b8c-11e4-a973-1c7508355489
 
Error: (08/04/2014 11:54:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339db4401cfaf97dafc9a0cC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll1938092d-1b8b-11e4-af06-1c7508355489
 
Error: (08/04/2014 11:44:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005339dfa801cfaf9662468d5cC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlla0e845f8-1b89-11e4-af06-1c7508355489
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-04 12:45:47.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 24%
Total physical RAM: 2042.9 MB
Available physical RAM: 1549.88 MB
Total Pagefile: 4085.8 MB
Available Pagefile: 3610 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (eMachines) (Fixed) (Total:452.66 GB) (Free:337.22 GB) NTFS
Drive e: (FLASH DRIVE) (Removable) (Total:7.2 GB) (Free:6.72 GB) FAT32
Drive f: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BEAA856B)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)
 
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 023AF475)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
 
==================== End Of Log ============================

  • 0

#20
Aleigha
Posted 04 August 2014 - 11:37 PM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Appologies..

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Aleigha (administrator) on ALEIGHA on 05-08-2014 13:32:19
Running from E:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11444840 2010-09-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-10] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-12] (Acer Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2314416 2013-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [Facebook Update] => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-05] (Facebook Inc.)
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [SmileboxTray] => C:\Users\Aleigha\AppData\Roaming\Smilebox\SmileboxTray.exe [309544 2013-08-15] (Smilebox, Inc.)
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [SkyDrive] => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-03] (Microsoft Corporation)
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [uTorrent] => "C:\Users\Aleigha\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\MountPoints2: {dd7c90ec-0170-11e3-b56b-1c7508355489} - E:\win\setup.exe -phs
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-07-29] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-07-29] (Client Connect LTD)
Startup: C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Aleigha\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Camera Monitor HD.lnk
ShortcutTarget: Camera Monitor HD.lnk -> C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe (PIXELA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.au/?ocid=OIE9HP
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.au/
URLSearchHook: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={41DAC64C-7141-4483-876A-6E70F72C82CF}&mid=a32fb301c29147d0b0d9cd3c4ed1bd7a-81b13b8e24c35815abec9b036525900aabe52d29&lang=en&ds=AVG&pr=pr&d=2012-07-13 11:40:05&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {3CD57D11-252D-4AC6-8B65-D167FE4322AA} URL = http://websearch.ask...B3-DB2C2BBEC3F9
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={41DAC64C-7141-4483-876A-6E70F72C82CF}&mid=a32fb301c29147d0b0d9cd3c4ed1bd7a-81b13b8e24c35815abec9b036525900aabe52d29&lang=en&ds=AVG&pr=pr&d=2012-07-13 11:40:05&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.smile...DS&a=6PQJjBGHlC
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmileBox EN Toolbar -> {f897eb0e-a3a4-46c3-80eb-2729699d8892} -> C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
Toolbar: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {F897EB0E-A3A4-46C3-80EB-2729699D8892} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Aleigha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Aleigha\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-11]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 [2013-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://hllmjnjodbomdpgojblmbijbbkfgchkk/fc_newtab.html"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Injovo Extension Plugin) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.469_0\npbrowserext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Aleigha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-03]
CHR Extension: (YouTube) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-13]
CHR Extension: (Google Search) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-13]
CHR Extension: (Complitly plugin for chrome) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk [2012-09-13]
CHR Extension: (Web Assistant) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-09-13]
CHR Extension: (flybuys Toolbar) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hllmjnjodbomdpgojblmbijbbkfgchkk [2013-03-21]
CHR Extension: (Google Wallet) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-13]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-02-08]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Aleigha\AppData\Local\Temp\ccex.crx [2013-02-08]
CHR HKLM-x32\...\Chrome\Extension: [defdhglnppeioeflggkmglipcecffkhk] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-04-25]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx [2013-08-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
S2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-12] (Acer Incorporated)
S2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-17] (AVG Secure Search)
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-07-03] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-17] (AVG Technologies)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] (<company name here>)
S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] ()
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-05 13:05 - 2014-08-05 13:32 - 00000000 ____D () C:\FRST
2014-08-04 14:03 - 2014-08-04 14:03 - 00000000 ____D () C:\Users\Aleigha\Desktop\FOOD - Copy
2014-08-04 13:52 - 2014-08-05 12:41 - 00000280 _____ () C:\Windows\setupact.log
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-04 11:05 - 2014-08-04 12:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-03 22:40 - 2014-08-03 22:40 - 00036601 _____ () C:\Users\Aleigha\AppData\Local\poutdagc
2014-08-03 19:26 - 2014-08-03 19:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:15 - 2014-08-04 13:18 - 00000000 ___RD () C:\Users\Aleigha\Desktop\ORGANISATION
2014-08-03 19:15 - 2014-08-03 19:16 - 00000000 ___RD () C:\Users\Aleigha\Desktop\DESIGN-BUSINESS
2014-08-03 19:13 - 2014-08-03 19:13 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-08-03 19:13 - 2014-08-03 19:13 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-08-03 19:12 - 2014-08-04 13:17 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-08-03 19:07 - 2014-08-03 19:09 - 00000000 ___RD () C:\Users\Aleigha\Desktop\MOTIVATION
2014-08-03 18:03 - 2014-08-03 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 18:01 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 18:00 - 2014-08-04 13:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-03 18:00 - 2014-08-04 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 18:00 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 17:54 - 2014-08-03 17:54 - 38494576 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\SafariSetup.exe
2014-08-03 17:51 - 2014-08-03 17:52 - 113509200 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\iTunes64Setup (1).exe
2014-08-03 17:51 - 2014-08-03 17:51 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (2).exe
2014-08-03 17:43 - 2014-08-03 18:58 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FAMILY
2014-08-03 17:35 - 2014-08-04 13:18 - 00000000 ___RD () C:\Users\Aleigha\Desktop\PHOTOGRAPHS
2014-08-03 17:35 - 2014-08-04 12:40 - 00000000 ____D () C:\Users\Aleigha\Desktop\IMIGARY-VIDEOGRAPHY
2014-08-03 17:35 - 2014-08-03 19:04 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FITNESS
2014-08-03 17:34 - 2014-08-03 19:00 - 00000000 ___RD () C:\Users\Aleigha\Desktop\HEALTH
2014-08-03 17:34 - 2014-08-03 18:59 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FOOD
2014-08-03 17:32 - 2014-08-03 17:32 - 00001814 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-03 17:32 - 2014-08-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-03 17:31 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-03 17:28 - 2014-08-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-03 17:26 - 2014-08-04 00:29 - 00000000 ____D () C:\Users\Aleigha\Desktop\IPHONE SNAPS
2014-08-03 17:21 - 2014-08-03 17:21 - 00002173 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-03 16:32 - 2014-08-03 16:32 - 06010880 _____ () C:\Program Files (x86)\GUT1C29.tmp
2014-08-03 16:32 - 2014-08-03 16:32 - 00000000 ____D () C:\Program Files (x86)\GUM1C28.tmp
2014-08-03 16:31 - 2014-08-03 16:31 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (1).exe
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\SearchProtect
2014-08-03 16:30 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-03 16:28 - 2014-08-03 16:28 - 00000840 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-03 16:26 - 2014-08-03 16:28 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-05 13:32 - 2014-08-05 13:05 - 00000000 ____D () C:\FRST
2014-08-05 12:47 - 2009-07-14 13:13 - 00780196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 12:41 - 2014-08-04 13:52 - 00000280 _____ () C:\Windows\setupact.log
2014-08-05 12:41 - 2013-01-28 18:19 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-05 12:41 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-04 14:20 - 2013-06-09 22:43 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-04 14:20 - 2012-01-31 13:51 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-04 14:20 - 2011-07-07 09:41 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\CrashDumps
2014-08-04 14:17 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Default
2014-08-04 14:03 - 2014-08-04 14:03 - 00000000 ____D () C:\Users\Aleigha\Desktop\FOOD - Copy
2014-08-04 13:58 - 2010-11-18 22:39 - 01864716 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 13:58 - 2009-07-14 12:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-04 13:58 - 2009-07-14 12:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-04 13:21 - 2011-07-06 17:05 - 00000000 ____D () C:\Users\Aleigha
2014-08-04 13:20 - 2009-07-14 15:45 - 00000000 ____D () C:\Windows\ShellNew
2014-08-04 13:20 - 2009-07-14 15:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-04 13:18 - 2014-08-03 19:15 - 00000000 ___RD () C:\Users\Aleigha\Desktop\ORGANISATION
2014-08-04 13:18 - 2014-08-03 17:35 - 00000000 ___RD () C:\Users\Aleigha\Desktop\PHOTOGRAPHS
2014-08-04 13:18 - 2013-09-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-04 13:18 - 2013-09-15 16:06 - 00000000 ____D () C:\Users\Aleigha\Desktop\HD
2014-08-04 13:18 - 2012-12-19 22:41 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-04 13:18 - 2012-09-14 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-04 13:18 - 2012-09-11 19:18 - 00000000 ____D () C:\Program Files\Web Assistant
2014-08-04 13:18 - 2012-07-13 10:28 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-04 13:18 - 2012-05-17 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-04 13:18 - 2012-05-17 21:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 13:18 - 2009-07-14 13:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-08-04 13:17 - 2014-08-03 19:12 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-08-04 13:17 - 2014-08-03 18:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-04 13:17 - 2012-09-14 11:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-04 13:17 - 2012-05-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 13:17 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2014-08-04 13:17 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-04 13:08 - 2014-08-03 18:01 - 00000000 ____D () C:\Program Files\iPod
2014-08-04 13:08 - 2014-08-03 18:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-04 13:08 - 2014-08-03 18:00 - 00000000 ____D () C:\Program Files\iTunes
2014-08-04 13:08 - 2014-08-03 17:31 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-04 13:08 - 2014-08-03 16:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-04 13:08 - 2011-07-11 11:53 - 00000000 ____D () C:\ProgramData\Skype
2014-08-04 13:07 - 2011-07-29 08:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-04 13:07 - 2011-07-07 11:30 - 00000000 __RHD () C:\MSOCache
2014-08-04 13:07 - 2010-11-18 22:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-04 12:40 - 2014-08-04 11:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-04 12:40 - 2014-08-03 17:35 - 00000000 ____D () C:\Users\Aleigha\Desktop\IMIGARY-VIDEOGRAPHY
2014-08-04 01:55 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-04 00:38 - 2012-01-09 14:22 - 00000000 ____D () C:\Users\Aleigha\Documents\Aleigha
2014-08-04 00:29 - 2014-08-03 17:26 - 00000000 ____D () C:\Users\Aleigha\Desktop\IPHONE SNAPS
2014-08-03 22:40 - 2014-08-03 22:40 - 00036601 _____ () C:\Users\Aleigha\AppData\Local\poutdagc
2014-08-03 20:40 - 2012-12-20 08:43 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\Avg2013
2014-08-03 19:29 - 2012-01-23 23:58 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\Apple Computer
2014-08-03 19:26 - 2014-08-03 19:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:16 - 2014-08-03 19:15 - 00000000 ___RD () C:\Users\Aleigha\Desktop\DESIGN-BUSINESS
2014-08-03 19:15 - 2012-01-23 23:58 - 00000000 ____D () C:\Users\Aleigha\AppData\Roaming\Apple Computer
2014-08-03 19:13 - 2014-08-03 19:13 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-08-03 19:13 - 2014-08-03 19:13 - 00002491 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-08-03 19:09 - 2014-08-03 19:07 - 00000000 ___RD () C:\Users\Aleigha\Desktop\MOTIVATION
2014-08-03 19:05 - 2013-05-27 23:48 - 00000000 ___RD () C:\Users\Aleigha\Desktop\KEEPSAKES
2014-08-03 19:04 - 2014-08-03 17:35 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FITNESS
2014-08-03 19:00 - 2014-08-03 17:34 - 00000000 ___RD () C:\Users\Aleigha\Desktop\HEALTH
2014-08-03 18:59 - 2014-08-03 17:34 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FOOD
2014-08-03 18:58 - 2014-08-03 17:43 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FAMILY
2014-08-03 18:41 - 2011-04-14 17:01 - 00000000 ____D () C:\Users\JBHIFI
2014-08-03 18:28 - 2012-01-31 13:51 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 18:03 - 2014-08-03 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 17:54 - 2014-08-03 17:54 - 38494576 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\SafariSetup.exe
2014-08-03 17:52 - 2014-08-03 17:51 - 113509200 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\iTunes64Setup (1).exe
2014-08-03 17:51 - 2014-08-03 17:51 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (2).exe
2014-08-03 17:42 - 2012-08-30 16:34 - 00000000 ____D () C:\Users\Aleigha\Documents\Training
2014-08-03 17:39 - 2012-01-23 23:53 - 00000000 ____D () C:\ProgramData\Apple
2014-08-03 17:32 - 2014-08-03 17:32 - 00001814 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-08-03 17:32 - 2014-08-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-03 17:28 - 2014-08-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-03 17:27 - 2012-01-23 23:53 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-03 17:22 - 2012-07-20 22:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-08-03 17:21 - 2014-08-03 17:21 - 00002173 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-03 17:21 - 2012-01-31 13:51 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-03 17:21 - 2012-01-31 13:51 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-03 16:32 - 2014-08-03 16:32 - 06010880 _____ () C:\Program Files (x86)\GUT1C29.tmp
2014-08-03 16:32 - 2014-08-03 16:32 - 00000000 ____D () C:\Program Files (x86)\GUM1C28.tmp
2014-08-03 16:31 - 2014-08-03 16:31 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (1).exe
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\SearchProtect
2014-08-03 16:28 - 2014-08-03 16:28 - 00000840 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-03 16:28 - 2014-08-03 16:26 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
2014-07-23 20:45 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
2014-07-20 20:42 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2012-10-06 11:38
 
==================== End Of Log ============================

  • 0

#21
dbreeze
Posted 04 August 2014 - 11:55 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Ok; good job!!   :yeah:   Looks like the sfc scan worked to fix Windows and the scans found some things that need fixing.  :yes:

 

I will compile the logs into a fix script for your system and have my adviser check it in the morning (it is 11pm my time right now).  We will then get this to you along with the step by step directions on running the fix to get your system back online.  :geek:

 

There is still some work to be done after that but I wanted to let you know (because you are a part of this team) what is going on.  Ok?  Any questions?


  • 0

#22
Aleigha
Posted 05 August 2014 - 12:19 AM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

You are amazing! No questions, just thanks, for keeping me informed all the way. What you're doing to help is invaluable to me! Much appreciated :)


  • 0

#23
dbreeze
Posted 05 August 2014 - 03:02 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Hi Aleigha,

I hope you have had a good day so far. I have the script ready for you so let's get to it ...

Plug your USB drive into the spare laptop.

Download the attached file (Fixlist.txt) to the USB drive. You can do this by right clicking on the file below and selecting "Save Link as...", choose the USB drive (the same location as FRST.exe is located at) and click "Save".

File to download =>>  Attached File  Fixlist.txt   8.3KB   145 downloads

To check that the file has been saved properly, double click on the Fixlist.txt file on the USB drive and it should open in Notepad. The text in Notepad should look like the text below. If it does, close Notepad and remove the USB drive. If it doesn't, close Notepad and try the download again. If it fails the second time, come back here and let me know; I will give you other directions to get the file.

Text to check the file by =>>


HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
C:\Program Files (x86)\Ask.com
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [SmileboxTray] => C:\Users\Aleigha\AppData\Roaming\Smilebox\SmileboxTray.exe [309544 2013-08-15] (Smilebox, Inc.)
C:\Users\Aleigha\AppData\Roaming\Smilebox
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [uTorrent] => "C:\Users\Aleigha\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\MountPoints2: {dd7c90ec-0170-11e3-b56b-1c7508355489} - E:\win\setup.exe -phs
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-07-29] (Client Connect LTD)
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-07-29] (Client Connect LTD)
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
URLSearchHook: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {3CD57D11-252D-4AC6-8B65-D167FE4322AA} URL = http://websearch.ask...B3-DB2C2BBEC3F9
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.smile...DS&a=6PQJjBGHlC
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
C:\Program Files\Web Assistant\Extension64.dll
BHO: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
C:\Program Files\Web Assistant\Extension32.dll
BHO-x32: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: SmileBox EN Toolbar -> {f897eb0e-a3a4-46c3-80eb-2729699d8892} -> C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll
Toolbar: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {F897EB0E-A3A4-46C3-80EB-2729699D8892} - No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-11]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
CHR Extension: (Ask Toolbar) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-06-29]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
CHR Extension: (Complitly plugin for chrome) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk [2012-09-13]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk
CHR Extension: (Web Assistant) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-09-13]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-02-08]
C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Aleigha\AppData\Local\Temp\ccex.crx [2013-02-08]
C:\Users\Aleigha\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [defdhglnppeioeflggkmglipcecffkhk] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-04-25]
C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
C:\Program Files\Web Assistant\source.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-07-03] () [File not signed]
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] (<company name here>)
S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] ()
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
C:\Windows\system32\drivers\SPPD.sys
2014-08-03 16:32 - 2014-08-03 16:32 - 06010880 _____ () C:\Program Files (x86)\GUT1C29.tmp
2014-08-03 16:32 - 2014-08-03 16:32 - 00000000 ____D () C:\Program Files (x86)\GUM1C28.tmp
2014-08-03 16:31 - 2014-08-03 16:31 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (1).exe
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\SearchProtect
2014-08-03 16:30 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-03 16:26 - 2014-08-03 16:28 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
2014-08-03 17:51 - 2014-08-03 17:52 - 113509200 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\iTunes64Setup (1).exe
2014-08-03 17:51 - 2014-08-03 17:51 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (2).exe
2014-08-03 16:26 - 2014-08-03 16:28 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
2014-08-04 13:18 - 2012-09-11 19:18 - 00000000 ____D () C:\Program Files\Web Assistant
2014-08-04 13:08 - 2014-08-03 16:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
Task: {50684AE3-4529-45E0-8AF1-00BE532A6AFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
C:\Program Files (x86)\Ask.com\UpdateTask.exe
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4


Now your USB drive should have (at least) FRST.exe, Fixlist.txt and the two previous log files on it. Plug the drive into the infected PC.

If the system is still in Explorer.exe / Safe Mode with Command Prompt then we are good to run the FRST script. If not then follow the outlined steps to get ready to run the script.


  • Boot the PC and start tapping F8 until the Advanced Boot Menu appears.
  • Use the up / down keyboard arrows to highlight Safe Mode with Command Prompt; press ENTER.
  • Log into the same user as before (if you need to).
  • In the Command Prompt window type Explorer.exe and press ENTER.
  • Once your desktop loads, you can close the Command Prompt window by clicking on the X in its upper right hand corner.
  • Use either "My Computer" or "File Explorer" to locate the USB drive attached to your system.

Running the FRST script:
Right click on FRST.exe and select "Run as Administrator"
Once the program loads, click on the "Fix" button. If the file(s) is(are) in the correct locations, FRST will process the Fixlist.txt script, reboot your system and produce a log file. When the system reboots, please allow it boot normally (not into Safe Mode). The program should produce a Fixlog.txt log file; if it does not automatically open in Notepad after the reboot, the file may be located on the USB drive or on the hard drive under C:\FRST\Logs.

Please copy and paste that log file in your next reply here.
Also, how is your system running now?


  • 0

#24
Aleigha
Posted 05 August 2014 - 09:31 PM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hey! alas my computer works again! wow  :D

thankyou!

Here is the log file you requested:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014
Ran by Aleigha at 2014-08-06 11:13:55 Run:1
Running from E:\
Boot Mode: Safe Mode (minimal)
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
C:\Program Files (x86)\Ask.com
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [SmileboxTray] => C:\Users\Aleigha\AppData\Roaming\Smilebox\SmileboxTray.exe [309544 2013-08-15] (Smilebox, Inc.)
C:\Users\Aleigha\AppData\Roaming\Smilebox
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Run: [uTorrent] => "C:\Users\Aleigha\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\MountPoints2: {dd7c90ec-0170-11e3-b56b-1c7508355489} - E:\win\setup.exe -phs
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-07-29] (Client Connect LTD)
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-07-29] (Client Connect LTD)
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
URLSearchHook: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {3CD57D11-252D-4AC6-8B65-D167FE4322AA} URL = http://websearch.ask...B3-DB2C2BBEC3F9
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.smile...DS&a=6PQJjBGHlC
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
C:\Program Files\Web Assistant\Extension64.dll
BHO: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
C:\Program Files\Web Assistant\Extension32.dll
BHO-x32: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Complitly -> {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} -> C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: SmileBox EN Toolbar -> {f897eb0e-a3a4-46c3-80eb-2729699d8892} -> C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll
Toolbar: HKLM-x32 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {F897EB0E-A3A4-46C3-80EB-2729699D8892} -  No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-11]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
CHR Extension: (Ask Toolbar) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-06-29]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
CHR Extension: (Complitly plugin for chrome) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk [2012-09-13]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk
CHR Extension: (Web Assistant) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-09-13]
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-02-08]
C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Aleigha\AppData\Local\Temp\ccex.crx [2013-02-08]
C:\Users\Aleigha\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [defdhglnppeioeflggkmglipcecffkhk] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-04-25]
C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-11]
C:\Program Files\Web Assistant\source.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-07-03] () [File not signed]
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
S3 mmpDrv; C:\Windows\system32\Drivers\mmpDrv.sys [21008 2012-10-18] (<company name here>)
S3 mmpguidrv; C:\Windows\system32\Drivers\MmpGuiDrv.sys [12304 2012-10-18] ()
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
C:\Windows\system32\drivers\SPPD.sys
2014-08-03 16:32 - 2014-08-03 16:32 - 06010880 _____ () C:\Program Files (x86)\GUT1C29.tmp
2014-08-03 16:32 - 2014-08-03 16:32 - 00000000 ____D () C:\Program Files (x86)\GUM1C28.tmp
2014-08-03 16:31 - 2014-08-03 16:31 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (1).exe
2014-08-03 16:31 - 2014-08-03 16:31 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\SearchProtect
2014-08-03 16:30 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-03 16:26 - 2014-08-03 16:28 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
2014-08-03 17:51 - 2014-08-03 17:52 - 113509200 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\iTunes64Setup (1).exe
2014-08-03 17:51 - 2014-08-03 17:51 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup (2).exe
2014-08-03 16:26 - 2014-08-03 16:28 - 00895120 _____ (Google Inc.) C:\Users\Aleigha\Downloads\ChromeSetup.exe
2014-08-04 13:18 - 2012-09-11 19:18 - 00000000 ____D () C:\Program Files\Web Assistant
2014-08-04 13:08 - 2014-08-03 16:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
Task: {50684AE3-4529-45E0-8AF1-00BE532A6AFF} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-25] () <==== ATTENTION
C:\Program Files (x86)\Ask.com\UpdateTask.exe
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => value deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SmileboxTray => value deleted successfully.
C:\Users\Aleigha\AppData\Roaming\Smilebox => Moved successfully.
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
"HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd7c90ec-0170-11e3-b56b-1c7508355489}" => Key deleted successfully.
"HKCR\CLSID\{dd7c90ec-0170-11e3-b56b-1c7508355489}" => Key not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => Moved successfully.
"C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => File/Directory not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value Data removed successfully.
C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => Moved successfully.
"C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => File/Directory not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" => Key deleted successfully.
C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CD57D11-252D-4AC6-8B65-D167FE4322AA}" => Key deleted successfully.
"HKCR\CLSID\{3CD57D11-252D-4AC6-8B65-D167FE4322AA}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}" => Key deleted successfully.
"HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}" => Key deleted successfully.
"HKCR\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}" => Key deleted successfully.
C:\Program Files\Web Assistant\Extension64.dll => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}" => Key deleted successfully.
"HKCR\CLSID\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}" => Key deleted successfully.
C:\Users\Aleigha\AppData\Roaming\Complitly\64\Complitly64.dll => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}" => Key deleted successfully.
C:\Program Files\Web Assistant\Extension32.dll => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}" => Key deleted successfully.
C:\Users\Aleigha\AppData\Roaming\Complitly\Complitly.dll => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f897eb0e-a3a4-46c3-80eb-2729699d8892}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{f897eb0e-a3a4-46c3-80eb-2729699d8892}" => Key deleted successfully.
C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{f897eb0e-a3a4-46c3-80eb-2729699d8892} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{f897eb0e-a3a4-46c3-80eb-2729699d8892}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
"HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => value deleted successfully.
"HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F897EB0E-A3A4-46C3-80EB-2729699D8892} => value deleted successfully.
"HKCR\CLSID\{F897EB0E-A3A4-46C3-80EB-2729699D8892}" => Key not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => value deleted successfully.
C:\Program Files\Web Assistant\Firefox => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502} => value deleted successfully.
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo => Moved successfully.
"C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo" => File/Directory not found.
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk => Moved successfully.
"C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk" => File/Directory not found.
C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd => Moved successfully.
"C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => Key deleted successfully.
C:\Program Files\Web Assistant\source.crx => Moved successfully.
"C:\Program Files\Web Assistant\source.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo" => Key deleted successfully.
C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx => Moved successfully.
"C:\Users\Aleigha\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj" => Key deleted successfully.
"C:\Users\Aleigha\AppData\Local\Temp\ccex.crx" => File/Directory not found.
"C:\Users\Aleigha\AppData\Local\Temp\ccex.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk" => Key deleted successfully.
C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx => Moved successfully.
"C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => Key deleted successfully.
"C:\Program Files\Web Assistant\source.crx" => File/Directory not found.
"C:\Program Files\Web Assistant\source.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
CltMngSvc => Service deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe => Moved successfully.
Web Assistant Updater => Service deleted successfully.
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe => Moved successfully.
mmpDrv => Service deleted successfully.
mmpguidrv => Service deleted successfully.
SPPD => Service deleted successfully.
"C:\Windows\system32\drivers\SPPD.sys" => File/Directory not found.
C:\Program Files (x86)\GUT1C29.tmp => Moved successfully.
C:\Program Files (x86)\GUM1C28.tmp => Moved successfully.
C:\Users\Aleigha\Downloads\ChromeSetup (1).exe => Moved successfully.
C:\Users\Aleigha\AppData\Local\SearchProtect => Moved successfully.
C:\Program Files (x86)\SearchProtect => Moved successfully.
C:\Users\Aleigha\Downloads\ChromeSetup.exe => Moved successfully.
C:\Users\Aleigha\Downloads\iTunes64Setup (1).exe => Moved successfully.
C:\Users\Aleigha\Downloads\ChromeSetup (2).exe => Moved successfully.
"C:\Users\Aleigha\Downloads\ChromeSetup.exe" => File/Directory not found.
C:\Program Files\Web Assistant => Moved successfully.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50684AE3-4529-45E0-8AF1-00BE532A6AFF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50684AE3-4529-45E0-8AF1-00BE532A6AFF}" => Key deleted successfully.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
"C:\Program Files (x86)\Ask.com\UpdateTask.exe" => File/Directory not found.
C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully.
 
==== End of Fixlog ====

  • 0

#25
dbreeze
Posted 05 August 2014 - 09:56 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Aleigha, you are very welcome!!!  :tazz: :tazz: :tazz: :tazz: :woot: :woot: :woot: :woot:
 
But, we are not done yet.... 
 
Now that the laptop is back online, let's get some other scans and get it really cleaned up!!!
 
1) Fresh FRST scan
 
Download a fresh copy of FRST64.exe from here to your desktop.

  • Right click on it and select "Run as Administrator...".
  • Check the Addition box in the Options block.
  • Click Scan button and FRST64.exe will make two log files (both should open in Notepad).
  • Please copy both and paste them in a reply post here.

 
2) AdwCleaner scan only

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

    AdwScan.jpg?
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

 

 

Things to let me know / include in your next reply:

  • How is your system running?  Any stand out items you notice? (I'm relying on you to be my eyes and ears in this team.)
  • Fresh FRST.txt log text.
  • Fresh Addition.txt log text.
  • AdwCleaner[R0].txt log text.

 

Note: you can use more than one post to send the logs if that is easier for you.


  • 0

Advertisements

#26
Aleigha
Posted 06 August 2014 - 02:54 AM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

On restart the system was backdated I presume? as some of my organizing of files had been unorganized.

System is running slower, but presume this is in effect of the scans running.

Other than that everything seems kosher :)

 

Will post the logs as they are completed :)

 

Feeing apart of the geeky team  :geek:  love it haha


  • 0

#27
Aleigha
Posted 06 August 2014 - 03:19 AM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Aleigha (administrator) on ALEIGHA on 06-08-2014 16:37:46
Running from C:\Users\Aleigha\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(PIXELA CORPORATION) C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe.old
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11444840 2010-09-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-10] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [861216 2010-06-12] (Acer Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2314416 2013-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\RunOnce: [Uninstall C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1464594981-1069503893-2954180956-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Aleigha\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
Startup: C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Camera Monitor HD.lnk
ShortcutTarget: Camera Monitor HD.lnk -> C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe (PIXELA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ninemsn.com.au/?ocid=OIE9HP
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.au/
URLSearchHook: HKLM-x32 - (No Name) - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - No File
URLSearchHook: HKCU - (No Name) - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - No File
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={41DAC64C-7141-4483-876A-6E70F72C82CF}&mid=a32fb301c29147d0b0d9cd3c4ed1bd7a-81b13b8e24c35815abec9b036525900aabe52d29&lang=en&ds=AVG&pr=pr&d=2012-07-13 11:40:05&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={41DAC64C-7141-4483-876A-6E70F72C82CF}&mid=a32fb301c29147d0b0d9cd3c4ed1bd7a-81b13b8e24c35815abec9b036525900aabe52d29&lang=en&ds=AVG&pr=pr&d=2012-07-13 11:40:05&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll (AVG Secure Search)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2 [2013-08-17]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "https://www.facebook.com/", "hxxp://www.hotmail.com/", "hxxp://www.westpac.com.au/"
CHR NewTab: "chrome-extension://aaaaojmikegpiepcfdkkjaplodkpfmlo/config/skin/new-tab.html"
CHR DefaultSearchKeyword: google.com.au
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\gcswf32.dll No File
CHR Plugin: (Injovo Extension Plugin) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.469_0\npbrowserext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Aleigha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-03]
CHR Extension: (YouTube) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-13]
CHR Extension: (Google Search) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-13]
CHR Extension: (flybuys Toolbar) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hllmjnjodbomdpgojblmbijbbkfgchkk [2013-03-21]
CHR Extension: (Google Wallet) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-13]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx [2013-08-17]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
U2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [868896 2010-06-12] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
R2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-17] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-17] (AVG Technologies)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-06 16:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-06 16:53 - 2014-08-06 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-06 16:42 - 2014-08-06 16:43 - 00000000 ____D () C:\AdwCleaner
2014-08-06 16:41 - 2014-08-06 16:41 - 01361309 _____ () C:\Users\Aleigha\Downloads\AdwCleaner.exe
2014-08-06 16:37 - 2014-08-06 16:54 - 00023232 _____ () C:\Users\Aleigha\Downloads\FRST.txt
2014-08-06 16:34 - 2014-08-06 16:35 - 02094080 _____ (Farbar) C:\Users\Aleigha\Downloads\FRST64.exe
2014-08-06 14:21 - 2013-05-10 13:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-08-06 14:21 - 2013-05-10 13:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-08-06 14:21 - 2013-05-10 12:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-08-06 14:21 - 2013-05-10 12:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-08-06 14:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-06 14:05 - 2014-08-06 14:05 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-06 14:05 - 2014-08-06 14:05 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-06 14:05 - 2014-08-06 14:05 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-06 14:05 - 2014-08-06 14:05 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-06 14:05 - 2014-08-06 14:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-06 14:05 - 2014-08-06 14:05 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-06 14:05 - 2014-08-06 14:05 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-06 14:05 - 2014-08-06 14:05 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-06 14:05 - 2014-08-06 14:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-06 14:05 - 2014-08-06 14:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-06 14:04 - 2014-08-06 14:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-06 14:01 - 2014-08-06 14:01 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-06 14:01 - 2014-08-06 14:01 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-06 14:01 - 2014-08-06 14:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-06 14:01 - 2014-08-06 14:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-06 14:00 - 2014-08-06 14:09 - 00010130 _____ () C:\Windows\IE11_main.log
2014-08-06 13:58 - 2014-08-06 13:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-06 13:58 - 2014-08-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 11:42 - 2014-03-04 17:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-06 11:42 - 2014-03-04 17:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-06 11:42 - 2014-03-04 17:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-06 11:42 - 2014-03-04 17:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-06 11:42 - 2014-03-04 17:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-06 11:42 - 2014-03-04 17:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-06 11:42 - 2014-03-04 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-06 11:42 - 2014-03-04 17:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-06 11:42 - 2014-03-04 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-06 11:42 - 2014-03-04 16:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-06 11:42 - 2014-03-04 16:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-05 13:05 - 2014-08-06 16:41 - 00000000 ____D () C:\FRST
2014-08-04 13:52 - 2014-08-06 16:20 - 00000392 _____ () C:\Windows\setupact.log
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-04 11:05 - 2014-08-04 12:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-03 22:40 - 2014-08-03 22:40 - 00036601 _____ () C:\Users\Aleigha\AppData\Local\poutdagc
2014-08-03 19:26 - 2014-08-03 19:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:15 - 2014-08-04 13:18 - 00000000 ___RD () C:\Users\Aleigha\Desktop\ORGANISATION
2014-08-03 19:15 - 2014-08-03 19:16 - 00000000 ___RD () C:\Users\Aleigha\Desktop\DESIGN-BUSINESS
2014-08-03 19:13 - 2014-08-03 19:13 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-08-03 19:12 - 2014-08-04 13:17 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-08-03 19:07 - 2014-08-03 19:09 - 00000000 ___RD () C:\Users\Aleigha\Desktop\MOTIVATION
2014-08-03 18:03 - 2014-08-03 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 18:01 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 18:00 - 2014-08-04 13:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-03 18:00 - 2014-08-04 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 18:00 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 17:54 - 2014-08-03 17:54 - 38494576 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\SafariSetup.exe
2014-08-03 17:43 - 2014-08-03 18:58 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FAMILY
2014-08-03 17:35 - 2014-08-06 11:33 - 00000000 ___RD () C:\Users\Aleigha\Desktop\IMIGARY-VIDEOGRAPHY
2014-08-03 17:35 - 2014-08-03 19:04 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FITNESS
2014-08-03 17:34 - 2014-08-03 19:00 - 00000000 ___RD () C:\Users\Aleigha\Desktop\HEALTH
2014-08-03 17:34 - 2014-08-03 18:59 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FOOD
2014-08-03 17:32 - 2014-08-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-03 17:31 - 2014-08-04 13:08 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-03 17:28 - 2014-08-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-03 16:28 - 2014-08-03 16:28 - 00000840 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-06 16:56 - 2012-07-13 10:28 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-06 16:54 - 2014-08-06 16:37 - 00023232 _____ () C:\Users\Aleigha\Downloads\FRST.txt
2014-08-06 16:53 - 2014-08-06 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-06 16:44 - 2010-11-18 22:39 - 01451691 _____ () C:\Windows\WindowsUpdate.log
2014-08-06 16:43 - 2014-08-06 16:42 - 00000000 ____D () C:\AdwCleaner
2014-08-06 16:41 - 2014-08-06 16:41 - 01361309 _____ () C:\Users\Aleigha\Downloads\AdwCleaner.exe
2014-08-06 16:41 - 2014-08-05 13:05 - 00000000 ____D () C:\FRST
2014-08-06 16:35 - 2014-08-06 16:34 - 02094080 _____ (Farbar) C:\Users\Aleigha\Downloads\FRST64.exe
2014-08-06 16:26 - 2012-01-31 13:51 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-06 16:26 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-06 16:26 - 2009-07-14 12:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-06 16:26 - 2009-07-14 12:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-06 16:22 - 2012-01-31 13:51 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-06 16:22 - 2011-07-06 17:05 - 00001426 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 16:22 - 2009-07-14 13:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-06 16:21 - 2013-06-09 22:43 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-06 16:20 - 2014-08-04 13:52 - 00000392 _____ () C:\Windows\setupact.log
2014-08-06 16:20 - 2013-01-28 18:19 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-06 16:20 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 16:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-06 16:17 - 2012-07-13 19:24 - 00434692 _____ () C:\Windows\PFRO.log
2014-08-06 14:15 - 2011-07-07 10:33 - 00767710 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-06 14:09 - 2014-08-06 14:00 - 00010130 _____ () C:\Windows\IE11_main.log
2014-08-06 14:05 - 2014-08-06 14:05 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-06 14:05 - 2014-08-06 14:05 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-06 14:05 - 2014-08-06 14:05 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-06 14:05 - 2014-08-06 14:05 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-06 14:05 - 2014-08-06 14:05 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-06 14:05 - 2014-08-06 14:05 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-06 14:05 - 2014-08-06 14:05 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-06 14:05 - 2014-08-06 14:05 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-06 14:05 - 2014-08-06 14:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-06 14:05 - 2014-08-06 14:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-06 14:05 - 2014-08-06 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-06 14:05 - 2014-08-06 14:05 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-06 14:04 - 2014-08-06 14:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-06 14:04 - 2014-08-06 14:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-06 14:04 - 2014-08-06 14:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-06 14:02 - 2014-08-06 14:02 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-08-06 14:02 - 2014-08-06 14:02 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-08-06 14:01 - 2014-08-06 14:01 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-06 14:01 - 2014-08-06 14:01 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-06 14:01 - 2014-08-06 14:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-06 14:01 - 2014-08-06 14:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-06 13:59 - 2011-07-12 11:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-06 13:58 - 2014-08-06 13:58 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-06 13:58 - 2014-08-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 13:58 - 2011-07-11 11:53 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 13:54 - 2013-07-18 11:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-06 13:04 - 2012-05-17 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 13:02 - 2012-05-17 21:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-06 13:02 - 2012-05-17 21:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-06 12:13 - 2011-10-15 16:45 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\Facebook
2014-08-06 12:03 - 2013-03-21 18:31 - 00000358 _____ () C:\Windows\wininit.ini
2014-08-06 11:44 - 2013-03-05 23:05 - 00000000 ____D () C:\Firefox
2014-08-06 11:43 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-06 11:41 - 2013-02-25 09:30 - 00000000 ___RD () C:\Users\Aleigha\SkyDrive
2014-08-06 11:37 - 2012-01-31 13:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-06 11:33 - 2014-08-03 17:35 - 00000000 ___RD () C:\Users\Aleigha\Desktop\IMIGARY-VIDEOGRAPHY
2014-08-06 11:31 - 2011-07-07 09:41 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\CrashDumps
2014-08-06 11:14 - 2012-09-11 19:18 - 00000000 ____D () C:\Program Files (x86)\SmileBox_EN
2014-08-06 11:14 - 2012-04-25 18:45 - 00000000 ____D () C:\Users\Aleigha\AppData\Roaming\Complitly
2014-08-06 11:14 - 2012-03-10 09:58 - 00000000 ____D () C:\Program Files (x86)\uTorrentBar
2014-08-04 14:17 - 2009-07-14 11:20 - 00000000 __RHD () C:\Users\Default
2014-08-04 13:52 - 2014-08-04 13:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-04 13:21 - 2011-07-06 17:05 - 00000000 ____D () C:\Users\Aleigha
2014-08-04 13:20 - 2009-07-14 15:45 - 00000000 ____D () C:\Windows\ShellNew
2014-08-04 13:20 - 2009-07-14 15:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-04 13:18 - 2014-08-03 19:15 - 00000000 ___RD () C:\Users\Aleigha\Desktop\ORGANISATION
2014-08-04 13:18 - 2012-12-19 22:41 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-04 13:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-08-04 13:17 - 2014-08-03 19:12 - 00000000 ____D () C:\Program Files (x86)\Safari
2014-08-04 13:17 - 2014-08-03 18:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-04 13:17 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\registration
2014-08-04 13:17 - 2009-07-14 11:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-04 13:08 - 2014-08-03 18:01 - 00000000 ____D () C:\Program Files\iPod
2014-08-04 13:08 - 2014-08-03 18:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-04 13:08 - 2014-08-03 18:00 - 00000000 ____D () C:\Program Files\iTunes
2014-08-04 13:08 - 2014-08-03 17:31 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-04 13:07 - 2011-07-29 08:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-04 13:07 - 2011-07-07 11:30 - 00000000 __RHD () C:\MSOCache
2014-08-04 13:07 - 2010-11-18 22:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-04 12:40 - 2014-08-04 11:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-04 00:38 - 2012-01-09 14:22 - 00000000 ____D () C:\Users\Aleigha\Documents\Aleigha
2014-08-03 22:40 - 2014-08-03 22:40 - 00036601 _____ () C:\Users\Aleigha\AppData\Local\poutdagc
2014-08-03 20:40 - 2012-12-20 08:43 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\Avg2013
2014-08-03 19:29 - 2012-01-23 23:58 - 00000000 ____D () C:\Users\Aleigha\AppData\Local\Apple Computer
2014-08-03 19:26 - 2014-08-03 19:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-03 19:16 - 2014-08-03 19:15 - 00000000 ___RD () C:\Users\Aleigha\Desktop\DESIGN-BUSINESS
2014-08-03 19:15 - 2012-01-23 23:58 - 00000000 ____D () C:\Users\Aleigha\AppData\Roaming\Apple Computer
2014-08-03 19:13 - 2014-08-03 19:13 - 00002503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-08-03 19:09 - 2014-08-03 19:07 - 00000000 ___RD () C:\Users\Aleigha\Desktop\MOTIVATION
2014-08-03 19:05 - 2013-05-27 23:48 - 00000000 ___RD () C:\Users\Aleigha\Desktop\KEEPSAKES
2014-08-03 19:04 - 2014-08-03 17:35 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FITNESS
2014-08-03 19:00 - 2014-08-03 17:34 - 00000000 ___RD () C:\Users\Aleigha\Desktop\HEALTH
2014-08-03 18:59 - 2014-08-03 17:34 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FOOD
2014-08-03 18:58 - 2014-08-03 17:43 - 00000000 ___RD () C:\Users\Aleigha\Desktop\FAMILY
2014-08-03 18:41 - 2011-04-14 17:01 - 00000000 ____D () C:\Users\JBHIFI
2014-08-03 18:03 - 2014-08-03 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 17:54 - 2014-08-03 17:54 - 38494576 _____ (Apple Inc.) C:\Users\Aleigha\Downloads\SafariSetup.exe
2014-08-03 17:42 - 2012-08-30 16:34 - 00000000 ____D () C:\Users\Aleigha\Documents\Training
2014-08-03 17:39 - 2012-01-23 23:53 - 00000000 ____D () C:\ProgramData\Apple
2014-08-03 17:32 - 2014-08-03 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-03 17:28 - 2014-08-03 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-03 17:27 - 2012-01-23 23:53 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-03 17:22 - 2012-07-20 22:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-08-03 17:21 - 2012-01-31 13:51 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-03 17:21 - 2012-01-31 13:51 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-03 16:28 - 2014-08-03 16:28 - 00000840 _____ () C:\Users\Aleigha\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-07-23 20:45 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache
 
Some content of TEMP:
====================
C:\Users\Aleigha\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2012-10-06 11:38
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Aleigha at 2014-08-06 16:59:54
Running from C:\Users\Aleigha\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Acoustica Effects Pack (HKLM-x32\...\Acoustica Effects Pack) (Version: 3.0 - Acoustica, Inc)
Acoustica Mixcraft 5 (HKLM-x32\...\Acoustica Mixcraft 5) (Version:  - Acoustica)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version:  - )
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.44892 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{3B20226B-63ED-B863-B224-FE40401B21CA}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.5.0.2 - AVG Technologies)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.57.1048 - Webteh, d.o.o.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0329.836.13543 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0329.836.13543 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help English (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help French (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help German (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden
ccc-utility64 (Version: 2010.0329.836.13543 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Complitly (HKLM-x32\...\Complitly_is1) (Version:  - ) <==== ATTENTION
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Digital Photo Navigator 1.5 (HKLM-x32\...\{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}) (Version:  - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.1.3 - WildTangent)
eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0127.2010 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
EpsonNet Config V3 (HKLM-x32\...\{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}) (Version: 3.4a - SEIKO EPSON CORPORATION)
Everio MediaBrowser HD Edition (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 1.01.022 - PIXELA)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version:  - Image-Line)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Earth Plug-in (HKLM-x32\...\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hardcore (HKLM-x32\...\Hardcore) (Version:  - Image-Line)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - eMachines)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniAide Fat32 Formatter Home Edition version 1.05 (HKLM-x32\...\{C206CD7D-7CFE-4F0C-BC68-8873CDE3A5F5}_is1) (Version: 1.05 - MiniAide Tech Development Co., Ltd.)
Moo0 VoiceRecorder 1.31 (HKLM-x32\...\Moo0 VoiceRecorder) (Version:  - )
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12000.1.4 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pioneer Lands (HKLM-x32\...\Pioneer Lands1.0) (Version: 1.0 - AllSmartGames)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version:  - Image-Line)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: 1.00.000 - )
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sawer (HKLM-x32\...\Sawer) (Version:  - Image-Line)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smilebox (HKCU\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
SmileBox EN Toolbar (HKLM-x32\...\SmileBox_EN Toolbar) (Version: 6.8.9.0 - SmileBox EN)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version:  - LeapFrog)
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.8.5.1 - uTorrentBar) <==== ATTENTION
Video Web Camera (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.1.7.2 - Suyin Optronics Corp)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\Virtual Villagers 4 - The Tree of Life1.0) (Version: 1.0 - AllSmartGames)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Web Assistant version 2.0.0.612 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.612 - IncrediBar) <==== ATTENTION
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
WildTangent Games App (eMachines Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines) (Version: 4.0.5.14 - WildTangent)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Phone (HKLM-x32\...\{94550F69-BEF6-4C77-B1D5-4EEDEF839C37}) (Version: 0.9.3723.2 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wyzo (HKLM-x32\...\Wyzo) (Version: 3.6.4 - Radical Software Ltd)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll No File
CustomCLSID: HKU\S-1-5-21-1464594981-1069503893-2954180956-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Aleigha\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll No File
 
==================== Restore Points  =========================
 
03-08-2014 11:08:55 Installed Safari
03-08-2014 11:15:49 Installed Java 7 Update 65
03-08-2014 16:43:01 Windows Update
06-08-2014 03:50:03 Removed Facebook Messenger 2.1.4814.0
06-08-2014 03:54:55 Removed Facebook Messenger 2.1.4814.0
06-08-2014 04:03:46 Removed Facebook Video Calling 2.0.0.447
06-08-2014 04:18:12 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {090BEED5-3DC6-438E-AAB5-2BA3958F63A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {2D589F6F-772E-4B9F-892F-A541E1A13734} - System32\Tasks\{02A85EC4-D4E2-4E47-B14C-BACCDDA4ADBF} => Iexplore.exe http://www.skype.com...LastError=12007
Task: {38ACBFA4-0639-4B85-9420-2D7CEC586CC3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: {6EC01EBB-4341-4204-8DE2-200D16CFE15E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001Core1cd5fdd26736164 => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {7B8A36C9-A323-4F21-AABD-FAC0C6CB38F9} - System32\Tasks\{E5909775-B961-46C3-BA6F-9A1A562D1892} => Iexplore.exe http://ui.skype.com/...?LastError=1618
Task: {7DEB869E-FFD7-46B0-8B91-415C5FB0C784} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-11] (Adobe Systems Incorporated)
Task: {8377ADC1-052D-4CE1-AD10-C1E222897606} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DC07A59-8356-4046-9E9E-8BB51FE49E36} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\VoiceRecorder 1.31\VoiceRecorder.exe [2011-08-10] (Moo0)
Task: {9BA85488-6346-4DEF-949D-3FB2528C83A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {B2925213-C287-4A7A-B35C-E2A09C28D74D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1464594981-1069503893-2954180956-1001UA => C:\Users\Aleigha\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {B56CB898-26B0-4AFD-82B9-F92F21EA0787} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On Aleigha Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe [2011-11-03] (AVG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{D2C161BD-8900-4802-A9A2-DD70A96A3BC0}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-17 21:29 - 2013-08-17 21:29 - 00161968 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
2010-11-18 22:46 - 2010-06-10 10:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2012-07-13 11:39 - 2013-08-17 21:29 - 02314416 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-17 21:29 - 2013-08-17 21:29 - 00521904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\log4cplusU.dll
2013-01-29 11:13 - 2004-09-09 17:13 - 00364544 ____N () C:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\pxl_m17n_tool.dll
2010-10-15 22:31 - 2009-05-20 14:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-08-17 21:30 - 2013-08-17 21:29 - 00144560 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\SiteSafety.dll
2012-04-24 20:18 - 2012-04-24 20:18 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-04-24 20:18 - 2012-04-24 20:18 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
2014-08-06 16:41 - 2014-08-06 16:41 - 01361309 _____ () C:\Users\Aleigha\Downloads\AdwCleaner.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/06/2014 02:18:06 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
 
Error: (08/06/2014 11:36:15 AM) (Source: Google Update) (EventID: 20) (User: ALEIGHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/06/2014 11:30:47 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program FRST64.exe because of this error.
 
Program: FRST64.exe
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000098
Disk type: 0
 
Error: (08/06/2014 11:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FRST64.exe, version: 0.0.0.0, time stamp: 0x53dca846
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000006
Fault offset: 0x0000000000029c42
Faulting process id: 0x8e8
Faulting application start time: 0xFRST64.exe0
Faulting application path: FRST64.exe1
Faulting module path: FRST64.exe2
Report Id: FRST64.exe3
 
Error: (08/06/2014 11:22:37 AM) (Source: Google Update) (EventID: 20) (User: ALEIGHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xb4c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0x96c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18229, time stamp: 0x51fb164a
Exception code: 0xc0000005
Fault offset: 0x000000000005339d
Faulting process id: 0xbb4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Installed Java 7 Update 65). Additional information: 0xc0000022.
 
 
System errors:
=============
Error: (08/06/2014 04:44:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
 
Error: (08/06/2014 04:26:00 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (08/06/2014 04:22:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (08/06/2014 04:20:28 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.
 
Error: (08/06/2014 04:20:28 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.
 
Error: (08/06/2014 02:23:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (08/06/2014 11:23:50 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/06/2014 11:17:21 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.
 
Error: (08/06/2014 11:17:20 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147549183.
 
Error: (08/06/2014 11:15:22 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
 
Microsoft Office Sessions:
=========================
Error: (08/06/2014 02:18:06 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 
Error: (08/06/2014 11:36:15 AM) (Source: Google Update) (EventID: 20) (User: ALEIGHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/06/2014 11:30:47 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: FRST64.exeC00000980
 
Error: (08/06/2014 11:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.053dca846ntdll.dll6.1.7601.1822951fb164ac00000060000000000029c428e801cfb126062d477dE:\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll0d90faf9-1d1a-11e4-86b0-4c0f6e6c328b
 
Error: (08/06/2014 11:22:37 AM) (Source: Google Update) (EventID: 20) (User: ALEIGHA)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/04/2014 02:20:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339db4c01cfafac3d97d0bfC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7b7b1b46-1b9f-11e4-ba6a-4c0f6e6c328b
 
Error: (08/04/2014 02:19:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
 
Error: (08/04/2014 01:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339d96c01cfafa859f85c96C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll9cbd598b-1b9b-11e4-9198-4c0f6e6c328b
 
Error: (08/04/2014 01:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.1822951fb164ac0000005000000000005339dbb401cfafa40061b0b9C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll3f603f00-1b97-11e4-afa5-4c0f6e6c328b
 
Error: (08/04/2014 00:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Installed Java 7 Update 650xc0000022
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-04 12:45:47.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 61%
Total physical RAM: 2042.9 MB
Available physical RAM: 786.09 MB
Total Pagefile: 4085.8 MB
Available Pagefile: 2218.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (eMachines) (Fixed) (Total:452.66 GB) (Free:336.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BEAA856B)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
# AdwCleaner v3.302 - Report created 06/08/2014 at 16:43:50
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Aleigha - ALEIGHA
# Running from : C:\Users\Aleigha\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Complitly
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\SmileBox_EN
Folder Found : C:\Program Files (x86)\uTorrentBar
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\Aleigha\AppData\Local\apn
Folder Found : C:\Users\Aleigha\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Aleigha\AppData\Local\Conduit
Folder Found : C:\Users\Aleigha\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Aleigha\AppData\LocalLow\Conduit
Folder Found : C:\Users\Aleigha\AppData\LocalLow\SmileBox_EN
Folder Found : C:\Users\Aleigha\AppData\LocalLow\uTorrentBar
Folder Found : C:\Users\Aleigha\AppData\Roaming\Complitly
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\SmileBox_EN
Key Found : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Complitly
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3061355
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08DF6CB4-F29E-4EA5-977E-FD2D41DF1D51}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61093803-4C8E-4F6F-B355-8EF7C06750A0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77515824-397E-43E9-BBF4-A9FF63636D1C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F71E199C-C23E-4E5E-9821-ED8758AFE532}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Complitly_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmileBox_EN Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\SmileBox_EN
Key Found : HKLM\Software\uTorrentBar
Key Found : HKLM\Software\Web Assistant
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : [x64] HKLM\SOFTWARE\Web Assistant
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Aleigha\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://isearch.avg.com/search?cid={41DAC64C-7141-4483-876A-6E70F72C82CF}&mid=a32fb301c29147d0b0d9cd3c4ed1bd7a-81b13b8e24c35815abec9b036525900aabe52d29&lang=en&ds=AVG&pr=pr&d=2012-07-13 11:40:05&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
Found [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=47F38418-49C3-43E1-BD75-5DB733B0852C&apn_ptnrs=U3&apn_sauid=0AA73514-F70F-4712-BEB3-DB2C2BBEC3F9&apn_dtid=OSJ000YYAU&q={searchTerms}
Found [Search Provider] : hxxp://www.wayfair.com.au/asp/keyword.asp?keyword={searchTerms}&matchtype=&keywordvalue=&command=dosearch
Found [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Found [Extension] : defdhglnppeioeflggkmglipcecffkhk
Found [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [13017 octets] - [06/08/2014 16:43:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13078 octets] ##########
 

  • 0

#28
dbreeze
Posted 06 August 2014 - 07:41 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

All right, 'teammatey'!
 
Looks like AdwCleaner is just finding the inactive remains of the malware we already struck down.  Let's get that cleaned and see what else lurks there....
 
Clean with AdwCleaner

Re-run AdwCleaner

Close all open windows and browsers.

  • (Vista and 7 users) Right click the AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Scan button and wait for the scan to complete.
  • When the Scan has finished the Scan button will be grayed out and the Clean button will be activated.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this

    adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

 

 

Scan with JRT

Junkware Removal Tool

Please download JRT from here to your desktop.

Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.

Double click the JRT.exe file to run the application.

The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed).

When it is asked, press any key to allow the program to continue / run.

This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post.

Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.

 

 

Things to let the Team know about:

  • The AdwCleaner[S0].txt log
  • The JRT.txt log

  • 0

#29
Aleigha
Posted 07 August 2014 - 03:36 AM

Aleigha

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Alright I have yet another issue. I selected the computer to hibernate while I was on shift last night. I came back to the laptop refusing to show any image. It has just a blank black screen. It briefly pops up with the screen I would push the F8 for but nothing. I have a crack in my laptop screen and only a small fraction will show the image. so the laptop is connected to a LCD moniter. And have the laptop screen programmed off so I just have the moniter in action.
The laptop is on but with two very blank screens. Any ideas?
  • 0

#30
dbreeze
Posted 08 August 2014 - 12:58 AM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

The only thing I can think of right now is to do a total power out start of the laptop.

 

To do this hold the power button down until the system powers off.

 

Unplug the power cord from the laptop, remove the battery from the laptop and then press the power button three or four times as though you were trying to start the system. This will drain any residual ("static" maybe) charges left in the system.

 

Place the battery back in the laptop, plug the cord back in and start the laptop.

Let me know what happens then.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP