Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

software restriction policy - how to remove? [Solved]

Started by itsmesunny , Oct 27 2014 02:51 PM

  • This topic is locked This topic is locked

#31
itsmesunny
Posted 30 October 2014 - 03:45 PM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok - here is FRST- Is that right? I just saw your reply above after I posted this.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014 01
Ran by User (administrator) on USER-R6PHPMKAQL on 30-10-2014 17:39:44
Running from C:\Documents and Settings\User\Desktop
Loaded Profile: User (Available profiles: User & Guest)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
(Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-08] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\idm2\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\idm2\idmsqsetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\idm2\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\idm2\rcpsetup_binstall2_binstall2.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\idm2\rcpsetup_binstall2_binstall2.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\idm2\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\idm2\rcpsetup_binstall2_binstall2.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\idm2\idmsqsetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\idm2\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\idm2\rcpsetup_binstall2_binstall2.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\idm2\rcpsetup_binstall2_binstall2.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\idm2\idmsqsetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\idm2\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\idm2\idmsqsetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\idm2\idmsqsetup.exe <====== ATTENTION
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [DellSystemDetect] => C:\Documents and Settings\User\Local Settings\Apps\2.0\7XLWQYXC.MCM\L5M53QYG.O88\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-22] (Dell)
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://groovorio.com...r=450736686&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...t&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...t&type=avastbcl
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://groovorio.com...r=450736686&ir=
SearchScopes: HKLM - {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://groovorio.com...r=450736686&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://groovorio.com...r=450736686&ir=
SearchScopes: HKCU - {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = https://search.yahoo...p={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 207.5.171.1 207.5.171.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\xodjqmx1.default-1413718828281
FF DefaultSearchEngine: Groovorio
FF SelectedSearchEngine: Groovorio
FF Homepage: www.startpage.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\xodjqmx1.default-1413718828281\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\xodjqmx1.default-1413718828281\searchplugins\Groovorio.xml
FF Extension: Social Fixer - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\xodjqmx1.default-1413718828281\Extensions\[email protected] [2014-10-19]
FF Extension: Ads no more - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\xodjqmx1.default-1413718828281\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi [2014-10-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]

Chrome:
=======
CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-26]
CHR Extension: (YouTube) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-26]
CHR Extension: (Google Search) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-26]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-26]
CHR Extension: (Gmail) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-26]
CHR Extension: (No Name) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\Temp(2) [2014-07-07]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-07] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel® PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-26] (Oracle Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\System32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [111208 2014-10-22] (RaMMicHaeL)
R2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-07] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-07] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-08] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-07] ()
R3 bpusbflt; C:\WINDOWS\System32\Drivers\bpusbflt.sys [9597 2003-10-10] (Micro Solutions, Inc.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
S3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
S3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 kxwdmdrv; C:\WINDOWS\System32\drivers\kx.sys [605832 2009-07-28] (Eugene Gavrilov)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [13632 2001-08-22] (Dell Computer Corporation) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-10-27] ()
S4 IntelIde; No ImagePath
S3 JL2005C; System32\Drivers\jl2005c.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 17:39 - 2014-10-30 17:40 - 00033643 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2014-10-30 17:38 - 2014-10-30 17:38 - 00000000 ____D () C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2014-10-30 17:31 - 2014-10-30 17:31 - 00002039 _____ () C:\Documents and Settings\User\Desktop\fixlist.txt
2014-10-30 11:10 - 2014-10-30 11:10 - 00163491 _____ () C:\Documents and Settings\User\Desktop\Double Chin.htm
2014-10-30 11:10 - 2014-10-30 11:10 - 00000000 ____D () C:\Documents and Settings\User\Desktop\Double Chin_files
2014-10-30 08:00 - 2014-10-30 08:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-29 07:54 - 2014-10-29 07:54 - 00000045 _____ () C:\Documents and Settings\User\Application Data\WB.CFG
2014-10-29 00:55 - 2014-10-29 00:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Widgets
2014-10-28 21:03 - 2014-10-28 21:04 - 31679168 _____ (Microsoft Corporation) C:\Documents and Settings\User\Desktop\Windows-KB890830-V5.17.exe
2014-10-28 20:06 - 2014-10-28 20:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\2308189059
2014-10-28 19:15 - 2014-10-29 19:47 - 00000000 ____D () C:\Documents and Settings\User\Application Data\vlc
2014-10-28 19:14 - 2014-10-28 19:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-10-28 19:09 - 2014-10-30 07:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InstaShare
2014-10-28 19:06 - 2014-10-30 17:06 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job
2014-10-28 19:06 - 2014-10-30 07:43 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Groovorio
2014-10-28 18:54 - 2014-10-28 18:54 - 00000792 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
2014-10-27 18:26 - 2014-10-30 17:39 - 00000000 ____D () C:\FRST
2014-10-27 14:59 - 2014-10-27 14:59 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-10-27 14:59 - 2014-10-27 14:59 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-10-27 14:57 - 2014-10-27 14:57 - 00010826 _____ () C:\WINDOWS\wmp11Uninst.log
2014-10-27 14:56 - 2014-10-27 14:56 - 00009279 _____ () C:\WINDOWS\KB940157Uninst.log
2014-10-27 14:51 - 2014-10-27 14:51 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\IsolatedStorage
2014-10-27 14:50 - 2014-10-27 14:50 - 00000000 ____D () C:\Program Files\Earth Networks
2014-10-27 14:49 - 2014-10-27 14:50 - 00000000 __HDC () C:\Documents and Settings\All Users\Application Data\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-27 14:49 - 2014-10-27 14:49 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall TW2.job
2014-10-27 14:49 - 2014-10-27 14:49 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall TW1.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall W2.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall W1.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\StormFall
2014-10-27 14:48 - 2014-10-27 14:48 - 00000000 ____D () C:\Documents and Settings\User\Application Data\StormFall
2014-10-27 11:47 - 2014-10-27 11:47 - 00000000 ____D () C:\Program Files\Babylon
2014-10-26 10:18 - 2014-10-27 07:39 - 00000000 ____D () C:\Documents and Settings\User\Desktop\Westward
2014-10-25 07:00 - 2014-10-25 21:51 - 00000000 ____D () C:\Program Files\DriverFinder
2014-10-25 06:59 - 2014-10-25 21:51 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DriverFinder
2014-10-24 08:15 - 2014-10-27 12:03 - 00000438 _____ () C:\WINDOWS\Tasks\SlimDrivers Scan.job
2014-10-23 13:36 - 2014-10-30 13:36 - 00000364 _____ () C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - User).job
2014-10-23 13:35 - 2014-10-23 13:42 - 00000000 ____D () C:\Program Files\SlimService
2014-10-23 13:35 - 2014-10-23 13:39 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2014-10-23 13:35 - 2014-10-23 13:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SlimWare Utilities Inc
2014-10-23 11:59 - 1999-12-31 20:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\system32\CSVer.dll
2014-10-23 11:29 - 2011-11-09 17:38 - 00132768 _____ (Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe
2014-10-23 11:28 - 2006-01-12 14:52 - 00001904 ____N () C:\WINDOWS\system32\SetupBD.din
2014-10-23 11:25 - 2007-11-28 22:38 - 00040056 _____ (Intel Corporation) C:\WINDOWS\system32\NicInst.dll
2014-10-23 11:25 - 2007-08-07 00:28 - 00028272 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo2.dll
2014-10-23 10:14 - 2014-10-23 10:14 - 00000000 ____D () C:\AVAST Software
2014-10-22 15:38 - 2014-10-27 14:56 - 00220184 _____ () C:\WINDOWS\setupapi.log
2014-10-22 14:16 - 2014-10-24 08:20 - 00000176 _____ () C:\WINDOWS\setupact.log
2014-10-22 14:16 - 2014-10-22 14:16 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-10-22 13:06 - 2014-10-22 13:06 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Dell
2014-10-22 11:56 - 2014-10-22 11:57 - 00005562 _____ () C:\WINDOWS\KB2378111.log
2014-10-22 10:39 - 2014-10-22 10:39 - 00006556 _____ () C:\WINDOWS\KB978695.log
2014-10-22 10:39 - 2014-10-22 10:39 - 00006423 _____ () C:\WINDOWS\KB954155.log
2014-10-22 10:39 - 2014-10-22 10:39 - 00006266 _____ () C:\WINDOWS\KB975558.log
2014-10-22 10:39 - 2014-10-22 10:39 - 00004341 _____ () C:\WINDOWS\KB2834904-v2.log
2014-10-22 10:02 - 2007-07-27 23:11 - 00016760 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-10-22 10:01 - 2014-10-22 10:02 - 00002844 _____ () C:\WINDOWS\MSCompPackV1.log
2014-10-22 09:59 - 2014-10-22 10:01 - 00018528 _____ () C:\WINDOWS\wmp11.log
2014-10-22 09:58 - 2014-10-27 15:01 - 00052002 _____ () C:\WINDOWS\spupdsvc.log
2014-10-22 09:58 - 2014-10-27 14:57 - 00002313 _____ () C:\WINDOWS\updspapi.log
2014-10-22 09:43 - 2014-10-22 09:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2014-10-22 09:42 - 2014-10-22 09:59 - 00080979 _____ () C:\WINDOWS\WMFDist11.log
2014-10-22 09:42 - 2014-10-22 09:56 - 00003138 _____ () C:\WINDOWS\Wudf01000Inst.log
2014-10-22 08:10 - 2014-10-22 08:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ParetoLogic
2014-10-22 08:09 - 2014-10-22 08:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ParetoLogic
2014-10-22 06:57 - 2014-10-22 06:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-10-18 12:49 - 2014-10-18 12:49 - 00155232 ____H () C:\WINDOWS\system32\mlfcache.dat
2014-10-17 14:24 - 2014-10-28 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-10-16 09:18 - 2014-10-28 19:19 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Articles on the Web
2014-10-16 09:05 - 2014-10-27 14:19 - 00000000 ____D () C:\Documents and Settings\User\My Documents\My TV Shows
2014-10-14 09:19 - 2014-10-27 12:36 - 00000000 ___RD () C:\Documents and Settings\User\My Documents\My Movies
2014-10-11 17:34 - 2014-10-28 18:54 - 00044828 _____ () C:\WINDOWS\wmsetup.log
2014-10-03 07:12 - 2014-10-03 07:12 - 00000000 ____D () C:\Documents and Settings\Guest\Application Data\Apple Computer
2014-10-02 07:51 - 2014-10-02 07:54 - 00000000 ____D () C:\WINDOWS\system32\NtmsData

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 17:40 - 2014-07-01 14:59 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\temp
2014-10-30 17:38 - 2014-06-25 12:54 - 01105408 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2014-10-30 17:30 - 2014-06-26 16:39 - 00000364 ___HC () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-10-30 17:18 - 2014-07-07 07:07 - 00000882 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 17:04 - 2013-02-23 03:04 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-30 17:04 - 2013-02-22 16:32 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-30 16:18 - 2009-06-17 09:25 - 00032566 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-30 07:47 - 2014-06-09 12:39 - 01877593 ____C () C:\WINDOWS\WindowsUpdate.log
2014-10-30 07:46 - 2014-07-07 07:07 - 00000878 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 07:46 - 2014-06-09 12:39 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-10-30 07:46 - 2014-06-09 12:39 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2014-10-30 07:46 - 2009-06-17 09:13 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2014-10-30 07:45 - 2014-06-06 21:01 - 00412766 ____C () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-30 07:45 - 2009-06-17 09:27 - 00000278 __SHC () C:\Documents and Settings\User\ntuser.ini
2014-10-30 07:40 - 2013-04-07 10:39 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Geeks2Go
2014-10-30 07:35 - 2014-07-09 09:08 - 00000000 ____D () C:\AdwCleaner
2014-10-29 09:42 - 2013-03-21 11:13 - 00000000 ____D () C:\Documents and Settings\User\Application Data\dvdcss
2014-10-29 06:22 - 2014-08-26 08:22 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-10-29 06:22 - 2014-08-26 08:22 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-10-29 06:19 - 2014-08-26 08:20 - 00000000 ____D () C:\Program Files\Java
2014-10-29 00:55 - 2013-03-26 22:15 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Yahoo
2014-10-29 00:55 - 2009-08-10 12:40 - 00000000 ____D () C:\Program Files\Yahoo!
2014-10-28 19:10 - 2014-09-10 10:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Unchecky
2014-10-28 18:54 - 2009-06-17 09:27 - 00000000 ___RD () C:\Documents and Settings\User\Start Menu\Programs\Accessories
2014-10-27 21:44 - 2014-06-12 18:16 - 01281646 ____C () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
2014-10-27 16:15 - 2009-06-17 11:31 - 00000000 ____D () C:\WINDOWS\SHELLNEW
2014-10-27 16:15 - 2009-06-17 09:13 - 00000000 ____D () C:\DELL
2014-10-27 16:15 - 2009-06-17 05:01 - 00000000 ___RD () C:\WINDOWS\Web
2014-10-27 16:14 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\Help
2014-10-27 15:36 - 2013-02-22 14:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-10-27 15:10 - 2014-06-09 11:46 - 00114904 ____C (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-27 15:09 - 2014-07-07 09:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-27 14:59 - 2002-09-03 13:11 - 00000670 ____C () C:\WINDOWS\win.ini
2014-10-27 14:57 - 2013-03-27 14:53 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-10-27 14:56 - 2014-09-22 11:24 - 00108834 _____ () C:\WINDOWS\FaxSetup.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00072064 _____ () C:\WINDOWS\ocgen.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00042902 _____ () C:\WINDOWS\tsoc.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00028920 _____ () C:\WINDOWS\comsetup.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00021257 _____ () C:\WINDOWS\ntdtcsetup.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00010818 _____ () C:\WINDOWS\iis6.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00005847 _____ () C:\WINDOWS\ocmsn.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00005449 _____ () C:\WINDOWS\msgsocm.log
2014-10-27 14:56 - 2014-09-22 11:24 - 00001393 _____ () C:\WINDOWS\imsins.log
2014-10-27 12:00 - 2014-07-04 09:32 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-10-25 07:27 - 2014-09-23 08:22 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-10-25 07:21 - 2014-07-07 14:15 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PCDr
2014-10-25 07:20 - 2014-06-05 14:52 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Deployment
2014-10-25 07:12 - 2009-06-17 09:40 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-10-24 08:19 - 2009-06-17 05:05 - 00637622 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-23 13:36 - 2014-06-05 20:17 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
2014-10-23 12:03 - 2009-06-17 09:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-23 11:30 - 2009-06-17 09:40 - 00000000 ____D () C:\Program Files\Intel
2014-10-22 10:09 - 2014-07-04 16:10 - 00000000 ____D () C:\Program Files\QuickTime
2014-10-22 10:04 - 2014-07-01 14:59 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-10-22 10:01 - 2014-09-22 11:24 - 00001393 _____ () C:\WINDOWS\imsins.BAK
2014-10-22 09:59 - 2009-06-17 09:12 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-10-22 09:55 - 2002-09-03 13:14 - 00002206 ____C () C:\WINDOWS\system32\wpa.dbl
2014-10-22 09:31 - 2014-07-29 20:08 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-10-22 09:31 - 2014-07-29 20:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-10-22 08:17 - 2014-07-29 20:09 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DivX
2014-10-21 23:20 - 2009-06-17 14:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB891781$
2014-10-21 22:22 - 2003-04-28 03:30 - 00000000 ____D () C:\Documents and Settings\User\My Documents\My Widgets
2014-10-18 16:00 - 2013-02-22 16:32 - 00701104 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-18 16:00 - 2013-02-22 16:32 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-18 12:42 - 2014-06-06 13:06 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Apple Computer
2014-10-18 12:42 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
2014-10-16 18:29 - 2009-08-22 14:54 - 00000000 ____D () C:\WINDOWS\Minidump
2014-10-15 17:46 - 2014-06-05 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 17:35 - 2009-06-17 13:11 - 100290944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-14 10:14 - 2014-07-05 11:20 - 00000000 ____D () C:\Program Files\Unchecky
2014-10-09 07:54 - 2014-07-08 06:19 - 00000178 __SHC () C:\Documents and Settings\Guest\ntuser.ini
2014-10-09 07:43 - 2014-07-08 06:19 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\temp
2014-10-01 11:11 - 2014-07-07 09:24 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-07-07 09:24 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\User\Local Settings\temp\43124uninstall.exe
C:\Documents and Settings\User\Local Settings\temp\ICReinstall_FileOpenerSetup.exe
C:\Documents and Settings\User\Local Settings\temp\jre-8u25-windows-au.exe
C:\Documents and Settings\User\Local Settings\temp\setup_wm.exe
C:\Documents and Settings\User\Local Settings\temp\Sqlite3.dll
C:\Documents and Settings\User\Local Settings\temp\System.Data.SQLite.dll
C:\Documents and Settings\User\Local Settings\temp\System.Data.SQLite57188.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


Edited by itsmesunny, 30 October 2014 - 03:47 PM.

  • 0

Advertisements

#32
itsmesunny
Posted 30 October 2014 - 04:01 PM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Here is fix.log -I hope this is correct. How about addition - post that here too?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-10-2014 01
Ran by User at 2014-10-30 17:48:46 Run:1
Running from C:\Documents and Settings\User\Desktop
Loaded Profile: User (Available profiles: User & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
C:\Program Files\Earth Networks
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing.
FF Homepage: www.startpage.com
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Babylon\Babylon-Pro\Utils\[email protected]
CHR Extension: (No Name) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\Temp(2) [2014-07-07]
S4 IntelIde; No ImagePath
S3 JL2005C; System32\Drivers\jl2005c.sys [X]
U3 TlntSvr; No ImagePath
2014-10-27 14:50 - 2014-10-27 14:50 - 00000000 ____D () C:\Program Files\Earth Networks
2014-10-27 14:49 - 2014-10-27 14:50 - 00000000 __HDC () C:\Documents and Settings\All Users\Application Data\{FA77A43D-F6ED-4924-87B5-517C061388C6}
2014-10-27 14:49 - 2014-10-27 14:49 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall TW2.job
2014-10-27 14:49 - 2014-10-27 14:49 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall TW1.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall W2.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall W1.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000484 _____ () C:\WINDOWS\Tasks\StormFall TM.job
2014-10-27 14:48 - 2014-10-27 14:48 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\StormFall
2014-10-27 14:48 - 2014-10-27 14:48 - 00000000 ____D () C:\Documents and Settings\User\Application Data\StormFall
2014-10-27 11:47 - 2014-10-27 11:47 - 00000000 ____D () C:\Program Files\Babylon
EmptyTemp:
end
*****************

Processes closed successfully.
C:\Program Files\Earth Networks => Moved successfully.
HKU\S-1-5-21-602162358-1275210071-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherBug => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Firefox homepage deleted successfully.
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3" => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => value deleted successfully.
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\Temp(2) => Moved successfully.
IntelIde => Service deleted successfully.
JL2005C => Service deleted successfully.
TlntSvr => Service deleted successfully.
"C:\Program Files\Earth Networks" => File/Directory not found.
C:\Documents and Settings\All Users\Application Data\{FA77A43D-F6ED-4924-87B5-517C061388C6} => Moved successfully.
C:\WINDOWS\Tasks\StormFall TW2.job => Moved successfully.
C:\WINDOWS\Tasks\StormFall TW1.job => Moved successfully.
C:\WINDOWS\Tasks\StormFall W2.job => Moved successfully.
C:\WINDOWS\Tasks\StormFall W1.job => Moved successfully.
"C:\WINDOWS\Tasks\StormFall TM.job" => File/Directory not found.
C:\Documents and Settings\User\Local Settings\Application Data\StormFall => Moved successfully.
C:\Documents and Settings\User\Application Data\StormFall => Moved successfully.
C:\Program Files\Babylon => Moved successfully.
EmptyTemp: => Removed 56.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====


  • 0

#33
itsmesunny
Posted 30 October 2014 - 04:07 PM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Naat -

 

I am sorry. I have gotten mixed up I guess. I appreciate your kindness and your patience.

 

The last maneuver required a restart and now Weatherbug is gone. :yes:

 

So now on the Desktop - I have the FRST icon, FRST, fixlog and Addition.


  • 0

#34
Naathim
Posted 31 October 2014 - 12:44 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hello :)

 

No need to post anything more right now. Please tell me what are the outstanding issues :)


  • 0

#35
itsmesunny
Posted 31 October 2014 - 08:26 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok - I understannd cuz you are strictly a malware guy for these purposes.

 

So the stuff on my Desktop I mentioned, can I just forget about them and trash them - frst, fixlog and addition?

 

One thing more - here once more is  what I have downloaded and installed and used in the past. Do I need to have those - or some of them -

which should I keep?

 

 

Foolish IT

KxAudio Driver

Revo UNiInstaller

Slim Drivers

Speccy

Adw Cleaner

Aulauncher

FRST

JRT

MiniToolBox

OTL

TFC

GMER gfujtf5t

GMER ixefyrrg

 

And then these

R114582

sndvol32


Edited by itsmesunny, 31 October 2014 - 08:30 AM.

  • 0

#36
Naathim
Posted 31 October 2014 - 06:32 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
All these should be gone after this one:


51a5ce45263de-delfix.png Clean with DelFix

Please download DelFix by Xplode and save it to your desktop.
  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.
Include it for my review.
Please also manually reboot your machine after posting your logfile.
  • 1

#37
itsmesunny
Posted 01 November 2014 - 09:48 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Ok. Here is it is:

 

# DelFix v10.8 - Logfile created 01/11/2014 at 11:46:19
# Updated 29/07/2014 by Xplode
# Username : User - USER-R6PHPMKAQL
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\User\Desktop\Addition.txt
Deleted : C:\Documents and Settings\User\Desktop\Fixlog.txt
Deleted : C:\Documents and Settings\User\Desktop\FRST.exe
Deleted : C:\Documents and Settings\User\Desktop\FRST.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #528 [System Checkpoint | 10/07/2014 00:21:55]
Deleted : RP #529 [System Checkpoint | 10/08/2014 01:50:05]
Deleted : RP #530 [System Checkpoint | 10/09/2014 12:41:13]
Deleted : RP #531 [System Checkpoint | 10/10/2014 14:16:05]
Deleted : RP #532 [System Checkpoint | 10/11/2014 18:10:29]
Deleted : RP #533 [System Checkpoint | 10/13/2014 00:48:55]
Deleted : RP #534 [System Checkpoint | 10/14/2014 13:42:17]
Deleted : RP #535 [System Checkpoint | 10/15/2014 14:04:28]
Deleted : RP #536 [Software Distribution Service 3.0 | 10/15/2014 21:33:23]
Deleted : RP #537 [System Checkpoint | 10/16/2014 22:57:00]
Deleted : RP #538 [System Checkpoint | 10/17/2014 23:27:19]
Deleted : RP #539 [Installed Safari | 10/18/2014 16:40:10]
Deleted : RP #540 [Removed Apple Software Update | 10/29/2014 01:57:59]
Deleted : RP #541 [Removed Apple Application Support | 10/29/2014 01:58:59]
Deleted : RP #542 [Removed Safari | 10/29/2014 02:11:18]
Deleted : RP #543 [System Checkpoint | 10/22/2014 04:46:02]
Deleted : RP #544 [Installed QuickTime 7 | 10/22/2014 10:59:06]
Deleted : RP #545 [Removed Apple Software Update | 10/22/2014 11:12:05]
Deleted : RP #546 [Installed Windows Media Player 11 | 10/22/2014 13:39:45]
Deleted : RP #547 [Software Distribution Service 3.0 | 10/22/2014 13:41:16]
Deleted : RP #548 [Installed Windows Media Player 11 | 10/22/2014 13:56:25]
Deleted : RP #549 [Installed Windows XP MSCompPackV1. | 10/22/2014 14:02:08]
Deleted : RP #550 [Software Distribution Service 3.0 | 10/22/2014 14:39:20]
Deleted : RP #551 [Software Distribution Service 3.0 | 10/22/2014 15:55:06]
Deleted : RP #552 [Removed Apple Software Update | 10/22/2014 19:53:40]
Deleted : RP #553 [Removed Apple Application Support | 10/22/2014 19:55:04]
Deleted : RP #554 [SlimDrivers Installing Drivers | 10/23/2014 15:21:16]
Deleted : RP #555 [Installed Intel® Network Connections. | 10/23/2014 15:28:49]
Deleted : RP #556 [Installed Realtek AC'97 Audio | 10/23/2014 16:05:07]
Deleted : RP #557 [Removed SlimCleaner Plus | 10/23/2014 17:39:09]
Deleted : RP #558 [System Checkpoint | 10/26/2014 16:24:48]
Deleted : RP #559 [System Checkpoint | 10/27/2014 16:28:11]
Deleted : RP #560 [System Checkpoint | 10/28/2014 18:36:04]
Deleted : RP #561 [Removed UpdateAdmin | 10/30/2014 11:23:26]
Deleted : RP #562 [Revo Uninstaller's restore point - Groovorio | 10/30/2014 11:41:04]
Deleted : RP #563 [Revo Uninstaller's restore point - InstaShare | 10/30/2014 11:43:50]
Deleted : RP #564 [System Checkpoint | 10/31/2014 17:17:24]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 


  • 0

#38
Naathim
Posted 01 November 2014 - 01:48 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
And that's fine. May I be helpful with some other things/questions?
  • 1

#39
itsmesunny
Posted 04 November 2014 - 11:06 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Hi Naat! :wave:

 

Maybe I am being too picky or just bothering you with stuff I could just let be. I dunno.

 

This is in my Geeks2Go folder of all the software that I have downloaded and used since the beginning:

 

Avast

Downloads - R11482zip and sdvol32 - which are 2 compressed zip folders.
Foolish IT

Kx Audio Driver

Malwarebytes

Revo

Slim Drivers

Speccy

Unchecky

 

AdwCleaner

AuLauncher

Auto Runs

JRT

Mini Tool Box

OTL
TFC

 

 

 

And of that list, this is what is in RevoUninstaller:

 

Avast

Malwarebytes

Slim Drivers

Speccy

Unchecky

 

And of that list, this is what is in Add/Remove Programs

 

Avast

Malwarebytes

Slim Drivers

Speccy

Unchecky

 

and

Crypto Prevent ( which is Foolish IT ) - ? so why is it not listed with the same name?

 

So my question is - Why are they all different and what needs to be here?

 

I remember you said that I ought to run malwarbytes once a week.

Well, I also have Avast which does the same thing - right? If so do I need both.

It seems like I should just keep Avast. Or is there a difference and I should run malwarebytes each week as you suggested?

 

So, I should just trash any that are NOT in the Revo and Add/Remove lists?

 

Thanks Naat. You have helpme me SO much.

 

:yes:


  • 0

#40
Naathim
Posted 05 November 2014 - 12:47 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

There isn't something like miraculous protection. Actually the best protection is a common sense when using your computer.

 

Things you should leave are:

- Avast - an AV is a must-have

- Malwarebytes - it has a different scanning engine than avast, because it is anti-malware program. they can be installed and are ran independently

- Cryptoprevent by FoolishIT - it is a tool that helps to secure your machine from plenty of ransomware and file encryptors using software policies

- Unchecky - helps you avoid extra junkware programs that come bundled with third-party software

 

Leave them and remove the others.


  • 0

Advertisements

#41
itsmesunny
Posted 06 November 2014 - 12:34 PM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Thanks Naat!  :yeah:

 

Don't I need kX Audio Driver for the sound?


Edited by itsmesunny, 06 November 2014 - 12:45 PM.

  • 0

#42
Naathim
Posted 07 November 2014 - 12:47 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
I don't know. But if you feel that you need it, just leave it :)
  • 0

#43
itsmesunny
Posted 07 November 2014 - 10:07 AM

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 307 posts

Well, I did trash it too just to see what would happen and yes I lost the sound but I fixed it by reinstalling

the sound card and the kXAudio driver. :yes:

 

So, I guess we are done here Naat - right?


  • 0

#44
Naathim
Posted 09 November 2014 - 04:05 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Yes we are. Take care Sunny, see you somewhere around :)
  • 1

#45
Naathim
Posted 09 November 2014 - 04:06 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP