Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Virus, Spyware and more how to get rid of [Closed]

trojan babylon spyware

  • This topic is locked This topic is locked

#1
fxmaria

fxmaria

    New Member

  • Member
  • Pip
  • 2 posts

Hi I run an anti virus in my laptop, Windows is 7 home, and the following results came back:

 

Babylon (fs): Virus
c:\users\owner\appdata\local\temp\mybabylontb.exe is Infected.
c:\users\owner\appdata\local\temp\mybabylontb_google_20120807.exe is Infected.
BetterInstaller (fs): Virus
c:\users\owner\appdata\local\temp\updatecheckersetup.exe is Infected.
c:\users\owner\appdata\local\temp\minibar-master-v1.exe is Infected.
 
Iminent (fs): Virus
c:\users\owner\appdata\local\temp\iminentsetup.exe is Infected.
 
Sweetpacks/SweetIM (fs): Virus
c:\users\owner\appdata\local\temp\offerid9999\bundlesweetimsetup.exe is Infected.
c:\users\owner\appdata\local\temp\offerid4\simupdater.exe is Infected.
c:\users\owner\appdata\local\temp\offerid15\wssetup.exe:EmbeddedItem_0000001c:mgHelperGC.dll is Infected.
c:\users\owner\appdata\local\temp\offerid5\simboapp.exe is Infected.
 
Trojan-Clicker.HTML.RemoteScript (v): Virus
c:\users\owner\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\nuqitx7v\index[3].htm is Infected.
 
Trojan.Win32.Generic!BT: Virus
c:\users\owner\appdata\local\temp\bi_runonce.exe is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Deleted Items\07302204-00000A1A.eml:report.zip - Wed, 03 Aug 2011 12:53:47 +0700 - FRAUD ALERT for ACH is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\054F24DA-00000F9A.eml:Post_Express_Label_ITN52414.zip - Sat, 19 Mar 2011 13:54:53 +0100 - Post Express Report. Number of your parcel 272952 is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\17E67B73-00001056.eml:DHL_document.zip - Fri, 4 Mar 2011 23:02:59 +0500 - DHL notification 4861 is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\638418EB-000008D4.eml:DHL-invoce-b3131529.zip - Sat, 6 Aug 2011 08:15:11 +0900 - From DHL 07929980 is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\656D7846-00001002.eml:Post_Express_Label_VID95627.zip - Thu, 10 Mar 2011 09:41:25 +0300 - Post Express Department. Package is available for pickup. NR3700 is Infected.
 
Trojan.Win32.Generic.pak!cobra: Virus
c:\users\owner\dropbox\lisencias\windows 8 pro activator [32-64-bit].exe:P8_v25.exe is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\00897DA9-00000E57.eml:Attached_SecurityCode_64268.zip - Wed, 04 May 2011 17:01:31 +0800 - Spam from your account is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\0DFE6CD0-00001004.eml:document.zip - Wed, 9 Mar 2011 20:04:45 -0300 - DHL notification is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\12DB153C-00000EB2.eml:notification.zip - Sat, 9 Apr 2011 04:31:39 -0300 - US Parcel Delivery service is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\55720B69-00000FE8.eml:tracking.zip - Fri, 11 Mar 2011 09:25:19 +0100 - DHL notification! is Infected.
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\6D224BFA-00000FF4.eml:doc.zip - Fri, 11 Mar 2011 03:35:45 +0700 - DHL notification #5656 is Infected.
 
TrojanDownloader.Win32.Chepvil.j (v): Virus
C:\Users\Owner\AppData\Local\Microsoft\Windows Live Mail\Halcicon (s 9b0\Inbox\3A8D7FBE-00000F14.eml:UPS.zip - Wed, 30 Mar 2011 12:01:54 -0300 - United Parcel Service notification 51611 is Infected.
 
WebtrendsLive Cookie: Spyware Cookie
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt is Infected.
 
How can I get rid of all the virus I have in my computer can you please help me. Thank you.
 

 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.

 

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 

- Finally Before We Start-

 

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

Let's get you cleaned up. Please provide the following logs.

 

Fresh Set of Logs Needed
Let's begin. Please follow the steps below.
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.
2. Right click on the file and select Run as administrator (If you don't have this option simply double-click the file to open). When the tool opens click Yes to disclaimer.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should be the desktop)
5. Please copy and paste log back here.
6. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
     Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.

 


  • 0

#3
fxmaria

fxmaria

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Thank you here are the results:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Owner (administrator) on OWNER-HP on 22-10-2014 11:37:36
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Movil\OnlineUpdate\ouc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(eAcceleration) C:\Program Files (x86)\Common Files\eAcceleration\eacsvc.exe
(eAcceleration Corp) C:\Program Files (x86)\eAcceleration\Framework\eac_productsvc.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(eAcceleration Corp) C:\Program Files (x86)\eAcceleration\Framework\eac_svc.exe
(eAcceleration Corp) C:\Program Files (x86)\Acceleration Software\Anti-Virus\stopsignav.exe
(eAcceleration Corp) C:\Program Files (x86)\eAcceleration\Station\station_bk.exe
(eAcceleration Corp) C:\Program Files (x86)\Acceleration Software\Anti-Virus\stopsignav.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(MetaQuotes Software Corp.) C:\Program Files (x86)\InstaTrader\terminal.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-25] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [webscan] => C:\Program Files (x86)\Acceleration Software\Anti-Virus\stopsignav.exe [1519200 2014-01-09] (eAcceleration Corp)
HKLM-x32\...\Run: [SoftwareStation] => C:\Program Files (x86)\eAcceleration\Station\station.exe [141712 2013-09-16] (eAcceleration Corp)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [Microsoft Update Machine] => Free Generator.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAv.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {03845de0-0038-11e1-bcf1-6431505ff95b} - F:\iStudio.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {13a8d81d-9dc7-11e0-9f03-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {41f2f406-7162-11e1-a13a-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {41f2f414-7162-11e1-a13a-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {41f2f45e-7162-11e1-a13a-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {41f2f4f2-7162-11e1-a13a-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {8448b6ab-70ee-11e0-8412-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {b8750dfd-9f91-11e3-b8aa-4a0f6e0d35d5} - F:\AutoRun.exe
HKU\S-1-5-21-2824287356-3010572496-946420747-1000\...\MountPoints2: {e1e1961d-b63e-11e0-bfa3-6431505ff95b} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-15] (Microsoft Corporation)
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...97DHP&dt=071213
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - {019288F6-22A1-4562-B21C-F8D06DF5EFE0} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {C1B8ED45-F21E-4F32-9021-F7ABD6472CDA} URL = http://www.ask.com/w...}&l=dis&o=uscql
SearchScopes: HKLM - {FCD953B6-CAB0-4798-A8E0-C9DEB8CEB4DE} URL = http://search.yahoo....psg&type=CPNTDF
SearchScopes: HKLM-x32 - {019288F6-22A1-4562-B21C-F8D06DF5EFE0} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {C1B8ED45-F21E-4F32-9021-F7ABD6472CDA} URL = http://www.ask.com/w...}&l=dis&o=uscql
SearchScopes: HKLM-x32 - {FCD953B6-CAB0-4798-A8E0-C9DEB8CEB4DE} URL = http://search.yahoo....psg&type=CPNTDF
SearchScopes: HKCU - DefaultScope {7DEB79EC-F732-404C-B704-4DAECD4401A3} URL = http://search.iminen...q={searchTerms}
SearchScopes: HKCU - 1693855847B34C508494FC0D8FE6E075 URL = http://search.yahoo....f-8&fr=chr-yie9
SearchScopes: HKCU - {019288F6-22A1-4562-B21C-F8D06DF5EFE0} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://www.google.co...archTerms}&rlz=
SearchScopes: HKCU - {56EA0281-471A-416C-8B52-F192B07ABA1E} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKCU - {5C57903D-E433-42B5-AA7C-B43C1855EE39} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKCU - {75DF9B36-5D5C-42E4-B47D-D4D604729394} URL =
SearchScopes: HKCU - {7DEB79EC-F732-404C-B704-4DAECD4401A3} URL = http://search.iminen...q={searchTerms}
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://my.myplaycity...s={searchTerms}
SearchScopes: HKCU - {9B50D97C-CF7D-4325-B7E7-E7D19C5494A0} URL = http://search.softon...0f6e0d35d5&r=24
SearchScopes: HKCU - {C1B8ED45-F21E-4F32-9021-F7ABD6472CDA} URL = http://www.ask.com/w...}&l=dis&o=uscql
SearchScopes: HKCU - {FCD953B6-CAB0-4798-A8E0-C9DEB8CEB4DE} URL = http://search.yahoo....psg&type=CPNTDF
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: iminent Helper Object -> {112BA211-334C-4A90-90EC-2AD1CDAB287C} -> C:\Program Files (x86)\IminentToolbar\1.8.21.26\bh\iminent.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll No File
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM-x32 - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files (x86)\IminentToolbar\1.8.21.26\iminentTlbr.dll No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=972
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{512FE956-F9D0-4648-83DF-BB15B7D6211C}: [NameServer] 200.49.161.131 200.49.160.35

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default
FF DefaultSearchEngineuser_pref("browser.search.defaultenginename", "");: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Search the web (Softonic)
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngineuser_pref("browser.search.selectedEngine", "");: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: hxxp://my.myplaycity.com/results.php?category=web&s=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @cnw.com/cnwplugin -> C:\Program Files (x86)\AnyMeeting Plug-in\npcnwplugin.dll (AnyMeeting, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Owner\AppData\Local\Roblox\Versions\version-5c703d6176af434b\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\searchplugins\myplaycity.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\searchplugins\softonic.xml
FF Extension: Cuevana Stream - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a8}.xpi [2012-05-25]
FF Extension: MonsterDivX - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\49t1ikip.default\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}.xpi [2012-05-26]
FF Extension: BasicScan - C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C} [2014-10-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-28]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://search.iminent.com/?appId=FDCA9ACA-17B9-4DF0-80D3-6B85CCA2960B", "hxxp://search.softonic.com/INF00194/tb_v1?SearchSource=48&cc=&mi=fedc86a60000000000004c0f6e0d35d5"
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSearchURL: Default -> http://www.ask.com/web?q={searchTerms}
CHR DefaultSuggestURL: Default -> http://ss.ask.com/qu...rchTerms}&li=ff
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (McAfee Security Scan+) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (MonsterDivx) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkinfljboeildloankgjmljfibngeefa [2012-01-29]
CHR Extension: (Peliculas-Flv.com) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilenniiheilgldeeldljefjgeinigbei [2012-02-27]
CHR Extension: (SweetIM for Facebook) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-04-27]
CHR Extension: (Adobe Flash Player v12.4) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiijkjkpomoikopnhmeamcoanolbcfgg [2012-07-01]
CHR Extension: (Cuevana Stream) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg [2012-09-22]
CHR Extension: (Skype Click to Call) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-17]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-02-03]
CHR Extension: (Cuevana Stream) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooagbcohbmlpkfkdnodbomgphbcecalj [2012-01-27]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonic.crx []
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-04-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pkhojieggfgllhllcegoffdcnmdeojgb] - C:\Program Files (x86)\IminentToolbar\1.8.21.26\iminent.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-21] (Just Develop It) <==== ATTENTION
R2 eac_notifysvc; C:\Program Files (x86)\eAcceleration\Framework\eac_notifysvc.dll [235920 2013-09-26] (eAcceleration Corp)
R2 eac_productsvc; C:\Program Files (x86)\eAcceleration\Framework\eac_productsvc.exe [264592 2013-09-26] (eAcceleration Corp)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Movil. RunOuc; C:\Program Files (x86)\Internet Movil\UpdateDog\ouc.exe [239968 2012-03-31] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-19] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-19] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-04-19] (Realtek Semiconductor Corp.) [File not signed]
R2 sstsmonsvc; C:\Program Files (x86)\Acceleration Software\Anti-Virus\sstsmonsvc.dll [202264 2010-11-08] (eAcceleration Corp)
R2 StopSign Update Manager; C:\Program Files (x86)\Common Files\eAcceleration\eacsvc.exe [147024 2013-09-13] (eAcceleration)
S2 viprecomsvc; C:\Program Files (x86)\StopSign\ThreatScanner\engines\vipre\viprecomsvc.exe [178576 2013-10-31] (eAcceleration Corp)
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [4730880 2011-01-19] () [File not signed]
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 11:37 - 2014-10-22 11:42 - 00032642 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-10-22 11:36 - 2014-10-22 11:38 - 00000000 ____D () C:\FRST
2014-10-22 11:35 - 2014-10-22 11:36 - 02110976 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-10-22 11:34 - 2014-10-22 11:35 - 01102336 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2014-10-21 19:03 - 2014-10-21 19:03 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\eAcceleration
2014-10-21 19:02 - 2014-10-21 19:02 - 00001987 _____ () C:\Users\Owner\Desktop\Scan Now for Viruses and Threats.lnk
2014-10-21 19:00 - 2014-10-21 19:00 - 00000000 ____D () C:\Program Files (x86)\Acceleration Software
2014-10-21 18:59 - 2014-10-21 19:05 - 00000000 ____D () C:\ProgramData\eAcceleration
2014-10-21 18:59 - 2014-10-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eAcceleration
2014-10-21 18:59 - 2014-10-21 19:02 - 00000000 ____D () C:\Program Files (x86)\eAcceleration
2014-10-21 18:58 - 2014-10-21 19:00 - 00000000 ____D () C:\Program Files (x86)\StopSign
2014-10-21 18:55 - 2014-10-21 18:58 - 12729200 _____ (eAcceleration Corp ) C:\Users\Owner\Downloads\stop-sign_install.exe
2014-10-21 06:22 - 2014-10-22 06:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FD28591D-2E26-4B19-898C-2F0C4511C0B7}
2014-10-20 09:00 - 2014-10-20 09:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\{169D627F-E6F4-41ED-AB2B-879FF07E65FE}
2014-10-19 10:47 - 2014-10-19 10:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\{DEF3F356-776F-4039-B770-98F66C0624E0}
2014-10-17 07:38 - 2014-09-25 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 07:38 - 2014-09-18 19:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 07:38 - 2014-09-18 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 07:38 - 2014-09-18 18:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 07:37 - 2014-10-06 20:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 07:37 - 2014-10-06 20:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 07:37 - 2014-09-25 16:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 07:37 - 2014-09-25 16:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 07:37 - 2014-09-25 16:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 07:37 - 2014-09-25 16:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 07:37 - 2014-09-25 16:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 07:37 - 2014-09-25 16:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 07:37 - 2014-09-18 20:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 07:37 - 2014-09-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 07:37 - 2014-09-18 19:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 07:37 - 2014-09-18 19:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 07:37 - 2014-09-18 19:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 07:37 - 2014-09-18 19:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 07:37 - 2014-09-18 19:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 07:37 - 2014-09-18 19:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 07:37 - 2014-09-18 19:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 07:37 - 2014-09-18 19:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 07:37 - 2014-09-18 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 07:37 - 2014-09-18 19:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 07:37 - 2014-09-18 19:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 07:37 - 2014-09-18 19:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 07:37 - 2014-09-18 19:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 07:37 - 2014-09-18 19:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 07:37 - 2014-09-18 19:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 07:37 - 2014-09-18 19:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 07:37 - 2014-09-18 19:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 07:37 - 2014-09-18 19:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 07:37 - 2014-09-18 19:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 07:37 - 2014-09-18 19:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 07:37 - 2014-09-18 19:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 07:37 - 2014-09-18 19:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 07:37 - 2014-09-18 19:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 07:37 - 2014-09-18 18:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 07:37 - 2014-09-18 18:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 07:37 - 2014-09-18 18:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 07:37 - 2014-09-18 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 07:37 - 2014-09-18 18:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 07:37 - 2014-09-18 18:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 07:37 - 2014-09-18 18:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 07:37 - 2014-09-18 18:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 07:37 - 2014-09-18 18:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 07:37 - 2014-09-18 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 07:37 - 2014-09-18 18:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 07:37 - 2014-09-18 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 07:37 - 2014-09-18 18:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 07:37 - 2014-09-18 18:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 07:37 - 2014-09-18 18:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 07:37 - 2014-09-18 17:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 07:37 - 2014-09-18 17:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 07:37 - 2014-09-18 17:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 07:37 - 2014-09-18 17:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 07:28 - 2014-10-09 20:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-17 07:27 - 2014-10-09 20:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-17 07:27 - 2014-10-09 20:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-17 07:20 - 2014-09-28 18:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 07:20 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 07:20 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 07:20 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 07:20 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 07:20 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 07:20 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 07:19 - 2014-09-17 20:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 07:19 - 2014-09-17 19:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 07:19 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 07:19 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-17 07:07 - 2014-07-16 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 07:07 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 07:07 - 2014-07-16 20:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 07:07 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 07:07 - 2014-07-16 19:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 07:07 - 2014-07-16 19:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-17 07:07 - 2014-07-16 19:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-17 07:07 - 2014-07-16 19:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 07:07 - 2014-07-16 19:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 07:07 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 07:07 - 2014-07-16 19:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-17 07:05 - 2014-09-12 19:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 07:05 - 2014-09-12 19:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 06:57 - 2014-10-17 19:00 - 00000000 ____D () C:\Users\Owner\AppData\Local\{53D55A47-04C2-4A87-BB99-EB5B847DEB5C}
2014-10-17 06:39 - 2014-10-21 06:28 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-10-16 06:56 - 2014-10-16 18:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\{D1091A46-62BC-491D-9812-56BFB551B9A6}
2014-10-15 06:55 - 2014-10-15 18:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\{C2001DF5-52AC-45FA-B479-2B9D7FAECD58}
2014-10-14 20:20 - 2014-10-14 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-14 18:54 - 2014-10-14 18:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\{662121F5-0BB2-4352-9C81-BC3070221606}
2014-10-14 06:54 - 2014-10-14 06:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\{EA5E0CB8-4B63-44AD-B8E9-38F725497745}
2014-10-13 11:19 - 2014-10-13 11:19 - 00000000 ____D () C:\Users\Owner\Desktop\ferrara
2014-10-13 11:10 - 2014-10-13 11:11 - 00731411 _____ () C:\Users\Owner\Downloads\ferrara.zip
2014-10-13 06:51 - 2014-10-13 18:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\{EEF796E4-DAE4-465E-8791-9B3510E20089}
2014-10-11 09:06 - 2014-10-12 09:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\{62310050-1BBC-49AE-905A-AAEC4BFA85F3}
2014-10-10 05:57 - 2014-10-10 17:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\{F8F94F44-9526-4279-A4D4-A041A20E117B}
2014-10-09 05:55 - 2014-10-09 17:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\{E16BADBE-98A8-4296-83D8-B96C5F908EDA}
2014-10-08 12:04 - 2014-10-08 12:04 - 11796837 _____ () C:\Users\Owner\Downloads\eliseo.mp4
2014-10-08 05:54 - 2014-10-08 17:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4D85413F-A35D-41D3-B2DF-34A307A5F673}
2014-10-07 05:52 - 2014-10-07 17:53 - 00000000 ____D () C:\Users\Owner\AppData\Local\{47D72276-2CCA-4190-AFDB-6B9540CFE1E0}
2014-10-06 05:47 - 2014-10-06 17:49 - 00000000 ____D () C:\Users\Owner\AppData\Local\{18300D32-2BAE-4634-B2C0-0710E5266C43}
2014-10-05 11:36 - 2014-10-05 11:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\{202241CC-B513-49FB-B860-AD53874ADAEA}
2014-10-03 11:53 - 2014-10-03 11:54 - 10706126 _____ () C:\Users\Owner\Downloads\dinerocash2.mp4
2014-10-03 10:24 - 2014-10-03 10:25 - 10973358 _____ () C:\Users\Owner\Downloads\iscout1.1.mp4
2014-10-03 10:24 - 2014-10-03 10:25 - 10873447 _____ () C:\Users\Owner\Downloads\iscout2.mp4
2014-10-03 08:21 - 2014-10-03 20:21 - 00000000 ____D () C:\Users\Owner\AppData\Local\{F05F1B66-0993-4E8A-B66F-8D5534132015}
2014-10-02 06:02 - 2014-10-02 20:20 - 00000000 ____D () C:\Users\Owner\AppData\Local\{8977D01E-6E3A-49A0-BCE6-A6E82602CD39}
2014-10-01 06:34 - 2014-09-24 20:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 06:34 - 2014-09-24 19:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 05:59 - 2014-10-01 18:01 - 00000000 ____D () C:\Users\Owner\AppData\Local\{41854703-574F-41F5-976D-56F1AD9AE4FE}
2014-09-30 06:10 - 2014-09-29 06:07 - 04155688 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2014-09-30 05:49 - 2014-09-30 17:51 - 00000000 ____D () C:\Users\Owner\AppData\Local\{EEC02EBD-D540-4759-9935-7B8DC44FFAEE}
2014-09-29 10:17 - 2014-10-22 08:34 - 00075239 _____ () C:\Users\Owner\Documents\instaforexcallbase2auto.xlsx
2014-09-29 09:05 - 2014-09-29 09:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\{A95076ED-9162-4D76-AA6C-4BB7C8904946}
2014-09-28 09:04 - 2014-09-28 21:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\{AADDB0B9-EA59-41BB-AFFB-3F1101135D59}
2014-09-27 09:03 - 2014-09-27 21:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\{2DF95968-9E33-4B4F-BC8D-9E351043BDF1}
2014-09-26 05:57 - 2014-09-26 17:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\{A3AFDAF0-7190-41E9-8553-7A3FC5D4FB91}
2014-09-25 11:33 - 2014-09-25 11:35 - 10378740 _____ () C:\Users\Owner\Downloads\dinerocash.mp4
2014-09-25 11:32 - 2014-09-25 11:36 - 19204905 _____ () C:\Users\Owner\Downloads\rhcorregido.mp4
2014-09-25 05:55 - 2014-09-25 17:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\{D40A46C4-6AE3-4A57-AD4A-49C902F5C000}
2014-09-24 10:53 - 2014-09-24 10:53 - 02208571 _____ () C:\Users\Owner\Downloads\detox.mp4
2014-09-24 10:53 - 2014-09-24 10:53 - 02208571 _____ () C:\Users\Owner\Downloads\20140924_103454.mp4 (1).mp4
2014-09-24 06:30 - 2014-09-09 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 06:30 - 2014-09-09 15:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 05:54 - 2014-09-24 17:55 - 00000000 ____D () C:\Users\Owner\AppData\Local\{80E8F06D-822F-448B-AC36-8B1BD723627E}
2014-09-23 10:29 - 2014-09-23 10:29 - 15718367 _____ () C:\Users\Owner\Downloads\getgo.mp4
2014-09-23 05:52 - 2014-09-23 17:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\{50CB8658-6C5F-477E-BF03-1A0835E2F032}
2014-09-22 11:22 - 2014-09-22 11:23 - 19062381 _____ () C:\Users\Owner\Downloads\rhmanager.mp4
2014-09-22 05:49 - 2014-09-22 17:52 - 00000000 ____D () C:\Users\Owner\AppData\Local\{8E6D63FD-AD5A-4CA0-9B50-954C7AD5B7EC}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 11:24 - 2012-09-25 00:27 - 00000000 ____D () C:\Users\Owner\Documents\Outlook Files
2014-10-22 11:20 - 2011-01-06 09:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-10-22 11:14 - 2011-01-06 17:44 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000UA.job
2014-10-22 11:06 - 2013-12-27 07:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-22 11:00 - 2011-01-07 14:08 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E96D72F8-1D99-46E2-9036-5690B803C513}
2014-10-22 10:58 - 2013-11-10 13:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-22 10:19 - 2010-10-23 02:47 - 01292107 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 09:12 - 2011-10-25 08:35 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-21 18:00 - 2012-06-16 21:56 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-21 17:58 - 2013-11-10 13:09 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 14:14 - 2011-01-06 17:44 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000Core.job
2014-10-21 11:53 - 2014-09-04 14:06 - 00024038 _____ () C:\Users\Owner\Documents\infofinanciruby.xlsx
2014-10-21 07:11 - 2009-07-13 22:51 - 00159602 _____ () C:\Windows\setupact.log
2014-10-21 06:48 - 2009-07-13 22:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 06:48 - 2009-07-13 22:45 - 00025968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 06:35 - 2012-09-26 09:37 - 00000000 ___RD () C:\Users\Owner\Dropbox
2014-10-21 06:35 - 2012-09-25 12:17 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox
2014-10-21 06:20 - 2011-01-26 23:49 - 00000000 ____D () C:\Users\Owner\Tracing
2014-10-21 06:19 - 2014-01-25 05:55 - 00000883 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-10-21 06:19 - 2014-01-25 05:55 - 00000867 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-10-21 06:19 - 2011-10-29 16:48 - 00000410 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2014-10-21 06:19 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 14:09 - 2011-01-06 17:44 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000UA
2014-10-20 14:09 - 2011-01-06 17:44 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000Core
2014-10-19 11:25 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-10-19 09:12 - 2009-07-13 22:45 - 00446712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 09:08 - 2014-05-06 20:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 17:53 - 2013-11-10 13:10 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-17 17:53 - 2013-11-10 13:09 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 06:33 - 2012-05-25 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-13 19:43 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-10-13 07:12 - 2011-01-06 09:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-13 07:12 - 2010-07-10 20:56 - 00000000 ____D () C:\ProgramData\Skype
2014-10-09 16:11 - 2012-05-25 20:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mozilla
2014-10-02 15:53 - 2014-04-03 06:23 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-27 09:01 - 2009-07-13 23:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-26 11:04 - 2014-02-19 10:32 - 00073996 _____ () C:\Users\Owner\Documents\instaforexcallbase2.xlsx
2014-09-24 12:06 - 2013-12-27 07:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 12:06 - 2012-12-01 15:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 12:06 - 2011-06-23 12:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 05:46 - 2014-04-02 11:26 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Owner\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Owner\AppData\Local\Temp\COMAP.EXE
C:\Users\Owner\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Owner\AppData\Local\Temp\DivXWebPlayerInstaller.exe
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptjd8ua.dll
C:\Users\Owner\AppData\Local\Temp\eToroFXSol1140.EXE
C:\Users\Owner\AppData\Local\Temp\eToroSetup.exe
C:\Users\Owner\AppData\Local\Temp\eTypeSetup.exe
C:\Users\Owner\AppData\Local\Temp\gimp-2.6.11-i686-setup-1.exe
C:\Users\Owner\AppData\Local\Temp\GUR3B07.exe
C:\Users\Owner\AppData\Local\Temp\HPQSi.exe
C:\Users\Owner\AppData\Local\Temp\IminentSetup.exe
C:\Users\Owner\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Owner\AppData\Local\Temp\install_flash_player_10_moz.exe
C:\Users\Owner\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Owner\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\Owner\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Owner\AppData\Local\Temp\MyBabylonTB_google_20120807.exe
C:\Users\Owner\AppData\Local\Temp\ResetDevice.exe
C:\Users\Owner\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Owner\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Owner\AppData\Local\Temp\SP50498.exe
C:\Users\Owner\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Owner\AppData\Local\Temp\stopsignav.exe
C:\Users\Owner\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Owner\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Owner\AppData\Local\Temp\xvidupdate.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-16 19:52

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Owner at 2014-10-22 11:47:05
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: StopSign® Antivirus FREE TRIAL diagnostic version (Enabled - Up to date) {13CA23F7-708E-4D50-D87B-1E38FBAE289F}
AS: StopSign® Antispyware FREE TRIAL diagnostic version (Enabled - Up to date) {A8ABC213-56B4-42DE-E2CB-254A80296222}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Pro 7.0 (HKLM-x32\...\{F7FD5E5E-3F0C-4931-AA1B-EAB838BC02DB}) (Version: 7.0.713 - Sony)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13627 - Systweak Software) <==== ATTENTION
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
AnyMeeting Plug-in (HKLM-x32\...\{CC322A28-34BF-47F3-B2F0-69DBFC46A9F3}) (Version: 2.1.0 - AnyMeeting, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{ECD0D4B5-FFA9-6E1B-A08D-58E82EA5EEB9}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0617.855.14122 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0617.855.14122 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0617.855.14122 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help English (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help French (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help German (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0617.0854.14122 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0617.855.14122 - ATI) Hidden
ccc-utility64 (Version: 2010.0617.855.14122 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1616 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.5122 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.5122 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Download Guru v1.00 (HKLM-x32\...\Download Guru) (Version: v1.00 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{8EE9EEF5-B02E-4690-9DE9-0B1309889677}) (Version: 2.7.8313.0 - E&S Software, Ltd.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}) (Version: 5.38.4.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{7C36414C-DC87-4943-A525-BC1717BA17C9}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
InstaTrader 5 (HKLM-x32\...\InstaTrader 5) (Version: 5.00 - InstaForex Companies Group)
InstaTrader MultiTerminal 4.00 (HKLM-x32\...\{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}) (Version: 4.00 - MetaQuotes Software Corp.)
Internet Movil (HKLM-x32\...\Internet Movil) (Version: 21.005.15.00.288 - Huawei Technologies Co.,Ltd)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java™ 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java™ 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LogMeIn (HKLM-x32\...\{E217A3D4-2FF9-4D5F-9C20-1386E0FF9864}) (Version: 4.1.1890 - LogMeIn, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{2F8389AA-C867-49D0-AF30-10479F18C7A7}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version:  - )
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{52F63384-0FE8-41F5-B9C1-3331BE2E74F1}) (Version: 4.01.9714 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PC Auto Backup (HKLM-x32\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.00.0000 - Samsung)
PC Auto Backup (x32 Version: 1.00.0000 - Samsung) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
ROBLOX Player for Owner (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
StopSign Internet Security (HKLM-x32\...\EaccelSetup) (Version:  - eAcceleration)
Super Screen Recorder 4.0 (HKLM-x32\...\Super Screen Recorder_is1) (Version:  - ZeallSoft, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
ZTE HSDPA EDGE USB MODEM (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - ZTE)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2824287356-3010572496-946420747-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

02-10-2014 02:17:27 Windows Update
07-10-2014 16:31:06 Windows Update
14-10-2014 12:43:15 Windows Update
17-10-2014 13:22:25 Windows Update
18-10-2014 03:20:23 Windows Update
21-10-2014 12:36:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2011-01-16 17:28 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3F883BD4-E046-4BC6-B691-9390A66B97C3} - System32\Tasks\{EFC86805-C363-4027-90DD-F53302C6B809} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {4DF16C1B-7560-4833-9F31-8863F3213650} - System32\Tasks\RunAsStdUser Task => C:\Users\Owner\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
Task: {746B503C-1A91-490A-BF7B-2E2A42B8DC50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {8C4F694F-312C-41B7-AAB7-3A4A07EC7CC4} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-06-17] (Systweak) <==== ATTENTION
Task: {90BBF996-DF36-4AB5-A6EA-32568EF13591} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {ADC2E1D5-F3A7-4791-8D6F-FA398A60F1F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10] (Google Inc.)
Task: {B9D61101-D79A-4065-A60A-446246D92F39} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {C5FED6D3-BBD8-4EE4-A08A-F17C194FA886} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {C8EF55C4-769D-4A6B-9E03-3B3F5E984BC6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {D8609DFC-8B85-439A-8B5F-26DA9246ABFC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {D9C8CFFF-C58B-4D89-834C-CE8C4674EF02} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {E96702AD-482C-437E-9C29-89C2502D326C} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {F7885502-1F27-4AEC-A109-31825F3AFB0E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2824287356-3010572496-946420747-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-06-29 20:00 - 2010-06-29 20:00 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2011-03-14 09:27 - 2011-03-14 09:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-03-31 19:23 - 2012-03-31 19:21 - 00239968 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\ouc.exe
2011-01-19 13:15 - 2011-01-19 13:15 - 04730880 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
2010-09-03 12:11 - 2010-09-03 12:11 - 00520295 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-06-23 23:42 - 2010-06-23 23:42 - 00412456 ____N () C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll
2010-02-09 20:01 - 2010-02-09 20:01 - 01712184 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
2011-07-28 17:08 - 2011-07-28 17:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-21 09:09 - 2014-09-21 09:09 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 08:00 - 2014-03-14 08:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2010-06-10 17:42 - 2010-06-10 17:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-10-23 02:45 - 2010-10-23 02:45 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-18 17:26 - 2010-06-18 17:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 17:26 - 2010-06-18 17:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 17:26 - 2010-06-18 17:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 00011362 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\mingwm10.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 00043008 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\libgcc_s_dw2-1.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 02415104 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\QtCore4.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 01148416 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\QtNetwork4.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 00383488 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\QueryStrategy.dll
2012-03-31 19:23 - 2012-03-31 19:21 - 00398336 _____ () C:\ProgramData\Internet Movil\OnlineUpdate\QtXml4.dll
2010-04-30 13:02 - 2010-04-30 13:02 - 00172032 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\libpng13.dll
2010-04-30 13:02 - 2010-04-30 13:02 - 00057344 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\lang.dll
2014-06-25 22:15 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-06-25 22:15 - 2014-06-17 18:43 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-06-25 22:15 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-28 17:09 - 2011-07-28 17:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-21 06:34 - 2014-10-21 06:34 - 00043008 _____ () c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptjd8ua.dll
2013-08-23 13:01 - 2013-08-23 13:01 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-10-14 20:20 - 2014-10-14 20:20 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\viprecomsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\viprecomsvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2824287356-3010572496-946420747-500 - Administrator - Disabled)
Guest (S-1-5-21-2824287356-3010572496-946420747-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2824287356-3010572496-946420747-1002 - Limited - Enabled)
Owner (S-1-5-21-2824287356-3010572496-946420747-1000 - Administrator - Enabled) => C:\Users\Owner

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2014 06:54:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msnmsgr.exe, version: 15.4.3508.1109, time stamp: 0x4cda7240
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002dfc1
Faulting process id: 0xbd4
Faulting application start time: 0xmsnmsgr.exe0
Faulting application path: msnmsgr.exe1
Faulting module path: msnmsgr.exe2
Report Id: msnmsgr.exe3

Error: (10/13/2014 08:18:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7abf9
Faulting module name: AERTAC64.dll, version: 2.0.64.11, time stamp: 0x4b5f3624
Exception code: 0xc0000094
Fault offset: 0x000000000001499c
Faulting process id: 0x1aa4
Faulting application start time: 0xAUDIODG.EXE0
Faulting application path: AUDIODG.EXE1
Faulting module path: AUDIODG.EXE2
Report Id: AUDIODG.EXE3

Error: (09/30/2014 04:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hpqwmiex.exe, version: 4.0.39.1, time stamp: 0x4c24f856
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x00004660
Faulting process id: 0x1100
Faulting application start time: 0xhpqwmiex.exe0
Faulting application path: hpqwmiex.exe1
Faulting module path: hpqwmiex.exe2
Report Id: hpqwmiex.exe3

Error: (09/30/2014 10:52:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x96c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (09/30/2014 10:52:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 32.0.3.5379 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3e8

Start Time: 01cfdca600b7ff68

Termination Time: 2537

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 21866914-48c2-11e4-a40e-4a0f6e0d35d5

Error: (09/30/2014 06:09:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: terminal.exe, version: 4.0.0.670, time stamp: 0x008efe00
Faulting module name: terminal.exe, version: 4.0.0.670, time stamp: 0x008efe00
Exception code: 0xc0000005
Fault offset: 0x0039a7a3
Faulting process id: 0x17ec
Faulting application start time: 0xterminal.exe0
Faulting application path: terminal.exe1
Faulting module path: terminal.exe2
Report Id: terminal.exe3

Error: (09/26/2014 05:58:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: msnmsgr.exe, version: 15.4.3508.1109, time stamp: 0x4cda7240
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0002dfc1
Faulting process id: 0xdb0
Faulting application start time: 0xmsnmsgr.exe0
Faulting application path: msnmsgr.exe1
Faulting module path: msnmsgr.exe2
Report Id: msnmsgr.exe3

Error: (09/26/2014 07:15:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7abf9
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xd38
Faulting application start time: 0xAUDIODG.EXE0
Faulting application path: AUDIODG.EXE1
Faulting module path: AUDIODG.EXE2
Report Id: AUDIODG.EXE3

Error: (09/22/2014 03:09:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hpqwmiex.exe, version: 4.0.39.1, time stamp: 0x4c24f856
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x00004660
Faulting process id: 0x6f0
Faulting application start time: 0xhpqwmiex.exe0
Faulting application path: hpqwmiex.exe1
Faulting module path: hpqwmiex.exe2
Report Id: hpqwmiex.exe3

Error: (09/21/2014 09:06:21 AM) (Source: LogMeIn) (EventID: 111) (User: NT AUTHORITY)
Description: Exiting: The service control dispatcher has failed unexpectedly.


System errors:
=============
Error: (10/21/2014 06:00:38 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.6192.168.137.0255.255.255.0

Error: (10/21/2014 06:42:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.187.58.0).

Error: (10/21/2014 06:20:03 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.6192.168.137.0255.255.255.0

Error: (10/21/2014 06:20:03 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (10/21/2014 06:19:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SProtection service failed to start due to the following error:
%%2

Error: (10/21/2014 06:19:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Internet Movil. OUC service failed to start due to the following error:
%%1053

Error: (10/21/2014 06:19:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Internet Movil. OUC service to connect.

Error: (10/20/2014 08:58:20 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.6192.168.137.0255.255.255.0

Error: (10/20/2014 08:58:20 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (10/20/2014 08:57:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SProtection service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (10/14/2014 06:54:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: msnmsgr.exe15.4.3508.11094cda7240ntdll.dll6.1.7601.18247521ea8e7c00000050002dfc1bd401cfe7aa772e6ebaC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Windows\SysWOW64\ntdll.dll422f5f89-53a1-11e4-9c81-4a0f6e0d35d5

Error: (10/13/2014 08:18:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9AERTAC64.dll2.0.64.114b5f3624c0000094000000000001499c1aa401cfe6e62913622aC:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AERTAC64.dllbfe61e59-52e3-11e4-a158-4a0f6e0d35d5

Error: (09/30/2014 04:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.176764e58702ac000000500004660110001cfdca4701a46faC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dll64a52ad6-48f3-11e4-a40e-4a0f6e0d35d5

Error: (09/30/2014 10:52:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b96c01cfdca6a538c696C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll35d42311-48c2-11e4-a40e-4a0f6e0d35d5

Error: (09/30/2014 10:52:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.3.53793e801cfdca600b7ff682537C:\Program Files (x86)\Mozilla Firefox\firefox.exe21866914-48c2-11e4-a40e-4a0f6e0d35d5

Error: (09/30/2014 06:09:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: terminal.exe4.0.0.670008efe00terminal.exe4.0.0.670008efe00c00000050039a7a317ec01cfdca6f5506892C:\Program Files (x86)\InstaTrader\terminal.exeC:\Program Files (x86)\InstaTrader\terminal.exeaee6ce5e-489a-11e4-a40e-4a0f6e0d35d5

Error: (09/26/2014 05:58:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: msnmsgr.exe15.4.3508.11094cda7240ntdll.dll6.1.7601.18247521ea8e7c00000050002dfc1db001cfd97fac337af3C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Windows\SysWOW64\ntdll.dll0117d144-45d9-11e4-9e3c-4a0f6e0d35d5

Error: (09/26/2014 07:15:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9unknown0.0.0.000000000c00000050000000000000000d3801cfd9817c140084C:\Windows\system32\AUDIODG.EXEunknown23dda4ce-457f-11e4-9e3c-4a0f6e0d35d5

Error: (09/22/2014 03:09:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.176764e58702ac0000005000046606f001cfd65b17d182a6C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dllaec4d412-429c-11e4-a450-6431505ff95b

Error: (09/21/2014 09:06:21 AM) (Source: LogMeIn) (EventID: 111) (User: NT AUTHORITY)
Description:


==================== Memory info ===========================

Processor: AMD V140 Processor
Percentage of memory in use: 81%
Total physical RAM: 1786.9 MB
Available physical RAM: 325.41 MB
Total Pagefile: 4433.43 MB
Available Pagefile: 1607.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:215.36 GB) (Free:97.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.22 GB) (Free:2.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (1ero Crema 2014) (CDROM) (Total:0.61 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 4BE9BCC0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

There are signs of possible pirated Microsoft software on your machine. Are you aware of this? Please run the following tool and post the results.

 

MGADiag

1. Please click this link and run the tool.

2. A screen will come up with a Continue button. Please click Continue.

3. On the next screen will be a Copy button. Please click Copy and paste the contents in your next post.

 

Thank you.


  • 0

#5
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Just checking to see if you still need assistance.


  • 0

#6
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: trojan, babylon, spyware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP